Generating a proper WS-Security UsernameToken/PasswordDigest for Outgoing SOAP Calls?

Oliver D_sereck · ‎04-29-2015

Hi everyone,

As we all know, ServiceNow supports OOTB Basic, Certificate and Mutual Authentication when using Outbound SOAP Calls. This is great for most but unfortunately I now have a product that absolutely must use the OASIS UsernameToken/PasswordDigest Authentication

I have been looking around and strangely, found nothing about this topic. Has really no one come into this situation or am I the only one not getting this to work?

Using SOAPUI, I can generate the header and paste that directly into the SOAP Message Function but obviously that expires (even when set very high) and isnt the best way to go about it. I would rather be able to generate the full nonce and digest myself.

Anyone done this before?

Matt Saxton - G · ‎05-09-2015

a global function to call on the server to generate SHA1 hashes.

Oliver D_sereck · ‎05-10-2015

Hi Tony,

I am glad this was to use to you. I was pretty sure someone else needed SHA1's.

I have opened an enhancement request, lets hope this gets added at some point in time

Regards

Oliver

tony_barratt · ‎05-10-2015

Hi Oliver,

Matt has suggested that the facility to generate SHA1 hashes should be added to the ServiceNow product.

There is a KB here that explains how to request a product enhancement.

Please do raise a product enhancement based on your posting - which looks great to me.

ServiceNow KB: Requesting ServiceNow product enhancements (KB0547257)

Best Regards

Tony

himanshu7 · ‎05-10-2015

Fantastic work. Once I remember, we were stuck in which we have to pass key for OAuth in header. we achieved it through GlideHTTPClient.