How to pass windows authentication parameters in outbound SOAP message

rajeev_kumar
Mega Contributor

‎03-14-2016 04:20 AM

We have a .net webservice in our internal environment ( It is hosted on windows IIS server) . We want to communicate with this webservice through service-now.

This webservice use windows authentication mechanism for access.

I am sending a soap message without credential (http://wiki.servicenow.com/index.php?title=Scripting_Outbound_SOAP#gsc.tab=0).Because I dont know where should I pass NTLM authentication. I am getting the below error in response.

"401 - Unauthorized: Access is denied due to invalid credentials."

We want to send credentials for NTLM authentication. How can we send it.

Similar question has been asked in user forum but solution is not available.

https://community.servicenow.com/thread/160640

I can not find anything related to windows authentication in api document

https://community.servicenow.com/community/develop/app-publisher/blog/2014/12/12/scoped-soapmessagev...

If you need more information then please let me know .

Thanks

0 Helpfuls
  • 4,357 Views
6 REPLIES 6

ChrisBurks
Mega Sage

‎03-14-2016 06:38 AM

For NTLM authentication I believe (I'm not certain) the client and the server need to exist in the same domain. If this is true, in order for your ServiceNow instance to communicate with your IIS server a MID server would need to be set up and associate that MID server to the SOAP function.



Really high overview:


MID Server sits on a machine within company's firewall


ServiceNow Soap Functions communicates with MID Server


MID Server communicates with internal servers and applications


MID Server sends data to ServiceNow.


0 Helpfuls

rajeev_kumar
Mega Contributor
In response to ChrisBurks

‎03-14-2016 07:32 AM

Hi Chris thank you for responding .Yes you are correct I'm using this approach only.


We are using Mid Server to communicate with this web service but the problem is in sending the Windows credentials in the soap message.



I have tested that if there is no windows authentication in the web service then I am successfully able to connect to this web service through Service now using Mid server. But we have to use the windows authentication in web service that is why we are facing the issue in communication.


0 Helpfuls

ChrisBurks
Mega Sage
In response to rajeev_kumar

‎03-14-2016 09:12 AM

Have you tried using the Basic Authentication in the SOAP function form and supplying the username with the domain first?


Setup a Basic Authentication profile with domain\username syntax and of course with password:


basic_auth_profile.png



Then select "Basic" as the Authentication type and associate that Basic profile to the soap function:



soap_function_with_basic_auth.png


Preview file
70 KB
Preview file
143 KB
0 Helpfuls

rajeev_kumar
Mega Contributor
In response to ChrisBurks

‎03-14-2016 10:32 PM

Hi Chris,


I think basic authentication is not same as windows(NTLM) authentication.


Though I tried it but result is same. [401 - Unauthorized: Access is denied due to invalid credentials]


find_real_file.png



Any other ideas ?



While sending the same request from Jmeter, I get below response headers.


find_real_file.png


So it means that we need to authenticate with Negotiate/NTLM


Preview file
10 KB
Preview file
11 KB
0 Helpfuls