Outbound Web Service Basic Authentication issue
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2013 10:10 AM
Hello everyone,
I am testing an outbound Web Service call to a 3rd party application. The web service works fine in SoapUI using "Global HTTP Settings" and WSS-PAssword Type of "PasswordText", but fails with "invalid username or password" using Basic Authentication set in ServiceNow.
I am able to get the Web Service to work from ServiceNow by adding the un-encrypted login and password using the following structure, but I wanted to know if there was a more secure way to get it working from ServiceNow. Could the problem be special characters in the username or password? Any suggestions on how to get it working with Basic Authentication? Do I need a Java KeyStore? Thanks!
MyUsername@domain
MyPassword
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2013 06:54 AM
Ken,
But it looks as though your using wsse headers correct? This is part of the SOAP envelope, not part of the http headers. There is a way to modify the headers, but you said your request worked by adding in the wsse headers to the SOAP Envelope correct?
If that's the case, then passing the Basic Auth credentials(the only OOB functionality) is not acceptable at all. And you would need to actually build out the SOAPMessage script include to add the SOAP header (not request header). You can do this pretty easily by modifying the SOAPMessage Script Include the SOAPRequest Script Include.
SOAPMessage is what gets the information from your SOAP Message Function you have created, and then passes the data to make the request to SOAPRequest.
Hope this gets you on the right track to completing that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2013 07:13 AM
Thanks. That was already our plan, so thank you for confirming our planned approach. This item has been on the back burner for a while.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2013 06:38 AM
Ahh yes that makes sense. As I mentioned, your not actually using basic authentication, and therefore the out of box fields would not work.
We have done some research into using ntlm from Java with little success. I assume your doing this from a mid server? You have the option of turning basic authentication on on your sharepoint server. That is the simplest solution.
The issue is that NTLM is a Microsoft protocol. There are some Java packages out there that will help you do it, but our attempts at using them have mostly failed.
That is one reason why BHS actually has a compiled Sharepoint integration for ServiceNow. It uses any of the needed protocols.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2013 06:38 AM
Ahh yes that makes sense. As I mentioned, your not actually using basic authentication, and therefore the out of box fields would not work.
We have done some research into using ntlm from Java with little success. I assume your doing this from a mid server? You have the option of turning basic authentication on on your sharepoint server. That is the simplest solution.
The issue is that NTLM is a Microsoft protocol. There are some Java packages out there that will help you do it, but our attempts at using them have mostly failed.
That is one reason why BHS actually has a compiled Sharepoint integration for ServiceNow. It uses any of the needed protocols.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2015 03:31 PM
Just wanted to chime in since I ran across the same issue even after SN created a Workday Integration plugin. As Chris pointed out, it's the Header information that needs to be modified. I haven't delved into the final solution yet but, in testing individual function calls, adding this Header information returned data.
<SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>username@tenant</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
Hopefully this will help anyone else struggling to make this work.
