Amr_Es Absent Member.
Absent Member.
1480 views

how password is sent from HP Service manager client to the server

I'm trying to interact with HP service manager using SOAP Requests,wireshark shows password from client is sent in a format not clear text and not base64. as i can see it is always characters between FEFE and EFEF like below any idea what type of this encoding or hashing?

FEFE03ABEB28373287CF7D463BC4C887AC88EFEF

Tags (1)
0 Likes
7 Replies
TomPowe Acclaimed Contributor.
Acclaimed Contributor.

Re: how password is sent from HP Service manager client to the server

0 Likes
Amr_Es Absent Member.
Absent Member.

Re: how password is sent from HP Service manager client to the server

Thanks, this explains that a two-way encryption is used and mention three types of encryption,I'm trying to generate the same, there is another key or value inserted with password to generate the encrypted form of password, do you know how the process is working?

0 Likes
TomPowe Acclaimed Contributor.
Acclaimed Contributor.

Re: how password is sent from HP Service manager client to the server

Maybe, but I'm positive that HP wouldn't want you to be able to do that or simulate that.  If you pass a valid ID and password via REST or SOAP (non-encrypted) that Service Manager knows, it should authenticate you.  We do this with plenty of web service integrations...and the password is not encrypted before it is passed to Service Manager.

0 Likes
Amr_Es Absent Member.
Absent Member.

Re: how password is sent from HP Service manager client to the server

I'm trying to send same SOAP requests send by the HP client from my script using base64 password encoding or clear text, but the response keeps asking about the password and username

0 Likes
TomPowe Acclaimed Contributor.
Acclaimed Contributor.

Re: how password is sent from HP Service manager client to the server

Service Manager comes with some sample web services clients that you can look at to see how they pass the username and password.  More information around Web Services and those clients can be found here.

http://docs.software.hpe.com/SM/9.50/Codeless/Content/webservicesguide/concepts/consuming_a_service_manager_web_service.htm

0 Likes
Amr_Es Absent Member.
Absent Member.

Re: how password is sent from HP Service manager client to the server

thanks, I don't have much knowledege about SOAP and WSDL, so it was easier to trace with wireshark how hp service manager client communicate with the server and try to send the same within a script, but i got stuck in how client send password format.

when a user login to hp service manager client he chooses quotes then his own team view (Enterprise support quote, Windows admin quote,..etc), then he will be able to see all requests assigned to his team view, how to do the same with SOAP requests?

0 Likes
TomPowe Acclaimed Contributor.
Acclaimed Contributor.

Re: how password is sent from HP Service manager client to the server

Are you part of your Service Manager support team?  If not, I would reach out to them for support.

Quotes are a part of Request Management.  I don't think Service Manager comes with an out of the box WSDL for that (at least they didn't in earlier versions), so it'll take one of your admins to create one. From the WSDL, there is an out of box action called "Retrieve". For Incident Management, it would be "RetrieveIncidentListRequest". Using that you can do a query that might simulate those Views.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.