how password is sent from HP Service manager client to the server
I'm trying to interact with HP service manager using SOAP Requests,wireshark shows password from client is sent in a format not clear text and not base64. as i can see it is always characters between FEFE and EFEF like below any idea what type of this encoding or hashing?
Thanks, this explains that a two-way encryption is used and mention three types of encryption,I'm trying to generate the same, there is another key or value inserted with password to generate the encrypted form of password, do you know how the process is working?
Maybe, but I'm positive that HP wouldn't want you to be able to do that or simulate that. If you pass a valid ID and password via REST or SOAP (non-encrypted) that Service Manager knows, it should authenticate you. We do this with plenty of web service integrations...and the password is not encrypted before it is passed to Service Manager.
I'm trying to send same SOAP requests send by the HP client from my script using base64 password encoding or clear text, but the response keeps asking about the password and username
Service Manager comes with some sample web services clients that you can look at to see how they pass the username and password. More information around Web Services and those clients can be found here.
thanks, I don't have much knowledege about SOAP and WSDL, so it was easier to trace with wireshark how hp service manager client communicate with the server and try to send the same within a script, but i got stuck in how client send password format.
when a user login to hp service manager client he chooses quotes then his own team view (Enterprise support quote, Windows admin quote,..etc), then he will be able to see all requests assigned to his team view, how to do the same with SOAP requests?
Are you part of your Service Manager support team? If not, I would reach out to them for support.
Quotes are a part of Request Management. I don't think Service Manager comes with an out of the box WSDL for that (at least they didn't in earlier versions), so it'll take one of your admins to create one. From the WSDL, there is an out of box action called "Retrieve". For Incident Management, it would be "RetrieveIncidentListRequest". Using that you can do a query that might simulate those Views.