Specifying authentication information for consuming a web service

When you create workflow to consume a BMC Remedy AR System server or external web service that requires a SOAP header, BMC Remedy Developer Studio checks the SOAP header elements specified in the WSDL. If the WSDL specifies the SOAP header elements, Developer Studio automatically creates a SOAPHeader element under the ROOT element. To communicate with any web service that requires authentication, you must use the Input Mapping table to map the source of the user name and password in the web services workflow.

When you add a Set Fields action to a filter or escalation and select WEB SERVICE as the data source, the Authentication field appears. Use this field to define the authentication type required for the web service. The options are:

• None — The web service does not require authentication.
• Custom — The external web service must be designed to recognize the fields that contain the user name and password. The SOAPHeader is not used to carry the user name and password. The password is sent unencrypted.
• AR Authentication — The web service is provided by a BMC Remedy AR System server. This option uses the AR System AuthenticationInfo data type in the SOAP header. The password is sent unencrypted.
• Username Token — The web service is an external web service that supports WS-Security Username Token 1.0. (Web Services that use Username Token 1.1 can be used, if they support 1.0 as well.) The password can be sent either as plain text or as a digest as specified in the WS-Security specification.

The following screenshot shows an example of selecting Username Token as an authentication type: