Notifications

645 views

Persisting an HTTP session across all REST calls

 

Problem
When using the REST API RestMessage, executing multiple REST calls in a loop does not use original session and creates several sessions that can in turn cause authentication errors.

 

 

Symptoms
  • When viewing stats.do, you may see a list of many sessions being created after running scripted REST API.
  • You receive 401 or 429  errors in subsequent REST calls when expecting to use the same session.
Cause
Session Cookie not formatted properly.
Resolution

Session RE-use is possible through the use of cookies.  Cookies are sent in the SET-COOKIE Header and can be retrieved by using the getCookies(); method. 

A cookie should be properly formatted in order to work. Example: 

Example Real Cookie returned from response:

[JSESSIONID=BDE538E6F87C4FA2DFFA0DA9F6E4E14F;Secure; Path=/; HttpOnly, glide_user="";Secure; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly, glide_user_session="";Secure; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly, glide_user_route=glide.9c5c58ba0c5169641af04031a4b26990;Secure; Expires=Wed, 02-Jan-2086 22:48:02 GMT; Path=/; HttpOnly, glide_session_store=41E2F0FDDBC38300E814FA56BF961953;Secure; Expires=Fri, 15-Dec-2017 20:03:55 GMT; Path=/; HttpOnly, BIGipServerpool_myinstancename=427827210.48704.0000; path=/]


Example of Cookie after formatted to send in subsequent calls:

JSESSIONID=BDE538E6F87C4FA2DFFA0DA9F6E4E14F;glide_user_route=glide.9c5c58ba0c5169641af04031a4b26990;glide_session_store=41E2F0FDDBC38300E814FA56BF961953;BIGipServerpool_myinstancename=427827210.48704.0000

The following code was used to properly format and store a cookie string and send in subsequent REST calls following an intial request:

var getCallRequest= new sn_ws.RESTMessageV2(); 
getCallRequest.setEndpoint('https://<instanceName>.service-now.com/api/now/table/incident/<int_sys_id>'); 
getCallRequest.setBasicAuth('username','password'); 
getCallRequest.setHttpMethod("get"); 
getCallRequest.setRequestHeader("Accept", "application/json"); 
 
//execute print response info: 
var getCallResponse = getCallRequest.execute(); 
gs.print("status code: " + getCallResponse.getStatusCode()); 
gs.print("body: " + getCallResponse.getBody()); 
 
//print cookie info 
var cookies = getCallResponse.getCookies(); 
gs.log("cookies>>>>" + cookies); 
 
//extract cookies from response 
var jsessionid = ""; 
var glide_user_route = ""; 
var glide_session_store = ""; 
var BIGipServerpool = ""; 
var cookiesArray = (''+cookies).split(';'); 
//iterate through all cookies, found interesing ones 
for ( var i = 0; i < cookiesArray.length; i++) { 
if( cookiesArray[i].indexOf("JSESSIONID") > -1) { 
jsessionid = cookiesArray[i].substring( 
cookiesArray[i].indexOf("JSESSIONID"),cookiesArray[i].length); 
if( cookiesArray[i].indexOf("glide_user_route") > -1) { 
glide_user_route = cookiesArray[i].substring( 
cookiesArray[i].indexOf("glide_user_route"),cookiesArray[i].length); 
if( cookiesArray[i].indexOf("glide_session_store") > -1) { 
glide_session_store = cookiesArray[i].substring( 
cookiesArray[i].indexOf("glide_session_store"), cookiesArray[i].length); 
if( cookiesArray[i].indexOf("BIGipServerpool") > -1 ) { 
BIGipServerpool = cookiesArray[i].substring( 
cookiesArray[i].indexOf("BIGipServerpool"), cookiesArray[i].length); 
 
//use same cookies in the next 50 calls 
var cookieValueStr = jsessionid + ";" + glide_user_route + ";" + glide_session_store + ";" + BIGipServerpool; 
gs.log(">>>>> cookieValueStr="+cookieValueStr); 
for (i = 0; i < 50; i++) 
//getCallRequest.setCookie(cookies); //setCookie not documented 
getCallRequest.setRequestHeader("Cookie",cookieValueStr); 
var putCallResponse = getCallRequest.execute(); 
gs.log(putCallResponse.getBody()); 

Article Information

Last Updated:2018-01-08 09:50:39
Published:2018-01-08