Capturing Soap Message through Http Traffic (Web Services)

In this post i will to learn how to capture the Soap traffic communication of a Web Service.

I will cover two tools for this:

Suppose that i have my webservice running in this endpoint: http://192.168.2.102:9876/service?wsdl

Solution 1) Using WireShark:

WireShark is a tool for capture packets from network where the computer is on. We will use this tool for capture our http packet with soap message.
For download this tool access here: http://www.wireshark.org/download.html

If you are in a Debian Linux just make it: sudo apt-get install wireshark

Obs.: In linux you should execute the wireshark as “sudo wireshark” for access the network.

Step 1) Install Wireshark
Step 2) Open wireshark and go to: Edit -> Preferences -> Protocols -> HTTP and put your port at TCP Ports. In our example is 9876. Click at OK
Step 3) Go to Capture -> Interfaces -> Click at Options in your correct network adapter -> And fill as below:

Just type the filter “xml” at filter box and click at Apply:

Right now, you shouls invoke the Web Service through your favorite Client. (SoapUI for example, or from your software, java, python, ruby and etc …)

Finally, you will see the two packet http (Request and Response):

You can see many informations such as packet size, your soap envelope and many many others.

Observation: Using WireShark you need to use the ip, not use localhost or 127.0.0.1 because wireshark read the traffic when the message to come from other machine. So your client should be in other physical machine or other Virtual Machine works too

Solution 2: Using Apache TCPMON tool

The apache tcpmon is a tool that works like a proxy, your endpoint in your client should point to tcpmon and tcpmon point to your real webservice.

This tool is available here: http://ws.apache.org/commons/tcpmon/

This is a tutorial for how to use it: http://ws.apache.org/commons/tcpmon/tcpmontutorial.html

Observation: This tool works with localhost and 127.0.0.1

That is it. There is a lots of tool for capture packets and traffic Soa. These two is the most used for this proposit.

Bye.
Victor Jabur.