Tuesday, 22 February 2011

Using Wireshark to capture the SOAP messages

Again this blog is my knowledge repository/diary. I have done something new which I haven’t done before; I have blog it here so that I can refer it when I want to reuse it again.

I was working with a webservice to which I would post a request message from my test harness and expected the response / resultset from it. But the response was an unexpected resultset. So I wanted to capture the outgoing request to the webservice and incoming response from it by intercepting and examining the SOAP messages exchanged to and from the webservice.

Before I was using an excellent tool to monitor traffic over a machine NIC called Packet sniffer. Now I wanted to use Wireshark (http://www.wireshark.org/download.html) another excellent network sniffing tool.

I have installed and running the Wireshark on my test machine where I am going to post the request message using the test harness to the webservice. Off course you can use Wireshark on any end, either at test harness end or at Webservice end. This is just a network sniffer, which can sniff both the incoming and outgoing messages.

Click “Capture” and select “Options”

Below is the screen shot of “Wireshark:Capture Options”.

clip_image002

Then do the following steps:

Step 1: In “Interface” dropdown list, select the appropriate network card to capture data from. There will be only one option if you have have only one ethernet card. If you’re not sure, no worries try by selecting the different network card and see whether the tool captures any data for the selected card. If it doesn’t, then change the option.

Step 2: Enter “tcp port 8080” in the “Capture Filter:” This filter instructs the Wireshark to capture TCP packets over the port 8080. You can get the port number from the webservice object’s URL property or from the Endpoint definition of your webservice.

Step 3: Click “Start”

Now Wireshark is ready to capture the network traffic over the port 8080. Send some calls to the webservice. After sending the request and receving the response, stop the capture by selecting Capture->Stop or press Control+E.

By default you will have three panel view: Packet List, Packet Details and Packet Bytes.

Packet List is at the top, Packet Details is in the middle and PacketBytes is at the bottom of the window.

clip_image004

Now you have captured the all the network traffics over  the port 8080. All of them would be listed in the Packet List panel. Select one by one and see their details in the Packet Details panel. In the Packet Detail panel you will have tree node like structure. Expand the Hypertext Transfer Protocol, and then look for a node called “Data:” under it. Select the node “Data:” and in the Packet Bytes panel you would see the actual data captured, as shown in the above picture. To read the data in a better way, right-click on the “Data:” node in the Packet Details panel, select Copy->Bytes (Printable Text only) and paste it in a note pad to see the exact xml message being passed to the webservice.

clip_image006

<?xml version="1.0" encoding="utf-8"?>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

<soap:Body>………………………………………………..

This is the SOAP request sent across to the webservice and we will capture the SOAP response from the webservice. In the Packet List panel, go through the list after the SOAP request. And you will see the SOAP response on the Packet Details panel itself.

clip_image008

1 comments:

Todaydownload.com said...

Interesting post and thanks for sharing. Some things in here I have not thought about
before.Thanks for making such a cool post which is really very well written.
will be referring a lot of friends about this.Keep blogging.
Get Wireshark