Skip to main content

Intercepting Core Service traffic with Fiddler

Image
By
Fiddler2 is a proxy that runs locally on your machine and stays in-between a client (i.e. typically your browser) and the remote server. It can this way intercept the communication between the two and display it in various formats.

So, in order to intercept communication with the Core Service, one should configure their Core Service client application to use the Fiddler proxy. The proxy installs itself on your local machine (when Fiddler starts), and on port 8888.

Intercepted communication shows up in Fiddler somewhat like this:

So, how do I specify a proxy in my client application? That depends on the technology used.

Java Core Service Clients

There are several ways of doing this, but the idea is that we need to set two properties:
  • http.proxyHost - the host name or IP of the proxy server (i.e. localhost for Fiddler);
  • http.proxyPort - the port the proxy is listening to (i.e. 8888 for Fiddler);
If you have access to the code, you can set them using the System.setProperty method:

      // Fiddler proxy
      System.setProperty("http.proxyHost", "localhost");
      System.setProperty("http.proxyPort", "8888");

If you have access to the JVM, set the system properties in the startup sequence of the JVM (using the -D notation):

    java -Dhttp.proxyHost=localhost -Dhttp.proxyPort=8888 ...

.Net Core Service Clients

Fiddler installs itself as default proxy and .Net uses the default system proxy by default :) So there is nothing specific you need to setup for .Net.

The only caveat is that I couldn't get it to work -- namely, the basicHttp authentication fails when communication goes through the Fiddler proxy. The following error message shows up:

The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'.

However, I can see the authentication attempts are intercepted by Fiddler.

UPDATE: If I use wsHttp endpoint, the authentication negotiation is successful and Fiddler intercepts the communication correctly.


Labels:

Comments

Post a Comment

Popular posts from this blog

Scaling Policies

By
This post is part of a bigger topic Autoscaling Publishers in AWS . In a previous post we talked about the Auto Scaling Groups , but we didn't go into details on the Scaling Policies. This is the purpose of this blog post. As defined earlier, the Scaling Policies define the rules according to which the group size is increased or decreased. These rules are based on instance metrics (e.g. CPU), CloudWatch custom metrics, or even CloudWatch alarms and their states and values. We defined a Scaling Policy with Steps, called 'increase_group_size', which is triggered first by the CloudWatch Alarm 'Publish_Alarm' defined earlier. Also depending on the size of the monitored CloudWatch custom metric 'Waiting for Publish', the Scaling Policy with Steps can add a difference number of instances to the group. The scaling policy sets the number of instances in group to 1 if there are between 1000 and 2000 items Waiting for Publish in the queue. It also sets the
Post a Comment
Read more

Toolkit - Dynamic Content Queries

By
This post if part of a series about the  File System Toolkit  - a custom content delivery API for SDL Tridion. This post presents the Dynamic Content Query capability. The requirements for the Toolkit API are that it should be able to provide CustomMeta queries, pagination, and sorting -- all on the file system, without the use third party tools (database, search engines, indexers, etc). Therefore I had to implement a simple database engine and indexer -- which is described in more detail in post Writing My Own Database Engine . The querying logic does not make use of cache. This means the query logic is executed every time. When models are requested, the models are however retrieved using the ModelFactory and those are cached. Query Class This is the main class for dynamic content queries. It is the entry point into the execution logic of a query. The class takes as parameter a Criterion (presented below) which triggers the execution of query in all sub-criteria of a Criterio
Post a Comment
Read more

Running sp_updatestats on AWS RDS database

By
Part of the maintenance tasks that I perform on a MSSQL Content Manager database is to run stored procedure sp_updatestats . exec sp_updatestats However, that is not supported on an AWS RDS instance. The error message below indicates that only the sa  account can perform this: Msg 15247 , Level 16 , State 1 , Procedure sp_updatestats, Line 15 [Batch Start Line 0 ] User does not have permission to perform this action. Instead there are several posts that suggest using UPDATE STATISTICS instead: https://dba.stackexchange.com/questions/145982/sp-updatestats-vs-update-statistics I stumbled upon the following post from 2008 (!!!), https://social.msdn.microsoft.com/Forums/sqlserver/en-US/186e3db0-fe37-4c31-b017-8e7c24d19697/spupdatestats-fails-to-run-with-permission-error-under-dbopriveleged-user , which describes a way to wrap the call to sp_updatestats and execute it under a different user: create procedure dbo.sp_updstats with execute as 'dbo' as
1 comment
Read more