none
Tool to trace WCF Rest with SSL Requests and responses RRS feed

  • Question

  • Please tell me the tools to trace the HTTP /HTTPS Requests / responses for WCF Restful serivices.
     
    I have using Fiddler. Actually i am testing for HTTPS. So i wanna see whether my post requests and responses are going in encrypted or not.
     
    please tell me the tools
    Wednesday, September 11, 2013 12:42 PM

Answers

  • Hi,

    The fiddler will be a good tool for trace the HTTP /HTTPS Requests.

    Also the Wireshark will be another good choice which gets HTTP and anything else you want to look at.

    #Wireshark:
    http://www.wireshark.org/download.html .

    #Capturing HTTP traffic using Wireshark or Fiddler:
    https://confluence.atlassian.com/display/CONFKB/Capturing+HTTP+traffic+using+Wireshark+or+Fiddler .

    Best Regards,
    Amy Peng


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.


    Thursday, September 12, 2013 5:26 AM
    Moderator
  • Hi,

    As you said that you have use the transport security mode, then it will encrypt the transport channel, not the message. The transport security provides only point-to-point channel security. It means that HTTPS establish secure channel only between client and server exposed to client. But if this server is just a load balancer or reverse proxy server it has direct access to content of the message.

    But Message security encrypt the message, it means that security is part of transferred data and only intended destination can decrypt the data (load balancer or proxy sees only encrypted message).

    Best Regards,
    Amy Peng


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

    Friday, September 20, 2013 8:05 AM
    Moderator

All replies

  • I have created wcf rest with SSL self hosted certificate. I have deployed my service in my local system (.i.e Intranet). 

    I have tested in my fiddler tool. But i want to check wheather my messages going securely or not. So that i have add tracing and logging in my config file as shown in below.
     

    Problem is the requests and responces or anything is not writing into my logs.  

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>

        <system.web>
            <compilation debug="true" targetFramework="4.0"/>
        </system.web>
        <system.serviceModel>
            <services>
                <service name="PracticeWcfService1.Service1">

                    <endpoint address="RestType" behaviorConfiguration="PracticeWcfService1.Service1ehaviour" binding="webHttpBinding"
                              contract="PracticeWcfService1.IService1" name="RestClient">
                        <identity>
                            <dns value="localhost" />
                        </identity>
                    </endpoint>

                    <endpoint address="RestTypeWithSecure" behaviorConfiguration="PracticeWcfService1.Service1ehaviour" binding="webHttpBinding"
                              contract="PracticeWcfService1.IService1" name="RestClientWithSecure" bindingConfiguration="PracticeWcfService1.Services.ClientServicesEndpointBinding">
                        <identity>
                            <dns value="localhost" />
                        </identity>
                    </endpoint>
                    
                    <endpoint address="SoapType" binding="basicHttpBinding" contract="PracticeWcfService1.IService1" name="SoapClient">
                        <identity>
                            <dns value="localhost" />
                        </identity>
                    </endpoint>
                    
                    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>

                    <host>
                        <baseAddresses>
                            <add baseAddress="http://localhost:33333/Service1.svc" />
                        </baseAddresses>
                    </host>
                    
                </service>
            </services>
            <bindings>
                <webHttpBinding>
                    <binding name="PracticeWcfService1.Services.ClientServicesEndpointBinding">
                        <security mode="Transport">
                        </security>
                    </binding>
                </webHttpBinding>
            </bindings>
            <behaviors>
                <endpointBehaviors>
                    <behavior name="PracticeWcfService1.Service1ehaviour">
                        <webHttp/>
                    </behavior>
                </endpointBehaviors>
                <serviceBehaviors>
                    <behavior>
                        <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                        <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
                        <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                        <serviceDebug includeExceptionDetailInFaults="true" />
                        <serviceThrottling maxConcurrentCalls="500" maxConcurrentInstances="250"/>
                    </behavior>

                </serviceBehaviors>
            </behaviors>
            <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
            <diagnostics>
                <messageLogging logEntireMessage="true"
                                logMessagesAtServiceLevel="true"
                                logMessagesAtTransportLevel="true"
                                maxMessagesToLog="200000"
                                maxSizeOfMessageToLog="200000"/>
            </diagnostics>
        </system.serviceModel>
        <system.diagnostics>
            <sources>
                <source name="System.ServiceModel" switchValue="All"
                  propagateActivity="true">
                    <listeners>
                        <add type="System.Diagnostics.DefaultTraceListener" name="Default">
                            <filter type="" />
                        </add>
                        <add name="ServiceModelTraceListener">
                            <filter type="" />
                        </add>
                    </listeners>
                </source>
                <source name="System.ServiceModel.MessageLogging" switchValue="All">
                    <listeners>
                        <add type="System.Diagnostics.DefaultTraceListener" name="Default">
                            <filter type="" />
                        </add>
                        <add name="ServiceModelMessageLoggingListener">
                            <filter type="" />
                        </add>
                    </listeners>
                </source>
            </sources>
            <sharedListeners>
                <add initializeData="C:\Users\sdanda\Downloads\PracticeWcfService1\PracticeWcfService1\Messages.svclog"
                  type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                  name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
                    <filter type="" />
                </add>
                <add initializeData="C:\Users\sdanda\Downloads\PracticeWcfService1\PracticeWcfService1\Tracelog.svclog"
                  type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                  name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
                    <filter type="" />
                </add>
            </sharedListeners>
            <trace autoflush="true" />
        </system.diagnostics>
        <system.webServer>
            <modules runAllManagedModulesForAllRequests="true" />
            <directoryBrowse enabled="true" />
        </system.webServer>
    </configuration>


    I have tested by changing the mexHttpBinding to mexHttpsBinding and HttpsEnabled=true tags, but no use.

    Please help me how can i see the weather my messages going securely or not?? otherwise is there any way to check the messages going with encrypted or not??

    Thanks in Advance





    Wednesday, September 11, 2013 9:57 AM
  • Fiddler utility should definitely help. You can also try WCF Tracing as explained in following links

    http://debugmode.net/2011/06/22/tracing-in-wcf-understanding-basic-steps/
    http://stevenhollidge.blogspot.in/2011/03/how-to-enable-tracing-for-wcf-service.html
    http://msdn.microsoft.com/en-us/library/ms732023.aspx


    Gaurav Khanna | Microsoft VB.NET MVP | Microsoft Community Contributor

    Wednesday, September 11, 2013 6:45 PM
  • Hi,

    The most easy way to see all the request and response is to use the WCF Test Client, Please hit F5 to start the WCF Test Client. Then the WCF Test Client will logs all the messages the service receives and sends out as bellow:

    WCF Test Client XML View

    Other way is to use the fillder to get all the request and response data.
    #Fillder:
    http://fiddler2.com/ .

    Best Regards,
    Amy Peng


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

    Thursday, September 12, 2013 1:33 AM
    Moderator
  • Thanks but I have already applied that logging concept but its not writing into my log file. Please see below post that i have posted previously.. 

    social.msdn.microsoft.com/Forums/vstudio/en-US/20afb56d-f877-4879-bacf-961fc834ae4c/how-to-log-trace-a-wcf-restful-with-ssl-webservice#20afb56d-f877-4879-bacf-961fc834ae4c


    • Edited by Satya Pratap Thursday, September 12, 2013 5:20 AM
    Thursday, September 12, 2013 5:20 AM
  • Hi,

    The fiddler will be a good tool for trace the HTTP /HTTPS Requests.

    Also the Wireshark will be another good choice which gets HTTP and anything else you want to look at.

    #Wireshark:
    http://www.wireshark.org/download.html .

    #Capturing HTTP traffic using Wireshark or Fiddler:
    https://confluence.atlassian.com/display/CONFKB/Capturing+HTTP+traffic+using+Wireshark+or+Fiddler .

    Best Regards,
    Amy Peng


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.


    Thursday, September 12, 2013 5:26 AM
    Moderator
  • Yes i have tested in my local system. But it is giving an error. This is because of SecurityMode= transport only. But it is worked perfectly if i commented that Securitymode tag. But i want to see the encrypted requests and responses. So that i am used tracing techniques. I have used Fiddler also but no use. 


    Thursday, September 12, 2013 6:51 AM
  • Hi,

    As you said that you have use the transport security mode, then it will encrypt the transport channel, not the message. The transport security provides only point-to-point channel security. It means that HTTPS establish secure channel only between client and server exposed to client. But if this server is just a load balancer or reverse proxy server it has direct access to content of the message.

    But Message security encrypt the message, it means that security is part of transferred data and only intended destination can decrypt the data (load balancer or proxy sees only encrypted message).

    Best Regards,
    Amy Peng


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

    Friday, September 20, 2013 8:05 AM
    Moderator