Dear Wiki user, You have subscribed to a wiki page or wiki category on "Ws Wiki" for change notification.
The following page has been changed by RichardUnger: http://wiki.apache.org/ws/FrontPage/Axis/Logging/Logging_with_SSL New page: [[TableOfContents]] [[AttachList("FrontPage/Axis/DynamicSSLConfig")]] This page describes a logging facility created to aid in Axis development. See also ["FrontPage/Axis/DynamicSSLConfig"] for more information, and to download the code. === The Problem === Axis comes with a LogHandler which can be used to dump SOAP requests/responses to a log file. Normally, this works very well, but has the following shortcomings: * Cannot see HTTP messages, only the SOAP messages are shown. If there is no SOAP message, nothing can be logged. * Not seeing HTTP messages means you cannot see the HTTP headers, nor any attachments included using the MIME or DIME standards * All logs are written to the same file, to get at the trace you need requires finding it in the file, and then copy and pasting it into another program for formatting The first point can be solved by employing a HTTP Tunnel Monitor, which sits between the client and server and displays the messages sent/received as they go past. However, the use of a Tunnel Monitor is not possible when employing SSL, especially when also using client authentication based on certificates. In this case the connection has to be established directly between client and server. The tunnel monitor cannot be used, because it would create a "break" in the SSL authentication, and authentication would fail. For this reason we had a need for Logging at the HTTP level from inside Axis. === The Solution === To solve this we implemented an extension to the java Socket class. This so-called "!LoggingSocket" is inserted into Axis by a special Axis Engine Configuration class (SSL!ClientAxisConfig) in conjunction with an implementation of !SecureSocketFactory. Simply configure the SSL!ClientAxisConfig to use logging, and supply a base directory within which the log files will be created. * Seperate log files are created for each request and response. * The log files are created after the response is received, so not receiving a response usually means neither the request nor the response are logged. * The log files are stored with a filename of <timestamp>_A_outgoing or <timestamp>_B_incoming * The log files will contain the complete HTTP request/response, including headers, cookies, authorization fields and the complete body The following is a sample of using the HTTP logging: {{{ // create config boolean logging = true; // activate logging SSLClientAxisEngineConfig axisConfig = new SSLClientAxisEngineConfig(); axisConfig.setKeystore("/path/to/clientkey.p12"); axisConfig.setKeystoreType("PKCS12"); axisConfig.setKeystorePassword("changeit"); axisConfig.setTruststore("/path/to/truststore.jks"); axisConfig.setTruststoreType("JKS"); axisConfig.setTruststorePassword("changeit"); if (logging) axisConfig.setDebugBaseDir("/path/to/logs"); axisConfig.initialize(logging); // initialize service URL soapURL = new URL("https://myserver.com/myapp/services/mywebserviceport";); MyWebServiceServiceLocator locator = new MyServiceLocator(axisConfig); MyWebServicePort port = locator.getMyWebServicePort(soapURL); MyWebServiceBindingStub stub = (MyWebServiceBindingStub) port; // make a call to the webservice (assume no params for this operation) MyResultType result = stub.myoperation1(); }}} Note: In the example above it is assumed that you have created the client stubs for the web service "!MyWebService" using the Axis WSD!L2Java tool. After the call to myoperation() the log directory specified should contain 2 files, one with "outgoing" in the filename (the request), and one with "incoming" in the filename, the response. === Shortcomings === * Does not work if HTTP keep-alive is enabled on the connection, as the close() method of the socket is used to trigger the logging * Filenames for logfiles not configurable * /!\ Do not use in production setups! This code is ok for development, but logging should be switched off in productive setups === Comments, Feedback, Support === This code is supplied back to the apache foundation, without any support or warranty. Use at your own risk. The author and his employer assume no responsibility for damages resulting in the use of this code or these instructions. Feel free to use the code in any way you want but do not expect support. Should you have questions about the code, please feel free to contact me (the Author) at: runger --AT-- aon.at --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
