You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Giriraj Bhojak <gi...@gmail.com> on 2014/05/13 00:05:32 UTC
Logging clear-text message
Hi,
I am using cxf (2.7.8 )with wss4j(1.6.13).
For the sake of debugging I need to see the outgoing messages.
I have added cxf:inInterceptors and cxf:outInterceptors in the spring
config.
This helps me see the signed and encrypted message.
Is there a way to see the clear-text version of the message?
I have used JAXB marshaller to print the message but I am trying to avoid
writing any code to see the message.
Thanks,
Giriraj.
RE: Logging clear-text message
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
I think LoggingOutInterceptor should log clear text message, because it is invoked on PRE_STREAM phase, before the WSS4JOutInterceptor (PRE_PROTOCOL, POST_PROTOCOL).
Regards,
Andrei.
> -----Original Message-----
> From: Giriraj Bhojak [mailto:giriraj2k@gmail.com]
> Sent: Dienstag, 13. Mai 2014 00:06
> To: users@cxf.apache.org
> Subject: Logging clear-text message
>
> Hi,
>
> I am using cxf (2.7.8 )with wss4j(1.6.13).
> For the sake of debugging I need to see the outgoing messages.
> I have added cxf:inInterceptors and cxf:outInterceptors in the spring config.
> This helps me see the signed and encrypted message.
> Is there a way to see the clear-text version of the message?
> I have used JAXB marshaller to print the message but I am trying to avoid
> writing any code to see the message.
>
> Thanks,
> Giriraj.
RE: Logging clear-text message
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
My statement was incorrect, sorry for that.
Logging interceptors write encrypted messages, because they use either with OutputStream or Writer content and logging only after encryption on the XML level (SOAPMessage in 2.7.X and XMLStream in 3.0.0).
Dan, thanks for providing comprehensive answer.
Regards,
Andrei.
> -----Original Message-----
> From: Daniel Kulp [mailto:dkulp@apache.org]
> Sent: Dienstag, 13. Mai 2014 17:01
> To: users@cxf.apache.org; Giriraj Bhojak
> Subject: Re: Logging clear-text message
>
>
> The Logging interceptors run at a byte stream level and only would see the
> "secured" message. To log the unsecured message, you would need to write a
> different interceptor to handle that. Unfortunately, its also going to be
> different for CXF 2.7.x and CXF 3.x due to changes in the security handling.
>
> For 2.7.x, you can write an interceptor that would run after the
> WSS4JInInterceptors that would do a:
>
> message.getContent(Document.class)
>
> and prints the DOM. For 3.x with the new streaming security interceptors, it
> would be way more complex. You'd have to grab the XMLStreamReader from
> the message, wrapper it with a new stream reader that would then record the
> read events. (the wrapped stream reader method would also work for 2.7.x,
> but like I said, a bit more complex to write)
>
> Dan
>
>
>
> On May 12, 2014, at 6:05 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
>
> > Hi,
> >
> > I am using cxf (2.7.8 )with wss4j(1.6.13).
> > For the sake of debugging I need to see the outgoing messages.
> > I have added cxf:inInterceptors and cxf:outInterceptors in the spring
> > config.
> > This helps me see the signed and encrypted message.
> > Is there a way to see the clear-text version of the message?
> > I have used JAXB marshaller to print the message but I am trying to
> > avoid writing any code to see the message.
> >
> > Thanks,
> > Giriraj.
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog Talend Community Coder -
> http://coders.talend.com
Re: Logging clear-text message
Posted by Daniel Kulp <dk...@apache.org>.
I think you would just need to move the phase to a later phase. Likely in the Phase.USER_PROTOCOL phase.
Dan
On May 13, 2014, at 12:07 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
> Thank you Daniel and Andrei.
> Here is new interceptor I just wrote for outgoing messages:
>
> import org.apache.cxf.interceptor.Fault;
> import org.apache.cxf.message.Message;
> import org.apache.cxf.phase.AbstractPhaseInterceptor;
> import org.apache.cxf.phase.Phase;
> import org.w3c.dom.Document;
>
> public class LoggingOutInterceptor extends
> AbstractPhaseInterceptor<Message> {
>
> public LoggingOutInterceptor() {
> super(Phase.PRE_PROTOCOL);
> }
>
> public void handleMessage(Message message) throws Fault {
>
> Document document = message.getContent(Document.class);
> }
>
> }
>
> The document is null. While debugging I see that the actual object I am
> trying to send is in contents[] array of
> org.apache.cxf.message.MessageImpl.
> But I haven't been able to retrieve it yet. Any idea what I am doing wrong?
>
> Thanks,
> Giriraj.
>
>
>
>
> On Tue, May 13, 2014 at 11:00 AM, Daniel Kulp <dk...@apache.org> wrote:
>
>>
>> The Logging interceptors run at a byte stream level and only would see the
>> “secured” message. To log the unsecured message, you would need to write
>> a different interceptor to handle that. Unfortunately, its also going to
>> be different for CXF 2.7.x and CXF 3.x due to changes in the security
>> handling.
>>
>> For 2.7.x, you can write an interceptor that would run after the
>> WSS4JInInterceptors that would do a:
>>
>> message.getContent(Document.class)
>>
>> and prints the DOM. For 3.x with the new streaming security
>> interceptors, it would be way more complex. You’d have to grab the
>> XMLStreamReader from the message, wrapper it with a new stream reader that
>> would then record the read events. (the wrapped stream reader method
>> would also work for 2.7.x, but like I said, a bit more complex to write)
>>
>> Dan
>>
>>
>>
>> On May 12, 2014, at 6:05 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I am using cxf (2.7.8 )with wss4j(1.6.13).
>>> For the sake of debugging I need to see the outgoing messages.
>>> I have added cxf:inInterceptors and cxf:outInterceptors in the spring
>>> config.
>>> This helps me see the signed and encrypted message.
>>> Is there a way to see the clear-text version of the message?
>>> I have used JAXB marshaller to print the message but I am trying to avoid
>>> writing any code to see the message.
>>>
>>> Thanks,
>>> Giriraj.
>>
>> --
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>>
>>
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
RE: Logging clear-text message
Posted by Andrei Shakirin <as...@talend.com>.
Hi Giriraj,
As far as you use CXF 2.7.8, I would recommend to get and log SOAPMessage in your logging interceptors.
WSS4J interceptors in CXF 2.7.8 activate SAAJ interceptors, preparing SOAPMessage.
As Dan said, it will be a bit complicated in CXF 3.0.0.
Following interceptors code logs clear text message by me in case of using WSS4J for encryption in CXF 2.7.8:
public class LogClearTextOutInterceptor extends AbstractPhaseInterceptor<Message> {
public LogClearTextOutInterceptor() {
super(Phase.POST_PROTOCOL);
getBefore().add(WSS4JOutInterceptor.class.getName());
}
@Override
public void handleMessage(Message message) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
try {
System.out.println("out message: ");
DOMUtils.writeXml(soapMessage.getSOAPBody(), System.out);
} catch (Exception e) {
e.printStackTrace();
}
}
}
public class LogClearTextInInterceptor extends AbstractPhaseInterceptor<Message> {
public LogClearTextInInterceptor() {
super(Phase.POST_PROTOCOL);
getAfter().add(WSS4JInInterceptor.class.getName());
}
@Override
public void handleMessage(Message message) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
try {
System.out.println("In message: ");
DOMUtils.writeXml(soapMessage.getSOAPBody(), System.out);
} catch (Exception e) {
e.printStackTrace();
}
}
}
...
client.getOutInterceptors().add(new LogClearTextOutInterceptor());
client.getInInterceptors().add(new LogClearTextInInterceptor());
...
endpoint.getInInterceptors().add(new LogClearTextInInterceptor());
endpoint.getInInterceptors().add(new LogClearTextOutInterceptor());
Regards,
Andrei.
> -----Original Message-----
> From: Giriraj Bhojak [mailto:giriraj2k@gmail.com]
> Sent: Dienstag, 13. Mai 2014 18:08
> To: Daniel Kulp
> Cc: users@cxf.apache.org
> Subject: Re: Logging clear-text message
>
> Thank you Daniel and Andrei.
> Here is new interceptor I just wrote for outgoing messages:
>
> import org.apache.cxf.interceptor.Fault; import
> org.apache.cxf.message.Message; import
> org.apache.cxf.phase.AbstractPhaseInterceptor;
> import org.apache.cxf.phase.Phase;
> import org.w3c.dom.Document;
>
> public class LoggingOutInterceptor extends
> AbstractPhaseInterceptor<Message> {
>
> public LoggingOutInterceptor() {
> super(Phase.PRE_PROTOCOL);
> }
>
> public void handleMessage(Message message) throws Fault {
>
> Document document = message.getContent(Document.class);
> }
>
> }
>
> The document is null. While debugging I see that the actual object I am trying
> to send is in contents[] array of org.apache.cxf.message.MessageImpl.
> But I haven't been able to retrieve it yet. Any idea what I am doing wrong?
>
> Thanks,
> Giriraj.
>
>
>
>
> On Tue, May 13, 2014 at 11:00 AM, Daniel Kulp <dk...@apache.org> wrote:
>
> >
> > The Logging interceptors run at a byte stream level and only would see the
> > “secured” message. To log the unsecured message, you would need to write
> > a different interceptor to handle that. Unfortunately, its also going
> > to be different for CXF 2.7.x and CXF 3.x due to changes in the
> > security handling.
> >
> > For 2.7.x, you can write an interceptor that would run after the
> > WSS4JInInterceptors that would do a:
> >
> > message.getContent(Document.class)
> >
> > and prints the DOM. For 3.x with the new streaming security
> > interceptors, it would be way more complex. You’d have to grab the
> > XMLStreamReader from the message, wrapper it with a new stream reader
> that
> > would then record the read events. (the wrapped stream reader method
> > would also work for 2.7.x, but like I said, a bit more complex to
> > write)
> >
> > Dan
> >
> >
> >
> > On May 12, 2014, at 6:05 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
> >
> > > Hi,
> > >
> > > I am using cxf (2.7.8 )with wss4j(1.6.13).
> > > For the sake of debugging I need to see the outgoing messages.
> > > I have added cxf:inInterceptors and cxf:outInterceptors in the
> > > spring config.
> > > This helps me see the signed and encrypted message.
> > > Is there a way to see the clear-text version of the message?
> > > I have used JAXB marshaller to print the message but I am trying to
> > > avoid writing any code to see the message.
> > >
> > > Thanks,
> > > Giriraj.
> >
> > --
> > Daniel Kulp
> > dkulp@apache.org - http://dankulp.com/blog Talend Community Coder -
> > http://coders.talend.com
> >
> >
Re: Logging clear-text message
Posted by Giriraj Bhojak <gi...@gmail.com>.
Thank you Daniel and Andrei.
Here is new interceptor I just wrote for outgoing messages:
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
public class LoggingOutInterceptor extends
AbstractPhaseInterceptor<Message> {
public LoggingOutInterceptor() {
super(Phase.PRE_PROTOCOL);
}
public void handleMessage(Message message) throws Fault {
Document document = message.getContent(Document.class);
}
}
The document is null. While debugging I see that the actual object I am
trying to send is in contents[] array of
org.apache.cxf.message.MessageImpl.
But I haven't been able to retrieve it yet. Any idea what I am doing wrong?
Thanks,
Giriraj.
On Tue, May 13, 2014 at 11:00 AM, Daniel Kulp <dk...@apache.org> wrote:
>
> The Logging interceptors run at a byte stream level and only would see the
> “secured” message. To log the unsecured message, you would need to write
> a different interceptor to handle that. Unfortunately, its also going to
> be different for CXF 2.7.x and CXF 3.x due to changes in the security
> handling.
>
> For 2.7.x, you can write an interceptor that would run after the
> WSS4JInInterceptors that would do a:
>
> message.getContent(Document.class)
>
> and prints the DOM. For 3.x with the new streaming security
> interceptors, it would be way more complex. You’d have to grab the
> XMLStreamReader from the message, wrapper it with a new stream reader that
> would then record the read events. (the wrapped stream reader method
> would also work for 2.7.x, but like I said, a bit more complex to write)
>
> Dan
>
>
>
> On May 12, 2014, at 6:05 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
>
> > Hi,
> >
> > I am using cxf (2.7.8 )with wss4j(1.6.13).
> > For the sake of debugging I need to see the outgoing messages.
> > I have added cxf:inInterceptors and cxf:outInterceptors in the spring
> > config.
> > This helps me see the signed and encrypted message.
> > Is there a way to see the clear-text version of the message?
> > I have used JAXB marshaller to print the message but I am trying to avoid
> > writing any code to see the message.
> >
> > Thanks,
> > Giriraj.
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
>
Re: Logging clear-text message
Posted by Daniel Kulp <dk...@apache.org>.
The Logging interceptors run at a byte stream level and only would see the “secured” message. To log the unsecured message, you would need to write a different interceptor to handle that. Unfortunately, its also going to be different for CXF 2.7.x and CXF 3.x due to changes in the security handling.
For 2.7.x, you can write an interceptor that would run after the WSS4JInInterceptors that would do a:
message.getContent(Document.class)
and prints the DOM. For 3.x with the new streaming security interceptors, it would be way more complex. You’d have to grab the XMLStreamReader from the message, wrapper it with a new stream reader that would then record the read events. (the wrapped stream reader method would also work for 2.7.x, but like I said, a bit more complex to write)
Dan
On May 12, 2014, at 6:05 PM, Giriraj Bhojak <gi...@gmail.com> wrote:
> Hi,
>
> I am using cxf (2.7.8 )with wss4j(1.6.13).
> For the sake of debugging I need to see the outgoing messages.
> I have added cxf:inInterceptors and cxf:outInterceptors in the spring
> config.
> This helps me see the signed and encrypted message.
> Is there a way to see the clear-text version of the message?
> I have used JAXB marshaller to print the message but I am trying to avoid
> writing any code to see the message.
>
> Thanks,
> Giriraj.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Re: Logging clear-text message
Posted by Colm O hEigeartaigh <co...@apache.org>.
If you set logging to DEBUG you can see what WSS4J decrypts on the
receiving side.
Colm.
On Mon, May 12, 2014 at 11:05 PM, Giriraj Bhojak <gi...@gmail.com>wrote:
> Hi,
>
> I am using cxf (2.7.8 )with wss4j(1.6.13).
> For the sake of debugging I need to see the outgoing messages.
> I have added cxf:inInterceptors and cxf:outInterceptors in the spring
> config.
> This helps me see the signed and encrypted message.
> Is there a way to see the clear-text version of the message?
> I have used JAXB marshaller to print the message but I am trying to avoid
> writing any code to see the message.
>
> Thanks,
> Giriraj.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com