I am developing a software which will be communicating with a server using HTTP (but it is not a web browser). Since the server part is not ready yet, I would like to debug my client software by sending HTTP messages to it. I know that I can send HTTP requests using Curl. But I am not sure if that is sufficient here.
I'm imagining an environment where I send a request from my application, check that it is correct using Wireshark and then reply to the request using some software. Using Curl, I think I would have open a listening port..?
I'd use a simple node.js server for this. You can write your own HTTP server in a few lines of code an simulate various return codes, response headers or response entities easily: http://nodejs.org/
PS: There are proxies that simply print out the HTTP messages. This might be helpful for you too, because you don't have to deal with WireShark anymore just for HTTP-level logging.
You can't do that with cURL. It is an http client, not a server.
The simplest way to do this is to actually implement a mock server application that just returns a static (i.e. hardcoded) message every time. You can do this using any server-side language you like (php, python, ruby, ...), or, you can even do it without a server side language, using just static files served by a webserver such as apache or nginx.
For example, if the server part (the API) would respond to /articles.json with something relevant (a JSON object containing some articles), you could put a file named articles.json that contains some hand-written data in your server's root. Then, your application would think it's calling an API when it's actually just downloading a static file.
You can use firebug addon of firefox browser to see content of HTTP request/response.
It does't require any server (but of course, if you dont have server which process requests from browser and send responses to browser, you 'll always see response "unable to connect").
If you still need to mock response, you can create simple server which is able to respond with mock responses, for example java servlet at tomcat server, with code like this:
public class MyMockServlet extends HttpServlet {
..
private String mockHeaders = "...";
private String mockResponse = "my response";
public void service(HttpRequest request, HttpResponse response){
setHeaderAndBodyInResponse(response);//your method
}
}
Related
I'm sending JSON data from my Java application to my local webserver with my PHP script that is receiving this message. Now as far as I know I can only view what has been received by for example inserting the data in a database. Is there a way/application to view the live POST requests sent to my PHP webserver?
I like to use fiddler for these kinds of tasks if the java HTTP library has support for proxies. Fiddler will list all information about the HTTP requests that is available. It will by default log all HTTP requests across your system, but can be told to limit to one application.
You can try setting your httpd logging level to verbose or (depending on what httpd it is) try to use extension that would do log all the data send in requests
For debugging purposes why not just write the POST data to a file?
i.e.
file_put_contents(<some filename>, $HTTP_RAW_POST_DATA);
I currently have an TCP Java socket communication implementation in which I have a server that is listening to a port (let's say port 5478). Then I need an Android client to remotely connect to the Java server and send a SQL query, than will then be executed on the server side database and then I want to send a list of results back to the Android client (already implemented with a custom Java class named Result that implements Serializable). I do this by sending an ArrayList of Result to the Android client. The Java server is always listening to the port and supports multiple clients trough multiple Threads. How can I migrate this implementation to a more secure platform and what is the best way to do it? I don't need to respect HTTP protocol to afford this communication. Is Tomcat the best solution?
Thanks
I would use Servlet3.0 as part of tomcat.
Then from android you just have to send http requests to the server using a URL and the servlet can database them. You can also serialize the data as well if you need to.
I hope that answers your question.
~ Dan
//EDIT:
Once you have set up eclipse and tomcat, you can start writing servlets. First - you have to configure the server to use servlets for certain addresses, for example localhost:8080/myServlet - that means that anything you send to local host triggers the servlet. The code for your first servelet looks like this:
public class ExampServlet extends HttpServlet {
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
Your doPost method is what gets called when you perform a http post request on the address the servlet is listening on. Then, all you have to do it put some code in to read the request to get the data out of the message body. Basically you read your request object that gets passed in, and you write to your response object to send the response back to the client. There are plenty of guides out there. I followed something like this to get started:
http://www.coreservlets.com/Apache-Tomcat-Tutorial/tomcat-7-with-eclipse.html
Hope that helps :)
~ Dan
Tomcat is an Servlet container + webserver. If you plan to move to tomcat then you are implicitly moving to http. And yes, if you want a secure communication .. you can create a soap based webservice(apache axis) and host it on https.
I'm not sure how mutch additional security tomcat is able to provide for your application. Two tings come to mind:
Enforcing authentication and some access rules. This is not too hart to implement and heavily depends on the rule quality. However it may help f you use it. It's often replaced by own imlpementations. However, to get securty you need encryption i.e. https. Or it's possible to steel the session and gain the rights bound to it.
Request to file mapping. This in fact somewhat more complicated. You shouldn't code this on your own. It's more complicated than it looks at first sight.
However, one of the biggest security wholes ever is directly executing code you got from somewhere. For example SQL statements. Ok it's secure as long as your databse rights are set perfectly...
Developing a securly encrypted protocol is not simple either.
However, the major win on switching to tomcat (or whatever) might be scaleability for free. And I think implementing servlets is much simpler than programming against sockets. And there are many great to tools fo working with http(s) though ven it might be more complicated than yours, it's pretty simple to deal with.
Unfortunately I can't answer our question. I don't know what's the best solution is. But I think there's at least some potential for wins.
I need to send a request from a servlet to an application running in other environment (IIS) with certain information in custom headers.
I know redirecting doesn't send the headers and getServletContext().getRequestDispatcher(url) is to be used in the servlet's context only. Has anybody made this work in some other way? I was thinking in using HttpURLConnection, but would it finally redirect the browser to the targeted app ?
Thanks in advance
You can't redirect from your servlet to the external server and keep the headers, and you can't forward the incoming request to other context.
What you could do, is to use the HttpURLConnection (or other http client library such as HTTPClient) to make the request (with the custom headers you need) to the remote server and, once the operation is complete, redirect the user to the external site (customm headers are not set in this redirection).
This is a little tricky, if you elaborate your question (what do you really need to do) we can probably think about other alternatives.
AJAX? You can send some JavaScript code to the browser which sends a request to the ISS and handle (shows) its answer. It's possible to set http headers with XMLHttpRequest but it needs client side JavaScript coding and you have to find a way to send cross domain requests.
How can I make a java-based application server reply with an empty-valued response header, like this?
content-length:\r\n
Unfortunately when I call
response.setHeader("Content-Length", len)
where len is either an empty string or null, the response will not include the header.
I've checked the HttpServletResponse and HttpServletResponseWrapper javadocs but couldn't figure out what could be overriden to provide my custom behaviour.
Background
I'm building a testing application that is supposed to emulate badly-behaved HTTP server scenarios. The application is supposed to reply to requests with preset pages and HTTP headers, including malformed ones like the above case.
The application is written in grails.
I'm building a testing application that is supposed to emulate badly-behaved HTTP server scenarios.
In such a case, attempting to get a well-behaving server to mimic such behavior is a bad idea. If you need to mimic a bad server, or a particular set of scenarios you wish to test, then you may do one of the following:
write a custom application that listens on a particular port (using the ServerSocket class) that will respond with malformed HTTP headers. Using HTTP libraries may not help, for libraries may have code to detect erroneous conditions and correct them automatically.
use a HTTP proxy that is capable of intercepting responses and allows for modifications of these responses. You will find several if you Google for "http debugging proxy", but if you haven't heard of any, I would suggest looking at Fiddler, WebScarab or Burp.
You can try a tool like SoapUI or Fiddler with it's Firefox extension. I havent tried setting a malformed header with them but I wouldn't be suprised if you could.
Something not clear for me: your application is written in Grails, but you are discussing of javadocs... Well, I suppose you try to create a bad server in JAVA...
As you said, answering with "Content-Length:\r\n" is not legal for HTTP. You must put an integer value or discard the header. I think setHeader() helps you to avoid to produce an illegal HTTP message.
You can workaround this way creating manually the headers (you can write directly to the socket without using the setHeader blocks).
Other solution is to create a filter (in addition of your servlet) with your own implementation of HttpServletResponse. You will pass this implementation to the servlet.
How would you create a server-side java applet?
If I understand correctly, you are looking for Servlets. Read the linked documentation.
Otherwise, your question doesn't make sense - the server is processing multiple requests, without any GUI, and applets are GUI.
If you just want java code that runs on the server, you probably do want Servlets. Or perhaps JSP, if you're just looking for something to do simple processing.
A Java applet on the client side does not necessarily require a Java webserver on the server side. Since the only communication protocol you'd like to use is HTTP which is universal, any HTTP server would suffice. You can use a "plain vanilla" webserver like Apache HTTPD with PHP. You can also use a Java Servletcontainer like Apache Tomcat which supports JSP/Servlet. You can also use a C#/.NET webserver like IIS which supports ASP. Just make use the capabilities of the webserver which you're currently already using to serve the webpage with the applet.
All you basically need to do in the Applet is to fire and process HTTP requests. You can do that with java.net.URLConnection (mini tutorial here) or with the more convenienced Apache HttpComponents Client (tutorial here). You can use Applet#getCodeBase() to obtain the context URL where the applet is served from.
URL url = new URL(getCodeBase(), "script.php"); // PHP code
// or
URL url = new URL(getCodeBase(), "servletUrl"); // Servlet code
// or
URL url = new URL(getCodeBase(), "script.asp"); // ASP code
In the server side you just return response in whatever format you like the usual way. A plain vanilla String or a more easy processable JSON or XML format. All mentioned languages provides facilities/libraries to encode/decode the data in JSON/XML formats.
As to sending parameters from Applet to the server side, just pass HTTP request parameters along as a query string in the request URL (HTTP GET) or in request body (HTTP POST). In PHP you can gather them by $_GET and $_POST and in Java Servlet by request.getParameter().
As to returning the data from the server side, in PHP you just use echo to write the response. In Java Servlet you just write to response.getWriter() and in ASP I actually have no idea, but you should got the picture now. In the Applet you should then read and process the response accordingly. See the aforementioned tutorial links how to do that.