Content tagged jvm
Today I've had to dig deeper into some problem authenticating against an HTTPS API. This client was sending Basic Authentication information following a 3XX redirect, which then would make the second server (well, S3 really) return a 400 Bad Request, since it's refusing to deal with more than one authentication method at the same time.
This is all and good, but debugging what was actually being sent is a
little bit more difficult if curl
is not the method of choice.
Instead I found the
-Djavax.net.debug=all
option for the JVM. This will make it dump a lot of information
throughout a connection. Mostly that's already enough to debug the
issue, since a hexdump of the HTTP traffic is included. On the other
hand it's also pretty verbose.
Another option is the slightly more involved jSSLKeyLog, which requires the use of a JVM parameter to include the Java agent, e.g. for SBT like so:
env JAVA_OPTS="-javaagent:jSSLKeyLog.jar==/jsslkeylog.log" sbt
Two more notes here: Compiling the tool is really easy, once cloned mvn
package
results in a ready-to-use JAR file. Also the log contains more
information when two equal signs are used (handy for manual inspection).
This file can then be directly fed into WireShark ("Edit",
"Preferences", "Protocols", "TLS", "(Pre-)-Master-Secret log filename")
and will then allow the decoding of the captured network traffic
(e.g. via tcpdump -i any -s 0 -w dump.pcap
).