Avatar of SAbboushi
SAbboushi
Flag for United States of America asked on

Tried setting java proxy; Fiddler still not capturing traffic

Hi - running Fiddler Web Debugger (v4.6.2.0) on W7 64

1) Running a java app (can download q.jar file here)

2) I set proxy in Java control panel:

Control Panel>Java>General>Network Settings:
Use Proxy Server:
Address: 127.0.0.1 (or localhost)
Port: 8888

3) I launch q.jar (double-click in Windows Explorer) which gives me a java warning message that the app cannot connect to the web server.  This is normal (the web server was taken down a few years ago), so I am trying to use fiddler to redirect to my local server.

But I cannot get fiddler to capture the q.app traffic to get the needed config info for redirection.

Could anyone please help me?

Thanks -

Sam
JavaJava App Servers

Avatar of undefined
Last Comment
SAbboushi

8/22/2022 - Mon
mccarl

I'm not 100% sure what you are trying to do here, but my suggestion is that most network traffic capture software can't capture localhost traffic. Can you set up the app and Fiddler on different machines and set the proxy to the other machine and try to capture the incoming traffic?
SAbboushi

ASKER
Thanks but I've been using Fiddler to capture browser and other local app traffic for years ; )

Anyone else?
CEHJ

so I am trying to use fiddler to redirect to my local server.

Can you prove that's running by posting the output (invoked with the correct arguments) of netstat? That should show the proxy too, of course
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
SAbboushi

ASKER
If I'm not mistaken, your question is asking for proof (using netstat) that I have configured fiddler to redirect the q.jar's traffic to my my local server instead of its currently configured url?

If so, my apologies for the confusion.  My OBJECTIVE is to do so; right now, I am trying to use Fiddler to analyze the requests generated by q.jar so that THEN I can do this (i.e. have Fiddler redirect the traffic to my local server).

I am failing at trying to figure out how to monitor the traffic generated by q.jar.
CEHJ

If I'm not mistaken, your question is asking for proof (using netstat) that I have configured fiddler to redirect the q.jar's traffic to my my local server instead of its currently configured url?

You are mistaken ;) You're proving what's running on what hosts and what ports. Nothing else
SAbboushi

ASKER
Can you prove that's running by posting the output (invoked with the correct arguments) of netstat? That should show the proxy too, of course

OK thanks - what arguments to use with netstat?
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
CEHJ

I don't know, as i don't use Windows
netstat /?

Open in new window

is your friend
SAbboushi

ASKER
cehj: What am I trying to confirm is running by using netstat?

mccarl: >>most network traffic capture software can't capture localhost traffic
I reread thread and maybe I misunderstood you.  To clarify, q.jar is not sending traffic to localhost but to a web server overseas.  I am trying to capture that traffic, hence my post.

New info: I've been advised to check out what library q.jar is using to handle http traffic because setting the proxy is specific to the library.

I wish I knew how to do this... can anyone point me in the right direction?

I extracted the q.jar file and did a search for "http" and these lines seemed relevant, but I'm ignorant about java and about "http libraries":
QoraanServlets.java:

import javax.servlet.http.*;
...
public class QoraanServlets extends HttpServlet  {
...
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{

CEHJ

cehj: What am I trying to confirm is running by using netstat?
That the proxy is running. Why, btw, are you using a proxy?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ASKER CERTIFIED SOLUTION
mccarl

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SAbboushi

ASKER
>> Why, btw, are you using a proxy?
My understanding is that since Fiddler is configured to listen on port 8888, I need the traffic from q.jar to be sent through that port
SAbboushi

ASKER
mccarl: Wow --- you certainly seem to be the right person to be getting help from!  Your response filled in several "missing pieces" in my understanding of what's going on.

I'll try your suggestion after further digesting what you've said and examining the code now that you've "sent me in the right direction" -- and then I'll let you guys know how it works out.  Thanks!
SAbboushi

ASKER
mccarl:

java -Dhttp.proxyHost=localhost -Dhttp.proxyPort=8888 -jar q.jar

Open in new window


Perfect!  Just what Fiddler needed!  Thanks so much for taking the time to examine the code.

Your solution is more elegant than me trying to use Fiddler to reroute the traffic to my local server re: SqlProp.txt and MainTemplate.java (and now I'm not sure that would have worked anyway without modifying MainTemplate.java)

Would appreciate any help re: how to change these files to get it working on my PC:

SqlProp.txt: I suspect that line 3 and 4 are MySQL login id/password and that line 5 is the url to the QoraanServlets.java file (i.e. I need to change it to something like
*http://localhost/.../QoraanServlets;

Open in new window

)?


I'm clueless on how to configure so the query is sent to MySQL server running on localhost...

Is modifying this line enough, or is it more complicated?
MainTemplate.java
line 356: URL url=new URL(constant.SERVLET_DIRECTORY+"?"+query);

Open in new window

⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
mccarl

Perfect!  Just what Fiddler needed!  Thanks so much for taking the time to examine the code.

You're welcome!


I'm clueless on how to configure so the query is sent to MySQL server running on localhost...

Try the this q2.jar file. (Let me know once you have it and I can remove the file sharing again). You should be able to just double click this one, because you don't need to set proxies or anything.
mccarl

Explanation...

It looks as though the app was originally written to directly access the mysql server to query what it needed. And then at some point, someone wanted this to work over the web, so the mysql query part was implemented in a servlet (QoraanServlets.java) and exposed as a kind of basic web service. The app was then changed to query this web service rather than directly querying the mysql server.

Fortunately, they had left the code in the app that does the direct mysql connection (line 318 of MainTemplate.java) when they added the new web service querying method (line 348 of MainTemplate.java), you can see that the new method has the same name but with "2" added to the end. And then all they did was change which method was used when you click on the "Anaylse" button (line 175,176 of MainTemplate.java).

So all I have done in the new q2.jar file above, is to comment out the line that uses the new web service method (line 176) and re-instate the line that uses the old direct mysql method (line 175) and re-compiled that class. I tested here and it definitely looks like its trying to find mysql rather than trying to connect to a web server, but without having your mysql server running here that's as far as I can test.

Hopefully, it just works for you!
SAbboushi

ASKER
Wow again!  Thanks!

The code sure looks simpler when someone leads me by the hand!

Am getting a different error this time:alert
I would have expected it to find the MySQL server but reject the connection request because the connection request doesn't have the correct credentials in SqlProp.txt?  I imagine that line 3 and 4 are MySQL login id/password and that line 5 is the url to the QoraanServlets.java file (i.e. I need to change it to something like
*http://localhost/.../QoraanServlets;?

Also, if I want to capture the traffic with Fiddler, it seems I need to change something other than just to q2.jar...?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
mccarl

I would have expected it to find the MySQL server

You just need to set the MySQL connection properties correctly now. Notice the last part of that error... "UnknownHostException", it means that it can't find localhost.localdomain  (I probably should have picked that up earlier myself). So all you will need to do is open the SqlProp.txt file from q2.jar and change the host name in line 1 (probably just need to remove the .localdomain part, "localhost" by itself should work correctly), and then make sure that the last part of that line (currently "qoraan") is the correct database name on your mysql server. While you are there you may as well set the credentials correctly for your database, as you said lines 3 and 4 are the username/password. You don't need to change line 5 at all, I'll explain further in a minute.

**Note** You need to keep the * and the ; characters at the start and end of the lines in that file. Whoever wrote the code to read that file, for whatever strange reason, did it in a way where those characters are required to delimit each field from the next.

Ok, so why don't you need to change line 5? That line and the code that did anything with QoraanServlets is not being used anymore, at all. Before I made the change, the flow of the data was like this....    ClientApp  ---------->  QoraanServlets  -->  MySQL  -->  QoraanServlets  ---------->  ClientApp    but now that I made the change to the code it is simply this....   ClientApp  -->  MySQL  -->  ClientApp


Also, if I want to capture the traffic with Fiddler

Well, from the above, hopefully now that point is a bit clearer. This is NO "web" traffic for Fiddler to capture anymore, only MySQL traffic directly between the app and the database. Fiddler only captures web traffic and even if you used something else like Wireshark to capture the MySQL traffic, it wouldn't make much sense to you (or I, it uses it's only protocol to communicate) and would not be what you're after anyway.
SAbboushi

ASKER
Arghh!!  I changed SqlProp.txt file, zipped everything up and changed extension to .jar.

Now getting: Error
MySQL server:
MySQL
Sorry this has probably taken a lot more of your time than you initially hoped. Thanks--
mccarl

So, everything you did is correct as far as I can see. The problem now looks like a compatibility issue perhaps between the client code library that is included in your app .jar file and the version of MySQL that you are running. Just going off dates in your jar, it looks like it is at least 12 years old whereas you are running a recent MySQL server.

Otherwise, a google search turned up this...   http://forums.mysql.com/read.php?39,6448,77511#msg-77511   You may want to just try that out to see if it is a quick fix.

Otherwise, you might be a bit stuck. If you can't find and go back to a very old version of MySQL that works with your client app's library, the only other way would be to upgrade the client version used in your app. Now, the further bad news is that it looks like that particular client library that it is using is no longer maintained, and so you would have to change to the newer official mysql connector. This would require much further changes to your app's code.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SAbboushi

ASKER
Thank you again so much for all your help.  May peace be upon you mccarl!
mccarl

You're welcome! Did updating the user/password like in that link fix it?
SAbboushi

ASKER
Doesn't look promising.  Warnings received:

0 row(s) affected, 2 warning(s): 1287 'OLD_PASSWORD' is deprecated and will be removed in a future release. Please use PASSWORD instead 1287 'pre-4.1 password hash' is deprecated and will be removed in a future release. Please use post-4.1 password hash instead

I tried using PASSWORD too, but still getting the same alert: can't connect to database...
Your help has saved me hundreds of hours of internet surfing.
fblack61
CEHJ

. This is NO "web" traffic for Fiddler to capture anymore, only MySQL traffic directly between the app and the database. Fiddler only captures web traffic

That, btw, was exactly the reason for my last question. But it looks like all is sorted out now.
SAbboushi

ASKER
k thanks
mccarl

That message only says warning so hopefully it is still doing something. Try this... do the same command again, the one with OLD_PASSWORD. Now try and run your MySQL with the --skip-secure-auth option set, as mentioned in this link http://mysqlblog.fivefarmers.com/2012/05/30/why-your-pre-4-1-client-wont-like-mysql-5-6/

Now I wouldn't recommend this in any sort of production environment or anything, but if your just testing things and trying to confirm that you can get it working, it may be worth a try. Ultimately, I think you would just need to upgrade the MySQL connector library, but this may work as a temporary workaround.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SAbboushi

ASKER
I put this project on the backburner and thus haven't tried your last suggestion.  

Found some time today to revisit, but now find myself in some trouble trying to login to MySQL as a result of

SET PASSWORD FOR 'user'@'host' = OLD_PASSWORD('current_password');

Am getting following error:

errorBefore trying that work-around, I probably should have researched to better understand the ramifications... ; )

Been researching online, but spinning my wheels... about to try –skip-secure-auth, but nervous since I am unclear about what is going on/ ramifications.

Thought I'd post this follow-up in case you had some thoughts on the matter
SAbboushi

ASKER
Problem resolved.  If I have a chance to try your last suggestion, I'll let you know how it works out.  I found a different workaround (app creates SQL query without needing to access DB which I can copy/paste into MySQL Workbench)