Capturing network traffic through Java with Fiddler

If you do any socket programming on Java or use any library that does, there will come a time that you need to monitor the traffic going through your application. You will need the following class in order to see the traffic in Fiddler

public final class XTrustProvider extends java.security.Provider
{
	/**
	 * 
	 */
	private static final long	serialVersionUID	= 1L;
	private final static String	NAME		= "XTrustJSSE";
	private final static String	INFO		= "XTrust JSSE Provider (implements trust factory with truststore validation disabled)";
	private final static double	VERSION	= 1.0D;

	@SuppressWarnings({ "unchecked", "rawtypes" })
	public XTrustProvider()
	{
		super(NAME, VERSION, INFO);

		AccessController.doPrivileged(new PrivilegedAction()
		{
			public Object run()
			{
				put("TrustManagerFactory." + TrustManagerFactoryImpl.getAlgorithm(), TrustManagerFactoryImpl.class.getName());
				return null;
			}
		});
	}

	public static void install()
	{
		if (Security.getProvider(NAME) == null)
		{
			Security.insertProviderAt(new XTrustProvider(), 2);
			Security.setProperty("ssl.TrustManagerFactory.algorithm", TrustManagerFactoryImpl.getAlgorithm());
		}
	}

	public final static class TrustManagerFactoryImpl extends TrustManagerFactorySpi
	{
		public TrustManagerFactoryImpl()
		{
		}

		public static String getAlgorithm()
		{
			return "XTrust509";
		}

		protected void engineInit(KeyStore keystore) throws KeyStoreException
		{
		}

		protected void engineInit(ManagerFactoryParameters mgrparams) throws InvalidAlgorithmParameterException
		{
			throw new InvalidAlgorithmParameterException(XTrustProvider.NAME + " does not use ManagerFactoryParameters");
		}

		protected TrustManager[] engineGetTrustManagers()
		{
			return new TrustManager[]
			{ new X509TrustManager()
			{
				public X509Certificate[] getAcceptedIssuers()
				{
					return null;
				}

				public void checkClientTrusted(X509Certificate[] certs, String authType)
				{
				}

				public void checkServerTrusted(X509Certificate[] certs, String authType)
				{
				}
			} };
		}
	}
}

You can initialize the above class by the following

XTrustProvider.install();

Leave a Reply

Your email address will not be published. Required fields are marked *