[jbossws-dev] [Design of JBoss Web Services] - Re: Tcp Monitor like tool for jboss
maeste
do-not-reply at jboss.com
Thu Nov 16 08:26:34 EST 2006
I probably I didn't correctly understand what Burr is saying. I try to answer, just to understand better what are his doubts about:
anonymous wrote :
| I actually demo the use of tcpmon since I think it is such a vital tool
| for "debugging". The basic idea is that you find a consumer and
| producer that are happy with each other and capture the SOAP
| conversation (e.g. .NET to .NET) then run your Java to .NET to see what
| the problem might be.
|
And this is the same idea of Lms. Note that clients have to change the address used to invoke webservice, it isn't a transparent proxy.
anonymous wrote :
| With that said, I don't believe a web-based application will serve me
| properly. I like the really little swing-based tcpmon. I've seen other
| presenters talk about using it for hacking websites. You can intercept
| the flow of track between the browser and the server and figure out if
| they are using any hidden fields to carry important information (e.g.
| the price of an item being placed in a shopping cart).
|
I didn't understand what is the real difference between a swing gui and a web based gui in that. It was realy useful for us to debug service call by remote client that could only send request to our internet exposed machine (dmz) where I haven't X server configured (and I don't want one)
Speaking of security: I think there are more interesting malicious sw around the world than a web based tcp monitor, and I think a malicious use of Lms isn't different than a malicious use of tcp mon.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3986510#3986510
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3986510
More information about the jbossws-dev
mailing list