Thanks for your effort. The problem with sniffing SSL through a proxy is that in order to view the unencrypted content the certificate trust chain must be broken. Fiddler is able to log SSL because it generates fake server certificates. If I do the same directly on our app, before it is encrypted, we will not break the certificate chain.

I've used Jakarta commons HttpClient in another project and I would like the same wire logging output but using the "standard" HttpUrlConnection.

I've used Fiddler as a proxy but I would like to log the traffic directly from java.

Capturing what goes by the connection input and output streams is not enough because the HTTP headers are written and consumed by the HttpUrlConnection class, so I will not be able to log the headers.

I've been able to log all SSL traffic implementing my own SSLSocketFactory on top of the default one.

This worked for me because all of our connections are using HTTPS and we can set the socket factory with the method HttpsURLConnection.setSSLSocketFactory.

A more complete solution that enables monitoring on all sockets can be found at http://www.javaspecialists.eu/archive/Issue169.html Thanks to Software Monkey for pointing in the right direction of using Socket.setSocketImplFactory

Here is my not ready for production code:

iphone === ie6

fffffound

xkcd: Freedom - xkcd.com

Au, anem a provar si he integrat be el twitter, el facebook i el buzz.

Ara que el jefe s'havia acostumat a veure'm al facebook...