HTTP Recording Overview

The HTTP Monitor is a handy feature in SoapUI for capturing and analyzing HTTP traffic going between an existing client and server.

The HTTP Monitor allows you to monitor, record, analyze and even modify HTTP traffic as it is been transferred between an existing client and server application. It supports WS-Security and SSL decryption (if you have all the necessary keystores available) for digging into encrypted messages.

Monitor mode

The monitor can either be run in proxy mode or HTTP tunnel mode (if you are familiar with apache tcpmon you should recognize this).


In proxy-mode, SoapUI acts as a standard HTTP Proxy forwarding messages received from the client to the specified host. The client in its turn must be configured to use SoapUI as an HTTP proxy, either via system properties or some other configuration option. This has the advantage of not requiring you to change the actual endpoint the client is using to access the service (usually the proxy can be configured "outside" of your clients environment).

HTTP Tunnel

In tunnel-mode, the client must be configured to send its requests directly to SoapUI, which will tunnel the request to the specified target host and return the response back. The advantage is that it does not make use of the HTTP Proxy mechanism (which may not be supported/configurable/etc), and also allows for the possibility to intercept SSL-encrypted traffic.

Security Modes

WS-Security and SSL Support

In either mode you have the possibility to specify an Incoming WSS configuration that will be used to decrypt and/or verify signatures in these messages, either the request coming from the client or the response coming from the server. Adding WS-Security to an outgoing message is not currently possible.

SSL Support

In HTTP-Tunnel mode you can also configure SSL decryption. Incoming requests will be decrypted using the specified keystore (which must be the same as on the target server) and an optional client-keystore can be specified for re-encrypting the message when it is tunneled forward to the target server (if it requires client-certificates).

Either of these can be useful if you want to decrypt message content "on the wire" to be able to analyze their content, modify it, etc.

Basic Operations

Once started as desired, the following HTTP Monitor window will be opened:


This displays logged messages in the table at the top and shows selected message details at the bottom, including all the advanced views and inspectors available in the standard message editors, which makes inspection and analysis of captured messages a "breeze" (especially for ReadyAPI-users).Entries can be filtered with the different Combo-Boxes in the toolbar and there are a bunch of other actions available that you should look at a little later.