On Wed, Nov 17, 2010 at 01:56:05PM +0000, Max Russell wrote:
> I'm running Wireshark on the client machine that makes the call that
> should contain the value, using a fairly inclusive capture filter of
> host x.x.x.x
>
> Firstly, will I actually capture this on the client machine using the
> filter I described?
Yes, as long as the traffic is flowing to or from IP x.x.x.x
> Secondly, how can I search within the captures for the SOAP
> username/password?
Do you know one of the values? If so, you can do a display filter (the
"host x.x.x.x" is a capture filter) such as "frame contains <value>".
Wireshark may be able to identify it in particular if the dissectors
support it. I'm not too familiar with SOAP to be able to say.