incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henry Story <henry.st...@gmail.com>
Subject getting the servlet request (and ssl session clearing in jetty)
Date Fri, 20 Aug 2010 17:39:36 GMT
I don't seem to be able to get the servlet request from a jsr-311 annotated method in Clerezza.

I tried quite a lot of different things, including things like

 @GET
  public Response logout(@Context UriInfo uriInfo,
	    @HeaderParam("Referer") URI referer,
	    @Context ServletRequest req) {
  ...
 }


With no success. req is just null.

Any ideas?

-----

Btw. I am trying to clear the session information to see if there is any way of getting around
the issues of logging out with SSL.  I need to try something out to see if this will work.
Any idea if it is possible to clear the SSL Session information? 

You can do it in apache as described at the end of this document:

http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

// Standard HTTP session invalidation
session.invalidate();

// Invalidate the SSL Session
org.apache.tomcat.util.net.SSLSessionManager mgr =
  (org.apache.tomcat.util.net.SSLSessionManager)
  request.getAttribute("javax.servlet.request.ssl_session_mgr");
mgr.invalidateSession();

// Close the conection since the SSL session will be active until the connection
// is closed
response.setHeader("Connection", "close");

Henry



Mime
View raw message