tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Rescorla <...@rtfm.com>
Subject Re: Submission: Portable SSL Support
Date Fri, 07 Dec 2001 14:59:24 GMT
"Bill Barker" <wbarker@wilshire.com> writes:
> It compiles with or without JSSE, and runs fine without an SSL connector.
> However, I haven't actually gotten around to doing the whole keystore thing
> here, so the (big) one thing I haven't tried (yet) is to run it with an
> JSSE-SSL connection.
I just did a CVS update and checked it against PureTLS. It runs fine.

> The other thing that would be nice is to be able to access the SessionId,
> (via request.getAttribute("javax.servlet.request.ssl_session")).  There is
> already optional support to validate HttpSession access against this for SSL
> sessions in 3.3.x.  Currently it is only supported if you are connecting via
> Apache, but stand-alone (at least for PureTLS) would also be a nice feature.
That's certainly easy to add. I just didn't know what attribute string
to use since I didn't see it in the Servlet 2.3 spec. Which spec
is this string defined in?

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
                http://www.rtfm.com/

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message