tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: [PATCH] SSLSocket, CLIENT-AUTH, and JDK1.4
Date Mon, 07 Oct 2002 20:56:09 GMT

----- Original Message -----
From: "Remy Maucherat" <remm@apache.org>
To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
Sent: Monday, October 07, 2002 1:44 PM
Subject: Re: [PATCH] SSLSocket, CLIENT-AUTH, and JDK1.4


> Bob Herrmann wrote:
> > Before I commit this diff, I would like some eyes. This fixes a problem
> > with JSSE doing request for CERTS on an already established SSL Socket.
> >
> > I am concerned that this change may not pass the sniff test as I check a
> > System.getProperty("java.vm").startsWith("1.4") to see if the extra
> > jiggle is needed on the SSLSocket - but my instincts tell me that is
> > colorfully kludgey.  Ideas?
>
> How expensive is that performance wise ?
> The code is only used when client cert is on, right ?

It's only called for CLIENT-CERT authorization, and then only on the first
call to a protected page.  I'm guessing it's pretty expensive, but the
webapp has to specifically request it, and it only happens once.

>
> Remy
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-dev-help@jakarta.apache.org>
>


--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message