tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: webapp getting encryption information
Date Tue, 04 Sep 2007 00:32:14 GMT

"Christian Andersson" <ca@ofs.no> wrote in message 
news:46DBBAD9.8030002@ofs.no...
> I'm sorry that I'm asking this directly without havinge done that much
> research on this matter, but I'm hard pressed on time, and I'm currently
> traveling so I have a very limited access to the net.
>
> my question is as follows
>
> I have an webapplication that the users are connecting to via https.
> IS it possble for this webappto get information about the encryption
> protocol (ssl2/ssl3/tls/etc...) and algoritms
> (TLS_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_SHA/etc) used?
>

    String cipher = 
(String)request.getAttribute("javax.servlet.request.cipher_suite");

is probably what you are looking for.

> I'm currently looking at securing a website with different grades of
> security depending on the type of connection (for example you need RSA
> with 256bit key to access some parts but other parts you only need
> 3DES), so the the less secure connection, the less information/options
> will be provided.
>
>
>
> -- 
> Christian Andersson - ca@ofs.no
>
> Configuration and Collaboration for OpenOffice.org
> Open Framework Systems AS http://www.ofs.no
>
>


--------------------------------------------------------------------------------


> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org 




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message