@tomcat.apache.org
[mailto:users-return-227483-STEVEN.J.ADAMUS=saic@tomcat.apache.org] On
Behalf Of Jürgen Jakobitsch
Sent: Tuesday, September 06, 2011 3:12 PM
To: Tomcat Users List
Subject: Re: SSLSession invalidate
thanks mark,
if i understand you correct, it is simply NOT possible
@tomcat.apache.org
[mailto:users-return-227483-STEVEN.J.ADAMUS=saic@tomcat.apache.org] On
Behalf Of Jürgen Jakobitsch
Sent: Tuesday, September 06, 2011 3:12 PM
To: Tomcat Users List
Subject: Re: SSLSession invalidate
thanks mark,
if i understand you correct, it is simply
hi, i'm pretty sure, this question
has been asked a thouthand times, but
i didn't find an answer :
how can access the SSLSession in a jsp or a servlet
to be able to invalidate it.
any pointer really appreciated
wkr www.turnguard.com/turnguard
--
| Jürgen Jakobitsch,
| Software Developer
|
how can access the SSLSession in a jsp or a servlet
to be able to invalidate it.
Sorry, but
is there any difference between to invalidate a HTTP Session and a SSLSession ?
-
To unsubscribe, e-mail:
Greetings from Stockholm, this is Baran Topal.
As i was drinking my Guiness, i find your question interesting :)
Here you go:
%
HttpSession s = request.getSession(false);
if (s != null) s.invalidate();
%
Inform me whether this is working or not :)
Regards.
On 6 sep 2011, at 22:09, Chema
really appreciated
wkr turnguard
- Original Message -
From: baran topal jazziiil...@gmail.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Tuesday, September 6, 2011 10:57:17 PM
Subject: Re: SSLSession invalidate
Greetings from Stockholm, this is Baran Topal.
As i was drinking my
On 06/09/2011 22:42, Jürgen Jakobitsch wrote:
apparently there is one, i can get it's id with
request.getAttribute(javax.servlet.request.ssl_session)
That is a Tomcat bug it should be javax.servlet.request.ssl_session_id
in tomcat7 there's the possibility to use SSLSessionManager to
...@apache.org
To: Tomcat Users List users@tomcat.apache.org
Sent: Wednesday, September 7, 2011 12:08:29 AM
Subject: Re: SSLSession invalidate
On 06/09/2011 22:42, Jürgen Jakobitsch wrote:
apparently there is one, i can get it's id with
request.getAttribute(javax.servlet.request.ssl_session
, 2011 3:12 PM
To: Tomcat Users List
Subject: Re: SSLSession invalidate
thanks mark,
if i understand you correct, it is simply NOT possible to invalidate the
SSLSession of which i can get the id with
request.getAttribute(javax.servlet.request.ssl_session)
(it works with this key in 6.0.32)
wkr