It compiles with or without JSSE, and runs fine without an SSL connector. However, I haven't actually gotten around to doing the whole keystore thing here, so the (big) one thing I haven't tried (yet) is to run it with an JSSE-SSL connection.
The other thing that would be nice is to be able to access the SessionId, (via request.getAttribute("javax.servlet.request.ssl_session")). There is already optional support to validate HttpSession access against this for SSL sessions in 3.3.x. Currently it is only supported if you are connecting via Apache, but stand-alone (at least for PureTLS) would also be a nice feature. ----- Original Message ----- From: "Eric Rescorla" <[EMAIL PROTECTED]> To: "Tomcat Developers List" <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 9:52 PM Subject: Re: Submission: Portable SSL Support > "Bill Barker" <[EMAIL PROTECTED]> writes: > > Since no one else responded, I've gone ahead and checked in Eric's changes. > > I haven't actually tried to build against PureTLS, but I assume that Eric > > has. > I did, but I'll check it out myself and make sure that it works. > You did check that it works in the absence of PureTLS, right? > > > If I've missed anything in this commit, please let me know and I'll > > try and include it asap. > I'll take a look. Big CVS imports like this are always hairy since > it's so easy to miss a file :( > > -Ekr > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>