It compiles with or without JSSE, and runs fine without an SSL connector.
However, I haven't actually gotten around to doing the whole keystore thing
here, so the (big) one thing I haven't tried (yet) is to run it with an
JSSE-SSL connection.
The other thing that would be nice is to be able to access the SessionId,
(via request.getAttribute("javax.servlet.request.ssl_session")). There is
already optional support to validate HttpSession access against this for SSL
sessions in 3.3.x. Currently it is only supported if you are connecting via
Apache, but stand-alone (at least for PureTLS) would also be a nice feature.
----- Original Message -----
From: "Eric Rescorla" <[EMAIL PROTECTED]>
To: "Tomcat Developers List" <[EMAIL PROTECTED]>
Sent: Thursday, December 06, 2001 9:52 PM
Subject: Re: Submission: Portable SSL Support
> "Bill Barker" <[EMAIL PROTECTED]> writes:
> > Since no one else responded, I've gone ahead and checked in Eric's
changes.
> > I haven't actually tried to build against PureTLS, but I assume that
Eric
> > has.
> I did, but I'll check it out myself and make sure that it works.
> You did check that it works in the absence of PureTLS, right?
>
> > If I've missed anything in this commit, please let me know and I'll
> > try and include it asap.
> I'll take a look. Big CVS imports like this are always hairy since
> it's so easy to miss a file :(
>
> -Ekr
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
