The Ajp13 spec? :)
----- Original Message -----
From: "Eric Rescorla" <[EMAIL PROTECTED]>
To: "Tomcat Developers List" <[EMAIL PROTECTED]>; "Tomcat
Developers List" <[EMAIL PROTECTED]>
Sent: Friday, December 07, 2001 6:59 AM
Subject: Re: Submission: Portable SSL Support
> "Bill Barker" <[EMAIL PROTECTED]> writes:
> > It compiles with or without JSSE, and runs fine without an SSL
connector.
> > However, I haven't actually gotten around to doing the whole keystore
thing
> > here, so the (big) one thing I haven't tried (yet) is to run it with an
> > JSSE-SSL connection.
> I just did a CVS update and checked it against PureTLS. It runs fine.
>
> > The other thing that would be nice is to be able to access the
SessionId,
> > (via request.getAttribute("javax.servlet.request.ssl_session")). There
is
> > already optional support to validate HttpSession access against this for
SSL
> > sessions in 3.3.x. Currently it is only supported if you are connecting
via
> > Apache, but stand-alone (at least for PureTLS) would also be a nice
feature.
> That's certainly easy to add. I just didn't know what attribute string
> to use since I didn't see it in the Servlet 2.3 spec. Which spec
> is this string defined in?
>
> -Ekr
>
> --
> [Eric Rescorla [EMAIL PROTECTED]]
> http://www.rtfm.com/
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
