----- Original Message ----- From: "Bill Barker" <[EMAIL PROTECTED]> To: "Tomcat Developers List" <[EMAIL PROTECTED]> Sent: Friday, November 22, 2002 11:34 PM Subject: Re: cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/jk/server JkCoyoteHandler.java
> > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, November 22, 2002 10:34 PM > Subject: cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/jk/server > JkCoyoteHandler.java > > > > hgomez 2002/11/22 22:34:48 > > > > Modified: jk/java/org/apache/jk/common HandlerRequest.java > > jk/java/org/apache/jk/server JkCoyoteHandler.java > > Log: > > Fix null getRemoteHost. > > Lasy extraction of ssl certs to speed up jk/ajp13 when under SSL > > > > Revision Changes Path > > 1.18 +6 -24 > jakarta-tomcat-connectors/jk/java/org/apache/jk/common/HandlerRequest.java > > > > Index: HandlerRequest.java > > > + // SSL certificate extraction is costy, moved to JkCoyoteHandler > > + req.setAttribute(SSLSupport.CERTIFICATE_KEY, > certString); > > break; > > As much as I very much like the switch to constants, this is still wrong. > As far back as the Servlet 2.2 spec (aka Tomat 3.3) this is required to be a > java.security.cert.X509Certificate []. I'll have to -1 this section of the > patch because of this, but the rest looks really good! > Urm, it's actually worse than that. The 2.2 spec requires a single java.security.cert.X509Certificate, the 2.3 & 2.4 specs (more intelligently) require the entire chain via java.security.cert.X509Certificate []. Don't you just love the JCP? ;-) > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
