DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22679>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22679 how to access ssl session ID out of tomcat Summary: how to access ssl session ID out of tomcat Product: Tomcat 4 Version: 4.1.24 Platform: All URL: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl- howto.html OS/Version: Other Status: NEW Severity: Enhancement Priority: Other Component: Connector:Coyote HTTP/1.1 AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] hi, I am using the tomcat SSL engine. In order to avoid session fixation attacks (see more on that in http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22649), I would like to put the SSL session ID into my jsessionid. RFE: enhance the "SSL ho wto" description at the above URL with a section on how to do this. P.S.: I am aware that this possibly reduces the availability of my application as per http://groups.yahoo.com/group/jetty-support/message/2085 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
