Hi!
>> javax.net.ssl.SSLSession sslSession = (javax.net.ssl.SSLSession)
>> request.getAttribute("javax.net.ssl.session");
>> byte[] sslId = sslSession.getId()
>>
>> Will do the trick.
>>
>
> Actually, no. This will just result in an NPE :). And, if you think about
> it, if Apache is handling the SSL traffic, then there would be no way to get
> this.
>
> What does work is:
> String sslid =
> (String)request.getAttribute("javax.servlet.request.ssl_session");
>
> This will give you the SSL Session-ID even if you are fronting with Apache
> (Apache passes it to Tomcat). However, be warned that this is a
> Tomcat-specific feature: It won't work if you try and port your app to
> another Servlet Container.
Thanks for warning...
Bye,
Mike
--
Michael Decker [EMAIL PROTECTED]
TESIS SYSware GmbH http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
