"Christian Andersson" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I'm sorry that I'm asking this directly without havinge done that much
> research on this matter, but I'm hard pressed on time, and I'm currently
> traveling so I have a very limited access to the net.
>
> my question is as follows
>
> I have an webapplication that the users are connecting to via https.
> IS it possble for this webappto get information about the encryption
> protocol (ssl2/ssl3/tls/etc...) and algoritms
> (TLS_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_SHA/etc) used?
>
String cipher =
(String)request.getAttribute("javax.servlet.request.cipher_suite");
is probably what you are looking for.
> I'm currently looking at securing a website with different grades of
> security depending on the type of connection (for example you need RSA
> with 256bit key to access some parts but other parts you only need
> 3DES), so the the less secure connection, the less information/options
> will be provided.
>
>
>
> --
> Christian Andersson - [EMAIL PROTECTED]
>
> Configuration and Collaboration for OpenOffice.org
> Open Framework Systems AS http://www.ofs.no
>
>
--------------------------------------------------------------------------------
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
