-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marc,
On 5/24/2011 5:20 PM, Christopher Schultz wrote: > On 5/24/2011 4:59 PM, Christopher Schultz wrote: >> Instead, they are stored in the request /attributes/. > > Specifically, these: > > javax.servlet.request.cipher_suite - as a String > javax.servlet.request.key_size - as an Integer > javax.servlet.request.ssl_session - as a String The above are specified as part of the Servlet 3.0 Specification under section 3.8. Not shown above (because I wasn't using a client certificate for testing) is "javax.servlet.request.X509Certificate" which is of type java.security.cert.X509Certificate[] (note the array type). > I would have expected JkExtractSSL On (which is the default) to > pre-populate a series of SSL-oriented attributes similar to the list > found at http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#envvars but > that doesn't appear to be the case Looking at the mod_jk code, it appears that the only variables that are included by using JkExtractSSL are those shown above. If you want more, you'll have to use JkEnvVar. I can confirm that "JkEnvVar SSL_PROTOCOL" will result in request.getAttribute("SSL_PROTOCOL") returning "TLSv1" or whatever secure protocol is in use for the current request. Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3cJSkACgkQ9CaO5/Lv0PDBaACgjr4EKI49IyBMyObzwUHHFStm VGEAnj2Yxu99GrYC+qvbIPfoSGcjXc+o =FrAY -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org