Thanks a lot Rodrigo! I will try the second an see what I can come up with.
Thanks again % have a nice weekend, Jan Jan Behrens OFFIS FuE-Bereich Betriebliches Informations- und Wissensmanagement Escherweg 2 - 26121 Oldenburg - Germany Fon: +49 4 41 97 22 - 187 - Fax: +49 4 41 97 22-102 E-mail: [EMAIL PROTECTED] - URL: http://www.offis.de Rodrigo Avila <[EMAIL PROTECTED]> 11.03.2005 11:02 Bitte antworten an "Tomcat Users List" <tomcat-user@jakarta.apache.org> An Tomcat Users List <tomcat-user@jakarta.apache.org> Kopie Thema Re: Re: [OT] How to determine whether a session or request is SSL Sincerily... I don know. But, reading [http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html], I see this tip: "To access the SSL session ID from the request, use: String sslID = (String)request.getAttribute("javax.servlet.request.ssl_session"); " And, in the ServletRequest javadoc [http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/ServletRequest.html#getAttribute(java.lang.String)], I found: "For example, for requests made using HTTPS, the attribute javax.servlet.request.X509Certificate can be used to retrieve information on the certificate of the client." I don't know, but maybe exist more attributes than that. I hope it helps! On Fri, 11 Mar 2005 14:09:18 +0100, Jan Behrens <[EMAIL PROTECTED]> wrote: > Thanks Rodrigo, > > do you know of a way to get the encryption level of the request as well? > (40bit, 128bit, ...) > > TIA Jan > > Jan Behrens > OFFIS > FuE-Bereich Betriebliches Informations- und Wissensmanagement > Escherweg 2 - 26121 Oldenburg - Germany > Fon: +49 4 41 97 22 - 187 - Fax: +49 4 41 97 22-102 > E-mail: [EMAIL PROTECTED] - URL: http://www.offis.de > > Rodrigo Avila <[EMAIL PROTECTED]> > 11.03.2005 09:58 > Bitte antworten an > "Tomcat Users List" <tomcat-user@jakarta.apache.org> > > An > Tomcat Users List <tomcat-user@jakarta.apache.org> > Kopie > > Thema > Re: [OT] How to determine whether a session or request is SSL > > > To know if the user use ssl, try the boolean request.isSecure(). > > On Fri, 11 Mar 2005 13:27:09 +0100, Jan Behrens <[EMAIL PROTECTED]> > wrote: > > Hi list, > > > > I would like to evaluate the current encription status of a users > session > > or request from out of a taglib or servlet. E.g. know whether the user > is > > using https and possibly the encryption strength used... This must be > easy > > (I hope) but I couldn't work out how to so far and wondered whether > > anybody out there could point me into the right direction. > > > > TIA > > > > Jan > > > > Jan Behrens > > OFFIS > > FuE-Bereich Betriebliches Informations- und Wissensmanagement > > Escherweg 2 - 26121 Oldenburg - Germany > > Fon: +49 4 41 97 22 - 187 - Fax: +49 4 41 97 22-102 > > E-mail: [EMAIL PROTECTED] - URL: http://www.offis.de > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > -- > Rodrigo de Avila > [EMAIL PROTECTED] > > http://www.avila.eti.br > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Rodrigo de Avila [EMAIL PROTECTED] http://www.avila.eti.br --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]