RE: Re:Access to HttpSession from Restlet ...
Hi Stefan, why do you want to access the session id? The architectural style REST forbid server session state. If you want to comply to the REST architecture, than you must not use it. Or do you want explicit ignore this restriction? best regards Stephan -Ursprüngliche Nachricht- Von: Stefan Meissner Gesendet: 24.02.2010 17:10:42 An: discuss@restlet.tigris.org Betreff: RE: Re:Access to HttpSession from Restlet ... OK, does the same constraint apply for SSL sessions? Is it possible to get the SSL session IDs using Simple HTTPS server connector? Can the SSLSessionContext IDs be used in the same way as in servlet API like this: String sslID = (String)request.getAttribute(javax.servlet.request.ssl_session); What I did so far: Server server = component.getServers().add(Protocol.HTTPS, 8183); SeriesParameter param = server.getContext().getParameters(); param.add(keystorePath, ./mySrvKeystore); param.add(keystorePassword, 123456); HttpsServerHelper helper = new HttpsServerHelper(server); SSLContext sslContext; try { helper.start(); sslContext = helper.getSslContext(); Enumeration sessionIDs = sslcontext.getServerSessionContext().getIds(); component.getDefaultHost().attach(new FilterApplication(sslContext)); // Start the component. component.start(); } catch (Exception e) { e.printStackTrace(); } I also called the getIds() method inside the FilterApplication (beforeHandle), but in most of the cases there is no session ID present upon request. And if there is one ID it contains weird characters such as the follwing session ID: K?7?%?[?s?#1GGb?2???^?a?? I've tried several charsets using: String sID = new String(id,UTF-8); but I never get a better representation of the ID. Can someone please give me a clue what I'm doing wrong. Best regards Stefan ___ WEB.DE DSL: Internet, Telefon und Entertainment für nur 19,99 EUR/mtl.! http://produkte.web.de/go/02/ -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451613
RE: Re:Access to HttpSession from Restlet ...
OK, does the same constraint apply for SSL sessions? Is it possible to get the SSL session IDs using Simple HTTPS server connector? Can the SSLSessionContext IDs be used in the same way as in servlet API like this: String sslID = (String)request.getAttribute(javax.servlet.request.ssl_session); What I did so far: Server server = component.getServers().add(Protocol.HTTPS, 8183); SeriesParameter param = server.getContext().getParameters(); param.add(keystorePath, ./mySrvKeystore); param.add(keystorePassword, 123456); HttpsServerHelper helper = new HttpsServerHelper(server); SSLContext sslContext; try { helper.start(); sslContext = helper.getSslContext(); Enumerationbyte[] sessionIDs = sslcontext.getServerSessionContext().getIds(); component.getDefaultHost().attach(new FilterApplication(sslContext)); // Start the component. component.start(); } catch (Exception e) { e.printStackTrace(); } I also called the getIds() method inside the FilterApplication (beforeHandle), but in most of the cases there is no session ID present upon request. And if there is one ID it contains weird characters such as the follwing session ID: K?7?%?[?s?#1GGb?2???^?a?? I've tried several charsets using: String sID = new String(id,UTF-8); but I never get a better representation of the ID. Can someone please give me a clue what I'm doing wrong. Best regards Stefan -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451596
RE: Re:Access to HttpSession from Restlet ...
Is it possible to get the SSL session IDs using Simple HTTPS server connector? Can the SSLSessionContext IDs be used in the same way as in servlet API like this: String sslID = (String)request.getAttribute(javax.servlet.request.ssl_session); What I did so far: Server server = component.getServers().add(Protocol.HTTPS, 8183); SeriesParameter param = server.getContext().getParameters(); param.add(keystorePath, ./mySrvKeystore); param.add(keystorePassword, 123456); HttpsServerHelper helper = new HttpsServerHelper(server); SSLContext sslContext; try { helper.start(); sslContext = helper.getSslContext(); Enumerationbyte[] sessionIDs = sslcontext.getServerSessionContext().getIds(); component.getDefaultHost().attach(new FilterApplication(sslContext)); // Start the component. component.start(); } catch (Exception e) { e.printStackTrace(); } I also called the getIds() method inside the FilterApplication (beforeHandle), but in most of the cases there is no session ID present upon request. And if there is one ID it contains weird characters such as the follwing session ID: K?7?%?[?s?#1GGb?2???^?a?? I've tried several charsets using: String sID = new String(id,UTF-8); but I never get a better representation of the ID. Can someone please give me a clue what I'm doing wrong. Best regards Stefan -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451587
RE: Re:Access to HttpSession from Restlet ...
Hi Stephan, the use of SSL ID is required in the project I am working on. But as you said, REST might be not the right choice for the implementation then. thanks for your reply Stefan -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451664