RE: Re:Access to HttpSession from Restlet ...
Hi Stefan,
why do you want to access the session id? The architectural style REST forbid
server session state.
If you want to comply to the REST architecture, than you must not use it. Or do
you want explicit ignore this restriction?
best regards
Stephan
-Ursprüngliche Nachricht-
Von: Stefan Meissner
Gesendet: 24.02.2010 17:10:42
An: discuss@restlet.tigris.org
Betreff: RE: Re:Access to HttpSession from Restlet ...
OK, does the same constraint apply for SSL sessions?
Is it possible to get the SSL session IDs using Simple HTTPS server connector?
Can the SSLSessionContext IDs be used in the same way as in servlet API like
this:
String sslID =
(String)request.getAttribute(javax.servlet.request.ssl_session);
What I did so far:
Server server = component.getServers().add(Protocol.HTTPS, 8183);
SeriesParameter param = server.getContext().getParameters();
param.add(keystorePath, ./mySrvKeystore);
param.add(keystorePassword, 123456);
HttpsServerHelper helper = new HttpsServerHelper(server);
SSLContext sslContext;
try {
helper.start();
sslContext = helper.getSslContext();
Enumeration sessionIDs = sslcontext.getServerSessionContext().getIds();
component.getDefaultHost().attach(new FilterApplication(sslContext));
// Start the component.
component.start();
} catch (Exception e) {
e.printStackTrace();
}
I also called the getIds() method inside the FilterApplication (beforeHandle),
but in most of the cases there is no session ID present upon request. And if
there is one ID it contains weird characters such as the follwing
session ID: K?7?%?[?s?#1GGb?2???^?a??
I've tried several charsets using:
String sID = new String(id,UTF-8);
but I never get a better representation of the ID.
Can someone please give me a clue what I'm doing wrong.
Best regards
Stefan
___
WEB.DE DSL: Internet, Telefon und Entertainment für nur 19,99 EUR/mtl.!
http://produkte.web.de/go/02/
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451613
RE: Re:Access to HttpSession from Restlet ...
OK, does the same constraint apply for SSL sessions?
Is it possible to get the SSL session IDs using Simple HTTPS server connector?
Can the SSLSessionContext IDs be used in the same way as in servlet API like
this:
String sslID =
(String)request.getAttribute(javax.servlet.request.ssl_session);
What I did so far:
Server server = component.getServers().add(Protocol.HTTPS, 8183);
SeriesParameter param = server.getContext().getParameters();
param.add(keystorePath, ./mySrvKeystore);
param.add(keystorePassword, 123456);
HttpsServerHelper helper = new HttpsServerHelper(server);
SSLContext sslContext;
try {
helper.start();
sslContext = helper.getSslContext();
Enumerationbyte[] sessionIDs = sslcontext.getServerSessionContext().getIds();
component.getDefaultHost().attach(new FilterApplication(sslContext));
// Start the component.
component.start();
} catch (Exception e) {
e.printStackTrace();
}
I also called the getIds() method inside the FilterApplication (beforeHandle),
but in most of the cases there is no session ID present upon request. And if
there is one ID it contains weird characters such as the follwing
session ID: K?7?%?[?s?#1GGb?2???^?a??
I've tried several charsets using:
String sID = new String(id,UTF-8);
but I never get a better representation of the ID.
Can someone please give me a clue what I'm doing wrong.
Best regards
Stefan
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451596
RE: Re:Access to HttpSession from Restlet ...
Is it possible to get the SSL session IDs using Simple HTTPS server connector?
Can the SSLSessionContext IDs be used in the same way as in servlet API like
this:
String sslID =
(String)request.getAttribute(javax.servlet.request.ssl_session);
What I did so far:
Server server = component.getServers().add(Protocol.HTTPS, 8183);
SeriesParameter param = server.getContext().getParameters();
param.add(keystorePath, ./mySrvKeystore);
param.add(keystorePassword, 123456);
HttpsServerHelper helper = new HttpsServerHelper(server);
SSLContext sslContext;
try {
helper.start();
sslContext = helper.getSslContext();
Enumerationbyte[] sessionIDs = sslcontext.getServerSessionContext().getIds();
component.getDefaultHost().attach(new FilterApplication(sslContext));
// Start the component.
component.start();
} catch (Exception e) {
e.printStackTrace();
}
I also called the getIds() method inside the FilterApplication (beforeHandle),
but in most of the cases there is no session ID present upon request. And if
there is one ID it contains weird characters such as the follwing
session ID: K?7?%?[?s?#1GGb?2???^?a??
I've tried several charsets using:
String sID = new String(id,UTF-8);
but I never get a better representation of the ID.
Can someone please give me a clue what I'm doing wrong.
Best regards
Stefan
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451587
RE: Re:Access to HttpSession from Restlet ...
Hi Stephan, the use of SSL ID is required in the project I am working on. But as you said, REST might be not the right choice for the implementation then. thanks for your reply Stefan -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2451664
