Re: SSLSession invalidate

2011-09-15 Thread Henry Story
> >>> If you are using IE and you want to clear the browser cache to select >>> another certificate, go to Tools->Internet Options, select Content tab, and >>> click Clear SSL state. >>> >>> -Original Message- >>> From: users-return

Re: SSLSession invalidate

2011-09-15 Thread Henry Story
227483-STEVEN.J.ADAMUS=saic@tomcat.apache.org > [mailto:users-return-227483-STEVEN.J.ADAMUS=saic@tomcat.apache.org] On > Behalf Of Jürgen Jakobitsch > Sent: Tuesday, September 06, 2011 3:12 PM > To: Tomcat Users List > Subject: Re: SSLSession invalidate > > thanks mark, > >

RE: SSLSession invalidate

2011-09-06 Thread Adamus, Steven J.
ent: Tuesday, September 06, 2011 3:12 PM To: Tomcat Users List Subject: Re: SSLSession invalidate thanks mark, if i understand you correct, it is simply NOT possible to invalidate the SSLSession of which i can get the id with request.getAttribute("javax.servlet.request.ssl_session")

Re: SSLSession invalidate

2011-09-06 Thread Jürgen Jakobitsch
ark Thomas" To: "Tomcat Users List" Sent: Wednesday, September 7, 2011 12:08:29 AM Subject: Re: SSLSession invalidate On 06/09/2011 22:42, Jürgen Jakobitsch wrote: > apparently there is one, i can get it's id with > request.getAttribute("javax.servlet.request.ss

Re: SSLSession invalidate

2011-09-06 Thread Mark Thomas
On 06/09/2011 22:42, Jürgen Jakobitsch wrote: > apparently there is one, i can get it's id with > request.getAttribute("javax.servlet.request.ssl_session") That is a Tomcat bug it should be javax.servlet.request.ssl_session_id > in tomcat7 there's the possibility to use SSLSessionManager to inva

Re: SSLSession invalidate

2011-09-06 Thread Jürgen Jakobitsch
re you asked : i don't want to switch to tomcat7 for this but need it get done in tomcat-6.0.32 any help really appreciated wkr turnguard - Original Message - From: "baran topal" To: "Tomcat Users List" Sent: Tuesday, September 6, 2011 10:57:17 PM Subject: Re

Re: SSLSession invalidate

2011-09-06 Thread baran topal
Greetings from Stockholm, this is Baran Topal. As i was drinking my Guiness, i find your question interesting :) Here you go: <% HttpSession s = request.getSession(false); if (s != null) s.invalidate(); %> Inform me whether this is working or not :) Regards. On 6 sep 2011, at 22:09, Chema wr

Re: SSLSession invalidate

2011-09-06 Thread Chema
> how can access the SSLSession in a jsp or a servlet > to be able to invalidate it. Sorry, but is there any difference between to invalidate a HTTP Session and a SSLSession ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.

SSLSession invalidate

2011-09-06 Thread Jürgen Jakobitsch
hi, i'm pretty sure, this question has been asked a thouthand times, but i didn't find an answer : how can access the SSLSession in a jsp or a servlet to be able to invalidate it. any pointer really appreciated wkr www.turnguard.com/turnguard -- | Jürgen Jakobitsch, | Software Developer | Seman