I was thinking of moving it to Http10Interceptor.getInfo, but otherwise that
was more or less what I was thinking.
----- Original Message -----
From: "jean-frederic clere" <[EMAIL PROTECTED]>
To: "Tomcat Developers List" <[EMAIL PROTECTED]>
Sent: Friday, November 16, 2001 3:10 AM
Subject: Re: Portable SSL Support
> [EMAIL PROTECTED] wrote:
> >
> > On 14 Nov 2001, Eric Rescorla wrote:
> >
> > > Well, I suppose that since JDK 1.1.x didn't stop you from putting
> > > classes in java. I could do my own version of
> > > java.security.cert.X509Certificate. A little gross but perhaps
> > > the best plan. The alternative is to blatantly violate the spec
> > > in 1.1 and just deliver something else.
> >
> > I would say - don't worry about JDK1.1. Support for JDK1.1 is important
> > for embeded devices ( but even there, GCJ does have X509Certificate - it
> > already supports a large subset of JDK1.2, and that's included ).
> >
> > > > > > You have to use request.getAttribute() in the JSPs/servlets.
> > > > > Right, but that doesn't mean that we have to expose the SSLSupport
> > > > > interface. Instead we could break out each individual property
> > > > > we cared about into it's own attribute.
> > > >
> > > > To be consistant with 2.3 containers, I'd go with individually named
> > > > attributes.
> >
> > > Fine with me. Anyone object to this?
> >
> > Individual attributes are good, but if possible with lazy evaluation.
> >
> > The getInfo() callback in BaseInterceptor is supposed to do exactly
that -
> > allow you to lazy-evaluate expensive request fields, so only servlets
that
> > ask for the information will pay for it.
>
> In TC3.3:
> We have the following in Http10Interceptor.java:
>
> +++
> public Object getAttribute(String name) {
> if (name.equals("javax.servlet.request.X509Certificate")) {
> return(certcompat.getX509Certificates(socket));
> }
> return(super.getAttribute(name));
> }
> +++
>
> A note stored via request.setNote("SSLSupport",SSLSupport) somewhere in
> retrieved by getNote.
> The code ends to be:
> +++
> public Object getAttribute(String name) {
> if (name.equals("javax.servlet.request.X509Certificate")) {
> SSLSupport sslsupport = getNote("SSLSupport");
> if (sslsupport==null)
> return(null);
> return(sslsupport.getX509Certificates(socket));
> }
> return(super.getAttribute(name));
> }
> +++
> Ideas?
>
> >
> > Costin
> >
> > --
> > To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
>
*----*
This message is intended only for the use of the person(s) listed above
as the intended recipient(s), and may contain information that is
PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient,
you may not read, copy, or distribute this message or any attachment.
If you received this communication in error, please notify us immediately
by e-mail and then delete all copies of this message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent
through the Internet is not secure. Do not send confidential or sensitive
information, such as social security numbers, account numbers, personal
identification numbers and passwords, to us via ordinary (unencrypted)
e-mail.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
