On 06/09/2011 22:42, Jürgen Jakobitsch wrote:
> apparently there is one, i can get it's id with 
> request.getAttribute("javax.servlet.request.ssl_session")

That is a Tomcat bug it should be javax.servlet.request.ssl_session_id

> in tomcat7 there's the possibility to use SSLSessionManager to invalidate 
> SSLSession, so i'm doing a
> wild guess, that something similar has to be possible with tomcat6 as well.

Your wild guess is wrong. That feature is in Tomcat 7 onwards.


To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to