On 06/09/2011 22:42, Jürgen Jakobitsch wrote:
> apparently there is one, i can get it's id with
> request.getAttribute("javax.servlet.request.ssl_session")
That is a Tomcat bug it should be javax.servlet.request.ssl_session_id
> in tomcat7 there's the possibility to use SSLSessionManager to invalidate
> SSLSession, so i'm doing a
> wild guess, that something similar has to be possible with tomcat6 as well.
Your wild guess is wrong. That feature is in Tomcat 7 onwards.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
