|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
In SSL, sessions are used to describe an ongoing relationship between two entities. Each SSL connection involves one session at a time, but that session may be used on many connections between those entities, simultaneously or sequentially. The session used on a connection may also be replaced by a different session. Sessions are created, or rejoined, as part of the SSL handshaking protocol. Sessions may be invalidated due to policies affecting security or resource usage. Session management policies are typically used to tune performance.
In addition to the standard session attributes, SSL sessions expose these read-only attributes: * Peer Identity. Sessions are between a particular client and a particular server. The identity of the peer may have been established as part of session setup. Peers are identified by X.509 certificate chains. * Cipher Suite Name. Cipher suites describe the kind of cryptographic protection that's used by connections in a particular session. * Peer Host. All connections in a session are between the same two hosts. The address of the host on the other side of the connection is available.
Sessions may be explicitly invalidated. Invalidation may also be done implicitly, when faced with certain kinds of errors.
Method Summary | |
String |
getCipherSuite()
Returns the name of the SSL cipher suite which is used for all connections in the session. |
long |
getCreationTime()
Returns the time at which this Session representation was created, in milliseconds since midnight, January 1, 1970 UTC. |
byte[] |
getId()
Returns the identifier assigned to this Session. |
long |
getLastAccessedTime()
Returns the last time this Session representation was accessed by the session level infrastructure, in milliseconds since midnight, January 1, 1970 UTC. |
X509Certificate[] |
getPeerCertificateChain()
Return the cert chain presented by the peer. |
String |
getPeerHost()
Returns the host name of the peer in this session. |
SSLSessionContext |
getSessionContext()
Returns the context in which this session is bound. |
Object |
getValue(String name)
Returns the object bound to the given name in the session's application layer data. |
String[] |
getValueNames()
Returns an array of the names of all the application layer data objects bound into the Session. |
void |
invalidate()
Invalidates the session. |
void |
putValue(String name,
Object value)
Binds the specified object into the session's application layer data with the given name. |
void |
removeValue(String name)
Removes the object bound to the given name in the session's application layer data. |
Method Detail |
public byte[] getId()
public SSLSessionContext getSessionContext()
If the context is available and there is a security manager installed, the caller may require permission to access it or a security exception may be thrown. In a Java 2 environment, the security manager's checkPermission method is called with a NetPermission("getSSLSessionContext") permission.
public long getCreationTime()
public long getLastAccessedTime()
This information is particularly useful in session management policies. For example, a session manager thread could leave all sessions in a given context which haven't been used in a long time; or, the sessions might be sorted according to age to optimize some task.
public void invalidate()
public void putValue(String name, Object value)
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name to which the data object will be bound.
This may not be null.value
- the data object to be bound. This may not be null.public Object getValue(String name)
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name of the binding to find.public void removeValue(String name)
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name of the object to removepublic String[] getValueNames()
For security reasons, the same named values may not be visible across different access control contexts.
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException
public String getCipherSuite()
public String getPeerHost()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |