|
JavaTM 2 Platform Std. Ed. v1.4.2 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
In SSL, sessions are used to describe an ongoing relationship between
two entities. Each SSL connection involves one session at a time, but
that session may be used on many connections between those entities,
simultaneously or sequentially. The session used on a connection may
also be replaced by a different session. Sessions are created, or
rejoined, as part of the SSL handshaking protocol. Sessions may be
invalidated due to policies affecting security or resource usage,
or by an application explicitly calling invalidate
.
Session management policies are typically used to tune performance.
In addition to the standard session attributes, SSL sessions expose these read-only attributes:
Sessions may be explicitly invalidated. Invalidation may also be done implicitly, when faced with certain kinds of errors.
Method Summary | |
String |
getCipherSuite()
Returns the name of the SSL cipher suite which is used for all connections in the session. |
long |
getCreationTime()
Returns the time at which this Session representation was created, in milliseconds since midnight, January 1, 1970 UTC. |
byte[] |
getId()
Returns the identifier assigned to this Session. |
long |
getLastAccessedTime()
Returns the last time this Session representation was accessed by the session level infrastructure, in milliseconds since midnight, January 1, 1970 UTC. |
Certificate[] |
getLocalCertificates()
Returns the certificate(s) that were sent to the peer during handshaking. |
X509Certificate[] |
getPeerCertificateChain()
Returns the identity of the peer which was identified as part of defining the session. |
Certificate[] |
getPeerCertificates()
Returns the identity of the peer which was established as part of defining the session. |
String |
getPeerHost()
Returns the host name of the peer in this session. |
String |
getProtocol()
Returns the standard name of the protocol used for all connections in the session. |
SSLSessionContext |
getSessionContext()
Returns the context in which this session is bound. |
Object |
getValue(String name)
Returns the object bound to the given name in the session's application layer data. |
String[] |
getValueNames()
Returns an array of the names of all the application layer data objects bound into the Session. |
void |
invalidate()
Invalidates the session. |
void |
putValue(String name,
Object value)
Binds the specified value object into the
session's application layer data
with the given name . |
void |
removeValue(String name)
Removes the object bound to the given name in the session's application layer data. |
Method Detail |
public byte[] getId()
public SSLSessionContext getSessionContext()
This context may be unavailable in some environments, in which case this method returns null.
If the context is available and there is a
security manager installed, the caller may require
permission to access it or a security exception may be thrown.
In a Java 2 environment, the security manager's
checkPermission
method is called with a
SSLPermission("getSSLSessionContext")
permission.
public long getCreationTime()
public long getLastAccessedTime()
Access indicates a new connection being established using session data. Application level operations, such as getting or setting a value associated with the session, are not reflected in this access time.
This information is particularly useful in session management policies. For example, a session manager thread could leave all sessions in a given context which haven't been used in a long time; or, the sessions might be sorted according to age to optimize some task.
public void invalidate()
Future connections will not be able to resume or join this session. However, any existing connection using this session can continue to use the session until the connection is closed.
public void putValue(String name, Object value)
value
object into the
session's application layer data
with the given name
.
Any existing binding using the same name
is
replaced. If the new (or existing) value
implements the
SSLSessionBindingListener
interface, the object
represented by value
is notified appropriately.
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name to which the data object will be bound.
This may not be null.value
- the data object to be bound. This may not be null.
IllegalArgumentException
- if either argument is null.public Object getValue(String name)
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name of the binding to find.
IllegalArgumentException
- if the argument is null.public void removeValue(String name)
SessionBindingListener
interface,
it is notified appropriately.
For security reasons, the same named values may not be visible across different access control contexts.
name
- the name of the object to remove visible
across different access control contexts
IllegalArgumentException
- if the argument is null.public String[] getValueNames()
For security reasons, the same named values may not be visible across different access control contexts.
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException
SSLPeerUnverifiedException
- if the peer's identity has not
been verifiedpublic Certificate[] getLocalCertificates()
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException
Note: this method exists for compatibility with previous
releases. New applications should use
getPeerCertificates()
instead.
X509Certificate
format.)
SSLPeerUnverifiedException
- if the peer's identity
has not been verifiedpublic String getCipherSuite()
This defines the level of protection provided to the data sent on the connection, including the kind of encryption used and most aspects of how authentication is done.
public String getProtocol()
This defines the protocol used in the connection.
public String getPeerHost()
For the server, this is the client's host; and for the client, it is the server's host. The name may not be a fully qualified host name or even a host name at all as it may represent a string encoding of the peer's network address. If such a name is desired, it might be resolved through a name service based on the value returned by this method.
This value is not authenticated and should not be relied upon.
|
JavaTM 2 Platform Std. Ed. v1.4.2 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright © 2003, 2010 Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.