Servlet 3 introduced a standard attribute for this.
Support both, deprecating the custom attribute.
git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@
1166686 13f79535-47bb-0310-9956-
ffa450edef68
* for this SSL connection (as an object of type java.lang.String).
*/
public static final String SSL_SESSION_ID_ATTR =
+ "javax.servlet.request.ssl_session_id";
+ /**
+ * Tomcat specific attribute as used in Tomcat 6.
+ * @deprecated
+ */
+ @Deprecated
+ public static final String SSL_SESSION_ID_TOMCAT_ATTR =
"javax.servlet.request.ssl_session";
-
/**
* The request attribute key for the session manager.
* This one is a Tomcat extension to the Servlet spec.
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_ID_ATTR);
if(attr != null) {
attributes.put(Globals.SSL_SESSION_ID_ATTR, attr);
+ attributes.put(Globals.SSL_SESSION_ID_TOMCAT_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_MGR_ATTR);
if(attr != null) {
Globals.CIPHER_SUITE_ATTR.equals(name) ||
Globals.KEY_SIZE_ATTR.equals(name) ||
Globals.SSL_SESSION_ID_ATTR.equals(name) ||
+ Globals.SSL_SESSION_ID_TOMCAT_ATTR.equals(name) ||
Globals.SSL_SESSION_MGR_ATTR.equals(name);
}
* <li>{@link Globals#CIPHER_SUITE_ATTR} (SSL connections only)</li>
* <li>{@link Globals#KEY_SIZE_ATTR} (SSL connections only)</li>
* <li>{@link Globals#SSL_SESSION_ID_ATTR} (SSL connections only)</li>
+ * <li>{@link Globals#SSL_SESSION_ID_TOMCAT_ATTR} (SSL connections only)
+ * </li>
* <li>{@link Globals#SSL_SESSION_MGR_ATTR} (SSL connections only)</li>
* </ul>
* The underlying connector may also expose request attributes. These all
strcert0 = mygetHeader(request, "ssl_session_id");
if (strcert0 != null) {
request.setAttribute(Globals.SSL_SESSION_ID_ATTR, strcert0);
+ request.setAttribute(Globals.SSL_SESSION_ID_TOMCAT_ATTR, strcert0);
}
strcert0 = mygetHeader(request, "ssl_cipher_usekeysize");
if (strcert0 != null) {
* This one is a Tomcat extension to the Servlet spec.
*/
public static final String SESSION_ID_KEY =
- "javax.servlet.request.ssl_session";
+ "javax.servlet.request.ssl_session_id";
/**
* The request attribute key for the session manager.
<p>To access the SSL session ID from the request, use:<br />
<code>
- String sslID = (String)request.getAttribute("javax.servlet.request.ssl_session");
+ String sslID = (String)request.getAttribute("javax.servlet.request.ssl_session_id");
</code>
<br />
For additional discussion on this area, please see
projects / tomcat7.0 / commitdiff