You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Mark A. Claassen" <MC...@ocie.net> on 2018/03/16 19:14:55 UTC
Request attributes
I recently discovered some request attributes that I was curious about. Are these accurate across all connectors? Or are these the defaults for using something like the NIO connector?
Specifically in my case, I am using the APR connector and openSSL.
Example:
--------
Attribute 'org.apache.tomcat.util.net.secure_protocol_version' = 'TLSv1.2'
Attribute 'javax.servlet.request.key_size' = '256'
Attribute 'javax.servlet.request.cipher_suite' = 'ECDHE-RSA-AES256-GCM-SHA384'
Thanks,
Mark Claassen
Senior Software Engineer
Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN 46601
E-mail: mailto:mclaassen@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014
Disclaimer:
The opinions provided herein do not necessarily state or reflect
those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and
assumes no legal liability or responsibility for the posting.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Request attributes
Posted by Mark Thomas <ma...@apache.org>.
On 16/03/18 19:14, Mark A. Claassen wrote:
> I recently discovered some request attributes that I was curious about. Are these accurate across all connectors? Or are these the defaults for using something like the NIO connector?
> Specifically in my case, I am using the APR connector and openSSL.
>
> Example:
> --------
>
> Attribute 'org.apache.tomcat.util.net.secure_protocol_version' = 'TLSv1.2'
> Attribute 'javax.servlet.request.key_size' = '256'
> Attribute 'javax.servlet.request.cipher_suite' = 'ECDHE-RSA-AES256-GCM-SHA384'
If they are present, they will be correct. They are supported by all TLS
connectors (so they should be present for all secure connections).
Mark
>
> Thanks,
>
> Mark Claassen
> Senior Software Engineer
>
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN 46601
> E-mail: mailto:mclaassen@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>
> Disclaimer:
> The opinions provided herein do not necessarily state or reflect
> those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and
> assumes no legal liability or responsibility for the posting.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Request attributes
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark,
On 3/16/18 3:14 PM, Mark A. Claassen wrote:
> I recently discovered some request attributes that I was curious
> about. Are these accurate across all connectors? Or are these the
> defaults for using something like the NIO connector? Specifically
> in my case, I am using the APR connector and openSSL.
>
> Example: --------
>
> Attribute 'org.apache.tomcat.util.net.secure_protocol_version' =
> 'TLSv1.2' Attribute 'javax.servlet.request.key_size' = '256'
> Attribute 'javax.servlet.request.cipher_suite' =
> 'ECDHE-RSA-AES256-GCM-SHA384'
Of those 3, the second and third are defined by the servlet
specification (hence their namespaced attribute key names). The first
of those is something I've been trying to get into the spec[1] but so
far it has been ignored. :(
I'd love some +1 votes on that issue if anyone would be willing to
login and give a +1.
Because it is not spec-defined, it has a Tomcat-scoped attribute key.
I the future, I hope that the Tomcat-specific key will be replaced
(probably not actually replaced, but just repeated) by a spec-defined
request attribute key.
- -chris
[1] https://github.com/javaee/servlet-spec/issues/130
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqtkOcACgkQHPApP6U8
pFgz+BAAqAIvZw2y70oJSKIzCBMTvFuGiZAxgculNu8tmDpoESf3dcH9wPKYp5lp
OUgNH4E+8xsz1IPkMegGXdF5IUrjKe1ArWxoTfqLhHDeWjavuxGiDkMalA1zkB9Z
4gH6e3fFcdYKK+KvFXIP/TUYf5ojRwStsKhqTXuL6R6rY5SDULqRGSoYEf2qYwl0
mT0qWYQHy3FK70A0l0HN8Z5FOaon6guHVZJ31VEsVlHZ+Xm0Q59znvPZvVgE9gI3
CFpub3x8jyZdnSOu2H0Rnd74lfDVJR8hTifUbVu0UsGtfzTeOd6RvdTc+CFBvUoz
tJhO6qrEZLER29KkvxWRgEU8qo4a0bN06BFnmws5+uX/GiDkJ8RTIjKok1P2Jw3b
5PrKxl/CIPo318aFh6lrDZ1azYQtySpvReOrcraVDA9njgxkw7ViI384K1w/e8lx
H/w1N3BfHae3rVow/CvX6HonFtC4g9OPx4STk9C5upt1Z+9JNMS4GGcSLLRNdkkL
0c6w1tvZVcYOR28XIVHUedCg3L0Z5x9CQEsYh60fIujEhBD74DM5cghZ4rKHVEnp
uNvxm7FY/r0PHUpg954SbJrh/5hbS7ot0jQW+25X6H3GCrCWJKkGSqQ0LI42xYOC
U5dun25mNt2+hKHxADj/UTDGbRgPHEld2jRLjtW66Z/NdcF4MEQ=
=PNJX
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org