cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves CertificatesValve.java

[cr...@locus.apache.org]

craigmcc    00/10/13 12:27:36

  Modified:    catalina/src/share/org/apache/catalina Globals.java
               catalina/src/share/org/apache/catalina/valves
                        CertificatesValve.java
  Log:
  When running on an SSL connection, expose the cipher suite and key size
  currently in use as request attributes.
  
  FIXME:  There does not appear to be a way to ask JSSE what the key size
  is???
  
  Revision  Changes    Path
  1.11      +21 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java
  
  Index: Globals.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- Globals.java	2000/10/13 05:25:06	1.10
  +++ Globals.java	2000/10/13 19:27:33	1.11
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v 1.10 2000/10/13 05:25:06 craigmcc Exp $
  - * $Revision: 1.10 $
  - * $Date: 2000/10/13 05:25:06 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v 1.11 2000/10/13 19:27:33 craigmcc Exp $
  + * $Revision: 1.11 $
  + * $Date: 2000/10/13 19:27:33 $
    *
    * ====================================================================
    *
  @@ -69,7 +69,7 @@
    * Global constants that are applicable to multiple packages within Catalina.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.10 $ $Date: 2000/10/13 05:25:06 $
  + * @version $Revision: 1.11 $ $Date: 2000/10/13 19:27:33 $
    */
   
   public final class Globals {
  @@ -85,6 +85,15 @@
   
   
       /**
  +     * The request attribute under which we store the name of the cipher suite
  +     * being used on an SSL connection (as an object of type
  +     * java.lang.String).
  +     */
  +    public static final String CIPHER_SUITE_ATTR =
  +        "javax.servlet.request.cipher_suite";
  +
  +
  +    /**
        * The servlet context attribute under which we store the class loader
        * used for loading servlets (as an object of type java.lang.ClassLoader).
        */
  @@ -131,6 +140,14 @@
        */
       public static final String ERROR_MESSAGE_ATTR =
   	"javax.servlet.error.message";
  +
  +
  +    /**
  +     * The request attribute under which we store the key size being used for
  +     * this SSL connection (as an object of type java.lang.Integer).
  +     */
  +    public static final String KEY_SIZE_ATTR =
  +        "javax.servlet.request.key_size";
   
   
       /**
  
  
  
  1.3       +19 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java
  
  Index: CertificatesValve.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- CertificatesValve.java	2000/09/20 06:05:34	1.2
  +++ CertificatesValve.java	2000/10/13 19:27:35	1.3
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v 1.2 2000/09/20 06:05:34 craigmcc Exp $
  - * $Revision: 1.2 $
  - * $Date: 2000/09/20 06:05:34 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v 1.3 2000/10/13 19:27:35 craigmcc Exp $
  + * $Revision: 1.3 $
  + * $Date: 2000/10/13 19:27:35 $
    *
    * ====================================================================
    *
  @@ -86,9 +86,14 @@
    * request is an SSLSocket or not.  If it is, and if the client has presented
    * a certificate chain to authenticate itself, the array of certificates is
    * exposed as a request attribute.
  + * <p>
  + * In addition, this Valve exposes the cipher suite and key size being used
  + * on this SSL connection as request attributes.  Although this function is
  + * unrelated to certificates, the two tasks have been combined here to minimize
  + * the amount of code that has to check for the existence of JSSE classes.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.2 $ $Date: 2000/09/20 06:05:34 $
  + * @version $Revision: 1.3 $ $Date: 2000/10/13 19:27:35 $
    */
   
   public final class CertificatesValve
  @@ -176,6 +181,16 @@
           SSLSession session = socket.getSession();
           if (session == null)
               return;
  +
  +        // Expose the cipher suite and key size
  +        String cipherSuite = session.getCipherSuite();
  +        int keySize = 0;      // FIXME - no way to look it up?????
  +        if (cipherSuite != null) {
  +            request.getRequest().setAttribute(Globals.CIPHER_SUITE_ATTR,
  +                                              cipherSuite);
  +            request.getRequest().setAttribute(Globals.KEY_SIZE_ATTR,
  +                                              new Integer(keySize));
  +        }
   
   	// If we have cached certificates, return them
   	Object cached = session.getValue(Globals.CERTIFICATES_ATTR);