You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@locus.apache.org on 2000/10/13 21:27:37 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves CertificatesValve.java
craigmcc 00/10/13 12:27:36
Modified: catalina/src/share/org/apache/catalina Globals.java
catalina/src/share/org/apache/catalina/valves
CertificatesValve.java
Log:
When running on an SSL connection, expose the cipher suite and key size
currently in use as request attributes.
FIXME: There does not appear to be a way to ask JSSE what the key size
is???
Revision Changes Path
1.11 +21 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java
Index: Globals.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- Globals.java 2000/10/13 05:25:06 1.10
+++ Globals.java 2000/10/13 19:27:33 1.11
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v 1.10 2000/10/13 05:25:06 craigmcc Exp $
- * $Revision: 1.10 $
- * $Date: 2000/10/13 05:25:06 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v 1.11 2000/10/13 19:27:33 craigmcc Exp $
+ * $Revision: 1.11 $
+ * $Date: 2000/10/13 19:27:33 $
*
* ====================================================================
*
@@ -69,7 +69,7 @@
* Global constants that are applicable to multiple packages within Catalina.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.10 $ $Date: 2000/10/13 05:25:06 $
+ * @version $Revision: 1.11 $ $Date: 2000/10/13 19:27:33 $
*/
public final class Globals {
@@ -85,6 +85,15 @@
/**
+ * The request attribute under which we store the name of the cipher suite
+ * being used on an SSL connection (as an object of type
+ * java.lang.String).
+ */
+ public static final String CIPHER_SUITE_ATTR =
+ "javax.servlet.request.cipher_suite";
+
+
+ /**
* The servlet context attribute under which we store the class loader
* used for loading servlets (as an object of type java.lang.ClassLoader).
*/
@@ -131,6 +140,14 @@
*/
public static final String ERROR_MESSAGE_ATTR =
"javax.servlet.error.message";
+
+
+ /**
+ * The request attribute under which we store the key size being used for
+ * this SSL connection (as an object of type java.lang.Integer).
+ */
+ public static final String KEY_SIZE_ATTR =
+ "javax.servlet.request.key_size";
/**
1.3 +19 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java
Index: CertificatesValve.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- CertificatesValve.java 2000/09/20 06:05:34 1.2
+++ CertificatesValve.java 2000/10/13 19:27:35 1.3
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v 1.2 2000/09/20 06:05:34 craigmcc Exp $
- * $Revision: 1.2 $
- * $Date: 2000/09/20 06:05:34 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/valves/CertificatesValve.java,v 1.3 2000/10/13 19:27:35 craigmcc Exp $
+ * $Revision: 1.3 $
+ * $Date: 2000/10/13 19:27:35 $
*
* ====================================================================
*
@@ -86,9 +86,14 @@
* request is an SSLSocket or not. If it is, and if the client has presented
* a certificate chain to authenticate itself, the array of certificates is
* exposed as a request attribute.
+ * <p>
+ * In addition, this Valve exposes the cipher suite and key size being used
+ * on this SSL connection as request attributes. Although this function is
+ * unrelated to certificates, the two tasks have been combined here to minimize
+ * the amount of code that has to check for the existence of JSSE classes.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.2 $ $Date: 2000/09/20 06:05:34 $
+ * @version $Revision: 1.3 $ $Date: 2000/10/13 19:27:35 $
*/
public final class CertificatesValve
@@ -176,6 +181,16 @@
SSLSession session = socket.getSession();
if (session == null)
return;
+
+ // Expose the cipher suite and key size
+ String cipherSuite = session.getCipherSuite();
+ int keySize = 0; // FIXME - no way to look it up?????
+ if (cipherSuite != null) {
+ request.getRequest().setAttribute(Globals.CIPHER_SUITE_ATTR,
+ cipherSuite);
+ request.getRequest().setAttribute(Globals.KEY_SIZE_ATTR,
+ new Integer(keySize));
+ }
// If we have cached certificates, return them
Object cached = session.getValue(Globals.CERTIFICATES_ATTR);