You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@clerezza.apache.org by Henry Story <he...@gmail.com> on 2010/08/20 19:39:36 UTC

getting the servlet request (and ssl session clearing in jetty)

I don't seem to be able to get the servlet request from a jsr-311 annotated method in Clerezza.

I tried quite a lot of different things, including things like

 @GET
  public Response logout(@Context UriInfo uriInfo,
	    @HeaderParam("Referer") URI referer,
	    @Context ServletRequest req) {
  ...
 }


With no success. req is just null.

Any ideas?

-----

Btw. I am trying to clear the session information to see if there is any way of getting around the issues of logging out with SSL.  I need to try something out to see if this will work. Any idea if it is possible to clear the SSL Session information? 

You can do it in apache as described at the end of this document:

http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

// Standard HTTP session invalidation
session.invalidate();

// Invalidate the SSL Session
org.apache.tomcat.util.net.SSLSessionManager mgr =
  (org.apache.tomcat.util.net.SSLSessionManager)
  request.getAttribute("javax.servlet.request.ssl_session_mgr");
mgr.invalidateSession();

// Close the conection since the SSL session will be active until the connection
// is closed
response.setHeader("Connection", "close");

Henry

Re: getting the servlet request (and ssl session clearing in jetty)

Posted by Reto Bachmann-Gmür <re...@trialox.org>.

Hi henry

the jaxrs implementation of clerezza is not servlet based, so you cannot get the servlet request. (It is based on wrhapi which runs on http servers that support servlets but also on servers that do not, like the waterken http server).

Cheers,
reto

----- Original message -----
> 
> On 20 Aug 2010, at 19:39, Henry Story wrote:
> 
> > 
> > @GET
> > public Response logout(@Context UriInfo uriInfo,
> >            @HeaderParam("Referer") URI referer,
> >            @Context ServletRequest req) {
> > ...
> > }
> 
> I also tried HttpServletRequest of course.

Re: getting the servlet request (and ssl session clearing in jetty)

Posted by Henry Story <he...@gmail.com>.

On 20 Aug 2010, at 19:39, Henry Story wrote:

> 
> @GET
>  public Response logout(@Context UriInfo uriInfo,
> 	    @HeaderParam("Referer") URI referer,
> 	    @Context ServletRequest req) {
>  ...
> }

I also tried HttpServletRequest of course.