You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Goo Sam Kong <sk...@gmail.com> on 2010/03/23 02:46:39 UTC
Force Tomcat 5.5.16 to close SSL session upon every request
Hi
Is it possible Tomcat close SSL session upon every HTTP request?
I am running Tomcat 5.5.16 on JDK 1.5.0 update 7 on RedHat Enterprise.
Thank you.
Regards,
SamKong Goo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Force Tomcat 5.5.16 to close SSL session upon every request
Posted by Goo Sam Kong <sk...@gmail.com>.
Thank you, Mark
On 23 March 2010 16:31, Mark Thomas <ma...@apache.org> wrote:
> On 23/03/2010 06:58, Goo Sam Kong wrote:
>> Hi Ben,
>>
>> Do you know why Tomcat take some time to close the connection? Is it
>> predictable?
>
> Tomcat does close the connection.
>
>> My Java client is authenticate with Tomcat server using USB based
>> security token through client certificate authentication. Even though
>> I removed the token, Java client still able to run until some times,
>> then force authentication will happen.
>
> Closing the connection does not terminate the session. That capability
> will be available in Tomcat 7.
>
> In Tomcat 6 you can control the session timeout. Look for the
> sessionTimeout connector property.
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Force Tomcat 5.5.16 to close SSL session upon every request
Posted by Mark Thomas <ma...@apache.org>.
On 23/03/2010 06:58, Goo Sam Kong wrote:
> Hi Ben,
>
> Do you know why Tomcat take some time to close the connection? Is it
> predictable?
Tomcat does close the connection.
> My Java client is authenticate with Tomcat server using USB based
> security token through client certificate authentication. Even though
> I removed the token, Java client still able to run until some times,
> then force authentication will happen.
Closing the connection does not terminate the session. That capability
will be available in Tomcat 7.
In Tomcat 6 you can control the session timeout. Look for the
sessionTimeout connector property.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Force Tomcat 5.5.16 to close SSL session upon every request
Posted by Goo Sam Kong <sk...@gmail.com>.
Hi Ben,
Do you know why Tomcat take some time to close the connection? Is it
predictable?
My Java client is authenticate with Tomcat server using USB based
security token through client certificate authentication. Even though
I removed the token, Java client still able to run until some times,
then force authentication will happen.
Thank you.
On 23 March 2010 10:37, Ben Stringer <be...@burbong.com> wrote:
> Hi,
>
> Take a look at the documentation for maxKeepAliveRequests on this page:
>
> http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
>
> If you set this to 1 for your SSL connector, I believe it will do what you
> want.
>
> Cheers, Ben
>
>
>> Hi
>>
>> Is it possible Tomcat close SSL session upon every HTTP request?
>>
>> I am running Tomcat 5.5.16 on JDK 1.5.0 update 7 on RedHat Enterprise.
>>
>> Thank you.
>>
>> Regards,
>> SamKong Goo
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Force Tomcat 5.5.16 to close SSL session upon every request
Posted by Ben Stringer <be...@burbong.com>.
Hi,
Take a look at the documentation for maxKeepAliveRequests on this page:
http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
If you set this to 1 for your SSL connector, I believe it will do what you
want.
Cheers, Ben
> Hi
>
> Is it possible Tomcat close SSL session upon every HTTP request?
>
> I am running Tomcat 5.5.16 on JDK 1.5.0 update 7 on RedHat Enterprise.
>
> Thank you.
>
> Regards,
> SamKong Goo
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org