Oliver Schoenwald wrote:
Dear developers,
I have developed an SSL-based SessionManagement for our university's
e-learning system because I was unsuccessful to find any ability of
Tomcat 5
to create and manage an SSLSession as in the JSSE-Specification.
Several weeks of googling after such a feature and asking questions in
the
tomcat-user-mailingliste resulted in practically nothing.
Because we wanted a session management without having to force our
students
to activate cookies and without having to do url-rewriting, I did my own
development which resulted (after several refactorings) in our own
SessionManagement.
However, this SessionManagement is only a subpackage of our
webapplication,
which has also its own authentication mechanism due to other
requirements that
were set by our users. So far, it is a quite proprietary solution that
might be changed
to be integrated as an alternative SessionManagement component.
Do you use client certificates?
I wonder if there is someone or some people who are interested in
SSL-based
SessionManagement? Or maybe there is some well hidden development
underway
with the same objective? Maybe we could exchange some experience and
ideas and
even find a way to add SSL-based SessionManagement to coming Tomcat
versions?
If I should have been just blind to such a feature in Tomcat and there
is already a
working solution I apologize for this - in that case - unnecessary
question in advance.
In that case I would be happy if someone could point me to the right
documentation
or source code to at least find what I searched for before.
Thank you,
Oliver Schönwald
University of Hagen
Germany
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
