[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] Help with Session Caching...



Thanks for the quick response, but I found the solution about 2 minutes
after sending the e-mail!

I tried connecting to another ssl server (an IBM WEB SPHERE server) and
here the 2 connects DID use the same session id. I then checked the doco a
bit more carefully (RTFM!) and found the following comment in the
SSLContext Doco:

"cache terminated sessions: A boolean value determining whether or not to
resume sessions that have not been properly shutdown. Per spec this should
not be done, this exists only to improve performance when communicating
with bad server implementations.
     default value: false

So i tried setting this to 'true', and tried again..... BINGO!

So it looks like the IBM WebSeal version we are using here does not
implement SSL according to spec. From what I understand WebSeal uses
OpenSSL/SSLLeay for SSL, so that seems a bit suspect. But the WebSphere,
which is an APACHE server with SSL (Presumably also with openSSL) does
implement the spec correctly. V Strange. Probably different versions of
OpenSSL.0

Thanks for all your quick responses.

Gil.

Gil Peeters wrote:
> 
> Howdy,
> 
> Need some urgent Help.
> 
> We have a purchased version of SSilk v3.5 (KBC Bank).
> 
> We use the HttpsURLConnection classes to connect to an IBM WebSeal Server
> which requireds 2 POST requests over the SAME SSL SESSION!!
> 
> If I create an SSL Session, set to POST, write the post data, read the
> response, and the do the same again to the same URL it does not re-use the
> same SSLSocket or Session!!!
> 
> Is there anything I have to configure in the underlying W3C JIGSAW classes
> to make the HttpsURLConnecion re-use the sockets??
> 
> Thnaks
> 
> Gil.
> 
> --
> ================================================
> Gil Peeters
> BVBA CANCAS I.T.
> Willemsstraat 2
> 3000 Leuven
> Belgium
> ================================================
> JAVA and Distributed Object Specialists
> ================================================
> --
> Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
> 
> To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
> 

-- 
================================================
Gil Peeters
BVBA CANCAS I.T.
Willemsstraat 2
3000 Leuven 
Belgium
================================================
JAVA and Distributed Object Specialists
================================================
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl