Examples of javax.net.ssl.SSLSession

• javax.net.ssl.SSLSession

            if( initialHandshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED )
            {
                session.setAttribute( SSLFilter.SSL_SESSION, sslEngine.getSession() );
                if( log.isDebugEnabled() )
                {
                    SSLSession sslSession = sslEngine.getSession();
                    log.debug( session + "  initialHandshakeStatus=FINISHED" );
                    log.debug( session + "  sslSession CipherSuite used " + sslSession.getCipherSuite() );
                }
                initialHandshakeComplete = true;
                return;
            }
            else if( initialHandshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK )

    private void verifyHostname(SSLSocket socket)
        throws SSLPeerUnverifiedException, UnknownHostException {
        if (! verifyHostname)
            return;

        SSLSession session = socket.getSession();
        String hostname = session.getPeerHost();
        try {
            InetAddress addr = InetAddress.getByName(hostname);
        } catch (UnknownHostException uhe) {
            throw new UnknownHostException("Could not resolve SSL sessions "
                                           + "server hostname: " + hostname);
        }

        X509Certificate[] certs = session.getPeerCertificateChain();
        if (certs == null || certs.length == 0)
            throw new SSLPeerUnverifiedException("No server certificates found!");

        //get the servers DN in its string representation
        String dn = certs[0].getSubjectDN().getName();

        if (!(s instanceof SSLSocket))
            return null;
        SSLSocket socket = (SSLSocket) s;

        // Look up the current SSLSession
        SSLSession session = socket.getSession();
        if (session == null)
            return null;

        // Convert JSSE's certificate format to the ones we need
        X509Certificate jsseCerts[] = null;
        java.security.cert.X509Certificate x509Certs[] = null;
        try {
            jsseCerts = session.getPeerCertificateChain();
            if (jsseCerts == null)
                jsseCerts = new X509Certificate[0];
            x509Certs =
              new java.security.cert.X509Certificate[jsseCerts.length];
            for (int i = 0; i < x509Certs.length; i++) {

        if (command instanceof ConnectionInfo) {
            ConnectionInfo connectionInfo = (ConnectionInfo)command;

            SSLSocket sslSocket = (SSLSocket)this.socket;

            SSLSession sslSession = sslSocket.getSession();

            X509Certificate[] clientCertChain;
            try {
                clientCertChain = (X509Certificate[])sslSession.getPeerCertificates();
            } catch (SSLPeerUnverifiedException e) {
                clientCertChain = null;
            }

            connectionInfo.setTransportContext(clientCertChain);

    }

    @Override
    public void handshake(Socket sock) throws IOException {
        // We do getSession instead of startHandshake() so we can call this multiple times
        SSLSession session = ((SSLSocket)sock).getSession();
        if (session.getCipherSuite().equals("SSL_NULL_WITH_NULL_NULL"))
            throw new IOException("SSL handshake failed. Ciper suite in SSL Session is SSL_NULL_WITH_NULL_NULL");

        if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
            // Prevent further handshakes by removing all cipher suites
            ((SSLSocket) sock).setEnabledCipherSuites(new String[0]);

        for (;;) {
            if (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) {
                session.setAttribute(SSLFilter.SSL_SESSION, sslEngine
                        .getSession());
                if (SessionLog.isDebugEnabled(session)) {
                    SSLSession sslSession = sslEngine.getSession();
                    SessionLog.debug(session,
                            "  handshakeStatus=FINISHED");
                    SessionLog.debug(session, "  sslSession CipherSuite used "
                            + sslSession.getCipherSuite());
                }
                handshakeComplete = true;
                if (!initialHandshakeComplete
                        && session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
                    // SESSION_SECURED is fired only when it's the first handshake.

          throws IOException {
        if(host == null) {
            throw new NullPointerException("host to verify is null");
        }

        SSLSession session = ssl.getSession();
        if(session == null) {
            // In our experience this only happens under IBM 1.4.x when
            // spurious (unrelated) certificates show up in the server'
            // chain.  Hopefully this will unearth the real problem:
            InputStream in = ssl.getInputStream();
            in.available();
            /*
              If you're looking at the 2 lines of code above because
              you're running into a problem, you probably have two
              options:

                #1.  Clean up the certificate chain that your server
                     is presenting (e.g. edit "/etc/apache2/server.crt"
                     or wherever it is your server's certificate chain
                     is defined).

                                           OR

                #2.   Upgrade to an IBM 1.5.x or greater JVM, or switch
                      to a non-IBM JVM.
            */

            // If ssl.getInputStream().available() didn't cause an
            // exception, maybe at least now the session is available?
            session = ssl.getSession();
            if(session == null) {
                // If it's still null, probably a startHandshake() will
                // unearth the real problem.
                ssl.startHandshake();

                // Okay, if we still haven't managed to cause an exception,
                // might as well go for the NPE.  Or maybe we're okay now?
                session = ssl.getSession();
            }
        }

        Certificate[] certs = session.getPeerCertificates();
        X509Certificate x509 = (X509Certificate) certs[0];
        verify(host, x509);
    }

        OperatedClientConnection conn = getWrappedConnection();
        assertValid(conn);
        if (!isOpen())
            return null;

        SSLSession result = null;
        Socket    sock    = conn.getSocket();
        if (sock instanceof SSLSocket) {
            result = ((SSLSocket)sock).getSession();
        }
        return result;

        if (userPrincipal == null) {
            ManagedClientConnection conn = (ManagedClientConnection) context.getAttribute(
                    ExecutionContext.HTTP_CONNECTION);
            if (conn.isOpen()) {
                SSLSession sslsession = conn.getSSLSession();
                if (sslsession != null) {
                    userPrincipal = sslsession.getLocalPrincipal();
                }
            }
        }

        return userPrincipal;

            if( initialHandshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED )
            {
                session.setAttribute( SSLFilter.SSL_SESSION, sslEngine.getSession() );
                if( SessionLog.isDebugEnabled( session ) )
                {
                    SSLSession sslSession = sslEngine.getSession();
                    SessionLog.debug( session, "  initialHandshakeStatus=FINISHED" );
                    SessionLog.debug( session, "  sslSession CipherSuite used " + sslSession.getCipherSuite() );
                }
                initialHandshakeComplete = true;
                if( session.containsAttribute( SSLFilter.USE_NOTIFICATION ) )
                {
                    nextFilter.messageReceived( session, SSLFilter.SESSION_SECURED );