A
SSLSession object contains information about the
SSL connection established through an SSLSocket.
Use the the getSession( ) method of a
SSLSocket to obtain the
SSLSession object for that socket. Many of the
SSLSession methods return information that was
obtained during the handshake phase of the connection.
getProtocol( )
returns the specific version of the SSL or TLS protocol in use.
getCipherSuite(
) returns the name of the cipher suite
negotiated for the connection. getPeerHost(
)
returns the name of the remote host, and
getPeerCertificates( ) returns the certificate
chain, if any, that was received from the remote host during
authentication. In Java 5.0 and later the peer's
identity can also be queried with getPeerPrincipal(
)
The invalidate( ) method ends the session. It does
not affect any current connections, but all future connections and
any re-negotiations of existing connections will need to establish a
new SSLSession. isValid(
)
determines whether a session is still valid.
Multiple SSL connections between two hosts may share the same
SSLSession as long as they are using the same
protocol version and cipher suite. There is no way to enumerate the
SSLSocket objects that share a session, but these
sockets can exchange information by using putValue(
) to bind a shared object to some
well-known name that can be looked up by other sockets with
getValue( )
.
removeValue( ) removes such a binding, and
getValueNames( ) returns an array of all names
that have objects bound to them in this session. Objects bound and
unbound with putValue( ) and removeValue(
) may implement
SSLSessionBindingListener to be notified when they
are bound and unbound.
Note that the getPeerCertificateChain( ) method
returns an object from the javax.security.cert
package, which is not documented in this book. The method and package
exist only for backward compatibility with earlier versions of the
JSSE API, and should be considered deprecated. Use
getPeerCertificates( ), which uses
java.security.cert instead.
public interface SSLSession {
// Public Instance Methods
5.0 int getApplicationBufferSize( );
String getCipherSuite( );
long getCreationTime( );
byte[ ] getId( );
long getLastAccessedTime( );
java.security.cert.Certificate[ ] getLocalCertificates( );
5.0 java.security.Principal getLocalPrincipal( );
5.0 int getPacketBufferSize( );
javax.security.cert.X509Certificate[ ] getPeerCertificateChain( )
throws SSLPeerUnverifiedException;
java.security.cert.Certificate[ ] getPeerCertificates( )
throws SSLPeerUnverifiedException;
String getPeerHost( );
5.0 int getPeerPort( );
5.0 java.security.Principal getPeerPrincipal( ) throws SSLPeerUnverifiedException;
String getProtocol( );
SSLSessionContext getSessionContext( );
Object getValue(String name);
String[ ] getValueNames( );
void invalidate( );
5.0 boolean isValid( );
void putValue(String name, Object value);
void removeValue(String name);
}
