A
SSLSession object contains information about the
SSL connection established through an SSLSocket.
Use the the getSession( ) method of a
SSLSocket to obtain the
SSLSession object for that socket. Many of the
SSLSession methods return information that was
obtained during the handshake phase of the connection.
getProtocol( )
returns the specific version of the SSL or TLS protocol in use.
getCipherSuite(
) returns the name of the cipher suite
negotiated for the connection. getPeerHost(
)
returns the name of the remote host, and
getPeerCertificates( ) returns the certificate
chain, if any, that was received from the remote host during
authentication. In Java 5.0 and later the peer's
identity can also be queried with getPeerPrincipal(
)
The invalidate( ) method ends the session. It does
not affect any current connections, but all future connections and
any re-negotiations of existing connections will need to establish a
new SSLSession. isValid(
)
determines whether a session is still valid.
Multiple SSL connections between two hosts may share the same
SSLSession as long as they are using the same
protocol version and cipher suite. There is no way to enumerate the
SSLSocket objects that share a session, but these
sockets can exchange information by using putValue(
) to bind a shared object to some
well-known name that can be looked up by other sockets with
getValue( )
.
removeValue( ) removes such a binding, and
getValueNames( ) returns an array of all names
that have objects bound to them in this session. Objects bound and
unbound with putValue( ) and removeValue(
) may implement
SSLSessionBindingListener to be notified when they
are bound and unbound.
Note that the getPeerCertificateChain( ) method
returns an object from the javax.security.cert
package, which is not documented in this book. The method and package
exist only for backward compatibility with earlier versions of the
JSSE API, and should be considered deprecated. Use
getPeerCertificates( ), which uses
java.security.cert instead.
public interface
SSLSession {
// Public Instance Methods
5.0 int
getApplicationBufferSize ( );
String
getCipherSuite ( );
long
getCreationTime ( );
byte[ ]
getId ( );
long
getLastAccessedTime ( );
java.security.cert.Certificate[ ]
getLocalCertificates ( );
5.0 java.security.Principal
getLocalPrincipal ( );
5.0 int
getPacketBufferSize ( );
javax.security.cert.X509Certificate[ ]
getPeerCertificateChain ( )
throws SSLPeerUnverifiedException;
java.security.cert.Certificate[ ]
getPeerCertificates ( )
throws SSLPeerUnverifiedException;
String
getPeerHost ( );
5.0 int
getPeerPort ( );
5.0 java.security.Principal
getPeerPrincipal ( ) throws SSLPeerUnverifiedException;
String
getProtocol ( );
SSLSessionContext
getSessionContext ( );
Object
getValue (String
name );
String[ ]
getValueNames ( );
void
invalidate ( );
5.0 boolean
isValid ( );
void
putValue (String
name , Object
value );
void
removeValue (String
name );
}
HandshakeCompletedEvent.HandshakeCompletedEvent(
), HostnameVerifier.verify( ),
SSLSessionBindingEvent.SSLSessionBindingEvent( )
HandshakeCompletedEvent.getSession( ),
SSLEngine.getSession( ),
SSLSessionBindingEvent.getSession( ),
SSLSessionContext.getSession( ),
SSLSocket.getSession( )