All Packages Class Hierarchy This Package Previous Next Index
Class sun.security.ssl.Session
java.lang.Object
|
+----sun.security.ssl.Session
- public final class Session
- extends Object
In SSL, sessions are used to describe an ongoing relationship between
two entities. Each SSL connection involves one session at a time, but
that session may be used on many connections between those entities,
simultaneously or sequentially. The session used on a connection may
also be replaced by a different session. Sessions are created, or
rejoined, as part of the SSL handshaking protocol. Sessions may be
invalidated due to policies affecting security or resource usage.
Session management policies are typically used to tune performance.
Servers have the ability to manage the session cache associated with
their authentication context(s). They can do this by enumerating the
IDs of the sessions which are cached, examining those sessions, and then
perhaps invalidating a given session so that it can't be used again.
If servers do not explicitly manage the cache, sessions will linger
until memory is low enough that the runtime environment purges cache
entries automatically to reclaim space.
The attributes of SSL sessions which are currently exposed are:
- Peer Identity. Sessions are between a particular
client and a particular server. The identity of the peer may
have been established as part of session setup. Peers are
identified by X.509 certificate chains.
- Cipher Suite Name. Cipher suites describe the
kind of cryptographic protection that's used by connections
in a particular session.
- Creation Time. Sessions are created at particular
times. Some common security policies constrain how long sessions
may be used before reauthentication is required.
- Last Use Time. It is common for resource management
policies to purge resources, such as sessions, which have not been
used in some time.
- Session ID. Within the scope of a given server,
identifiers are assigned to each session. These identifiers are
not reused. Applications use these identifiers (small byte arrays)
as an indirection to actual session objects, since session objects
themselves become invalid and then need garbage collection.
-
getCipherSuite()
- Returns the name of the cipher suite in use on this session
-
getCreationDate()
- Returns the time this session was created.
-
getId()
- Returns the ID for this session
-
getLastUsedDate()
- Returns the last time this session was used to initialize
a connection.
-
getPeerCertificateChain()
- Return the cert chain presented by the peer.
-
getServerSession(SessionId, AuthContext)
- Returns the server-side session associated with this session
ID, if one is present in the session cache.
-
invalidate()
- Invalidate a session.
-
listServerSessionIds(AuthContext)
- Returns an enumeration of the cached server side session ids.
-
toString()
- Returns a string representation of this SSL session
getId
public SessionId getId()
- Returns the ID for this session
getCipherSuite
public String getCipherSuite()
- Returns the name of the cipher suite in use on this session
getPeerCertificateChain
public X509Cert[] getPeerCertificateChain() throws SSLPeerUnverified
- Return the cert chain presented by the peer.
- Returns:
- array of peer X.509 certs, with the peer's own cert
first in the chain, and with the "root" CA last.
getCreationDate
public Date getCreationDate()
- Returns the time this session was created.
getLastUsedDate
public Date getLastUsedDate()
- Returns the last time this session was used to initialize
a connection.
invalidate
public synchronized void invalidate()
- Invalidate a session. Active connections may still exist, but
no new connections will be able to rejoin this session.
getServerSession
public static Session getServerSession(SessionId id,
AuthContext authContext)
- Returns the server-side session associated with this session
ID, if one is present in the session cache. Applications
should use session IDs, rather than Session objects, when they
need to track sessions, for better garbage collection.
- Parameters:
- id - the ID for the session
- authContext - authentication context holding that
particular session
- Returns:
- the session, or null if it is not cached
listServerSessionIds
public static Enumeration listServerSessionIds(AuthContext authContext)
- Returns an enumeration of the cached server side session ids.
- Parameters:
- authContext - authentication context holding cached
SSL server sessions
- Returns:
- enumeration of the IDs of any cached sessions, or null
if there is no server session cache in this context
toString
public String toString()
- Returns a string representation of this SSL session
- Overrides:
- toString in class Object
All Packages Class Hierarchy This Package Previous Next Index