All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class sun.security.ssl.Session

java.lang.Object
   |
   +----sun.security.ssl.Session

public final class Session
extends Object
In SSL, sessions are used to describe an ongoing relationship between two entities. Each SSL connection involves one session at a time, but that session may be used on many connections between those entities, simultaneously or sequentially. The session used on a connection may also be replaced by a different session. Sessions are created, or rejoined, as part of the SSL handshaking protocol. Sessions may be invalidated due to policies affecting security or resource usage. Session management policies are typically used to tune performance.

Servers have the ability to manage the session cache associated with their authentication context(s). They can do this by enumerating the IDs of the sessions which are cached, examining those sessions, and then perhaps invalidating a given session so that it can't be used again. If servers do not explicitly manage the cache, sessions will linger until memory is low enough that the runtime environment purges cache entries automatically to reclaim space.

The attributes of SSL sessions which are currently exposed are:


Method Index

 o getCipherSuite()
Returns the name of the cipher suite in use on this session
 o getCreationDate()
Returns the time this session was created.
 o getId()
Returns the ID for this session
 o getLastUsedDate()
Returns the last time this session was used to initialize a connection.
 o getPeerCertificateChain()
Return the cert chain presented by the peer.
 o getServerSession(SessionId, AuthContext)
Returns the server-side session associated with this session ID, if one is present in the session cache.
 o invalidate()
Invalidate a session.
 o listServerSessionIds(AuthContext)
Returns an enumeration of the cached server side session ids.
 o toString()
Returns a string representation of this SSL session

Methods

 o getId
  public SessionId getId()
Returns the ID for this session

 o getCipherSuite
  public String getCipherSuite()
Returns the name of the cipher suite in use on this session

 o getPeerCertificateChain
  public X509Cert[] getPeerCertificateChain() throws SSLPeerUnverified
Return the cert chain presented by the peer.

Returns:
array of peer X.509 certs, with the peer's own cert first in the chain, and with the "root" CA last.
 o getCreationDate
  public Date getCreationDate()
Returns the time this session was created.

 o getLastUsedDate
  public Date getLastUsedDate()
Returns the last time this session was used to initialize a connection.

 o invalidate
  public synchronized void invalidate()
Invalidate a session. Active connections may still exist, but no new connections will be able to rejoin this session.

 o getServerSession
  public static Session getServerSession(SessionId id,
                                         AuthContext authContext)
Returns the server-side session associated with this session ID, if one is present in the session cache. Applications should use session IDs, rather than Session objects, when they need to track sessions, for better garbage collection.

Parameters:
id - the ID for the session
authContext - authentication context holding that particular session
Returns:
the session, or null if it is not cached
 o listServerSessionIds
  public static Enumeration listServerSessionIds(AuthContext authContext)
Returns an enumeration of the cached server side session ids.

Parameters:
authContext - authentication context holding cached SSL server sessions
Returns:
enumeration of the IDs of any cached sessions, or null if there is no server session cache in this context
 o toString
  public String toString()
Returns a string representation of this SSL session

Overrides:
toString in class Object

All Packages  Class Hierarchy  This Package  Previous  Next  Index