SSLSession

A SSLSession object contains information about the SSL connection established through an SSLSocket . Use the the getSession( ) method of a SSLSocket to obtain the SSLSession object for that socket. Many of the SSLSession methods return information that was obtained during the handshake phase of the connection. getProtocol( ) returns the specific version of the SSL or TLS protocol in use. getCipherSuite( ) returns the name of the cipher suite negotiated for the connection. getPeerHost( ) returns the name of the remote host, and getPeerCertificates( ) returns the certificate chain, if any, that was received from the remote host during authentication. In Java 5.0 and later the peer's identity can also be queried with getPeerPrincipal( )

The invalidate( ) method ends the session. It does not affect any current connections, but all future connections and any re-negotiations of existing connections will need to establish a new SSLSession . isValid( ) determines whether a session is still valid.

Multiple SSL connections between two hosts may share the same SSLSession as long as they are using the same protocol version and cipher suite. There is no way to enumerate the SSLSocket objects that share a session, but these sockets can exchange information by using putValue( ) to bind a shared object to some well-known name that can be looked up by other sockets with getValue( ) . removeValue( ) removes such a binding, and getValueNames( ) returns an array of all names that have objects bound to them in this session. Objects bound and unbound with putValue( ) and removeValue( ) may implement SSLSessionBindingListener to be notified when they are bound and unbound.

Note that the getPeerCertificateChain( ) method returns an object from the javax.security.cert package, which is not documented in this book. The method and package exist only for backward compatibility with earlier versions of the JSSE API, and should be considered deprecated. Use getPeerCertificates( ) , which uses java.security.cert instead.

 public interface  SSLSession  {  // Public Instance Methods   5.0  int  getApplicationBufferSize  ( );        String  getCipherSuite  ( );        long  getCreationTime  ( );        byte[ ]  getId  ( );        long  getLastAccessedTime  ( );        java.security.cert.Certificate[ ]  getLocalCertificates  ( );  5.0  java.security.Principal  getLocalPrincipal  ( );  5.0  int  getPacketBufferSize  ( );        javax.security.cert.X509Certificate[ ]  getPeerCertificateChain  ( )          throws SSLPeerUnverifiedException;        java.security.cert.Certificate[ ]  getPeerCertificates  ( )          throws SSLPeerUnverifiedException;        String  getPeerHost  ( );  5.0  int  getPeerPort  ( );  5.0  java.security.Principal  getPeerPrincipal  ( ) throws SSLPeerUnverifiedException;        String  getProtocol  ( );        SSLSessionContext  getSessionContext  ( );        Object  getValue  (String  name  );        String[ ]  getValueNames  ( );        void  invalidate  ( );  5.0  boolean  isValid  ( );        void  putValue  (String  name  , Object  value  );        void  removeValue  (String  name  );   } 

Passed To

HandshakeCompletedEvent.HandshakeCompletedEvent( ) , HostnameVerifier.verify( ) , SSLSessionBindingEvent.SSLSessionBindingEvent( )

Returned By

HandshakeCompletedEvent.getSession( ) , SSLEngine.getSession( ) , SSLSessionBindingEvent.getSession( ) , SSLSessionContext.getSession( ) , SSLSocket.getSession( )