[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Session Resumption problems with JSSE-OpenLDAP

It appears that Sun did not fix the problem with jdk 1.4.  One
workaround is to invalidate session resumption after a socket is
created.  Do this by calling the invalidate() method of the session in
the socket after it is created.  I did this by Extending the socket
factory that is used to create the sockets.

Here is the code I used for the socket factory:
   * Name: MyFactory
   * Desc: a workaround. Invalidates the session so it cannot be
  private class MyFactory extends
    public java.net.Socket createSocket(String host, int port)
          throws java.net.UnknownHostException, java.io.IOException {
      javax.net.ssl.SSLSocket socket = (javax.net.ssl.SSLSocket)
              super.createSocket(host, port);
      javax.net.ssl.SSLSession session = socket.getSession();
      return socket;

There are two ways to set the new socket Factory in your code:
- LDAPConnection.setSocketFactory( MyFactory ); //global for all future
- LDAPConnection conn = new LDAPConnection( MyFactory ) //used just for
this connection.

Hope that helps.
- Cameron

Cameron Morris
Novell, Inc., the leading provider of Net business solutions

>>> "Cheng, Ted C" <Ted.Cheng@ca.com> 05/21/02 05:28PM >>>


Sorry to bother you. I am wondering whether there are fixes/workarounds
for the session resumption problems and where I can find them.


Your assistance is greatly appreciated.

Best regards,