• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Detect SSL
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Detect SSL


  • Subject: Re: Detect SSL
  • From: Petite Abeille <email@hidden>
  • Date: Fri, 2 May 2008 21:53:17 +0200


On May 2, 2008, at 4:01 AM, Don Lindsay wrote:

I want to identify if an application is being served via SSL. How can I do this? I have looked at all the headers available through the request.

Not to beat a dead horse, but... there is no way in plain HTTP to tell if your connection is running over TLS or not... one could try to infer such information by looking at the Request-URI or the Host header for hints... but... that's about it as far as HTTP goes...


If you have access to the underlying network connection from the client your chance of success are much higher...

http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/SSLSocket.html

Also, how can I get a handle to a client certificate if a person has a PKI card?

Once you have the client SSLSocket, you can access its SSLSession, which will lead you to the peer certificates.


http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/SSLSession.html
http://java.sun.com/j2se/1.4.2/docs/api/java/security/cert/Certificate.html

If none of those information are available to your application directly, you will need to trust some second hand information (e.g. upstream X_FORWARDED_PROTO header or similar).

--
PA.
http://alt.textdrive.com/nanoki/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


References: 
 >Detect SSL (From: Don Lindsay <email@hidden>)

  • Prev by Date: Re: Detect SSL
  • Next by Date: Re: Detect SSL
  • Previous by thread: Re: Detect SSL
  • Next by thread: Filtered to many relationship
  • Index(es):
    • Date
    • Thread