public class SSLValve extends ValveBase
Note: Ensure that the headers are always set by httpd for all requests to prevent a client spoofing SSL information by sending fake headers.
In httpd.conf add the following:
<IfModule ssl_module> RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s" RequestHeader set SSL_CIPHER "%{SSL_CIPHER}s" RequestHeader set SSL_SESSION_ID "%{SSL_SESSION_ID}s" RequestHeader set SSL_CIPHER_USEKEYSIZE "%{SSL_CIPHER_USEKEYSIZE}s" </IfModule>In server.xml, configure this valve under the Engine element in server.xml:
<Engine ...> <Valve className="org.apache.catalina.valves.SSLValve" /> <Host ... /> </Engine>
Lifecycle.SingleUse
asyncSupported, container, containerLog, next, sm
mserver
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
SSLValve() |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getSslCipherHeader() |
java.lang.String |
getSslCipherUserKeySizeHeader() |
java.lang.String |
getSslClientCertHeader() |
java.lang.String |
getSslSessionIdHeader() |
void |
invoke(Request request,
Response response)
The implementation-specific logic represented by this Valve.
|
java.lang.String |
mygetHeader(Request request,
java.lang.String header) |
void |
setSslCipherHeader(java.lang.String sslCipherHeader) |
void |
setSslCipherUserKeySizeHeader(java.lang.String sslCipherUserKeySizeHeader) |
void |
setSslClientCertHeader(java.lang.String sslClientCertHeader) |
void |
setSslSessionIdHeader(java.lang.String sslSessionIdHeader) |
backgroundProcess, event, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setContainer, setNext, startInternal, stopInternal, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop
public java.lang.String getSslClientCertHeader()
public void setSslClientCertHeader(java.lang.String sslClientCertHeader)
public java.lang.String getSslCipherHeader()
public void setSslCipherHeader(java.lang.String sslCipherHeader)
public java.lang.String getSslSessionIdHeader()
public void setSslSessionIdHeader(java.lang.String sslSessionIdHeader)
public java.lang.String getSslCipherUserKeySizeHeader()
public void setSslCipherUserKeySizeHeader(java.lang.String sslCipherUserKeySizeHeader)
public java.lang.String mygetHeader(Request request, java.lang.String header)
public void invoke(Request request, Response response) throws java.io.IOException, ServletException
ValveBase
This method MUST be provided by a subclass.
invoke
in interface Valve
invoke
in class ValveBase
request
- The servlet request to be processedresponse
- The servlet response to be createdjava.io.IOException
- if an input/output error occursServletException
- if a servlet error occursCopyright © 2000-2018 Apache Software Foundation. All Rights Reserved.