A SSLSession object contains information about the SSL connection established through an SSLSocket. Use the the getSession( ) method of a SSLSocket to obtain the SSLSession object for that socket. Many of the SSLSession methods return information that was obtained during the handshake phase of the connection. getProtocol( ) returns the specific version of the SSL or TLS protocol in use. getCipherSuite( ) returns the name of the cipher suite negotiated for the connection. getPeerHost( ) returns the name of the remote host, and getPeerCertificates( ) returns the certificate chain, if any, that was received from the remote host during authentication. In Java 5.0 and later the peer’s identity can also be queried with getPeerPrincipal( )

The invalidate( ) method ends the session. It does not affect any current connections, but all future connections and any re-negotiations of existing connections will need to establish a new SSLSession. isValid( ) determines whether a session is still valid.

Multiple SSL connections between two hosts may share the same SSLSession as long as they are using the same protocol version and cipher suite. There is no way to enumerate the SSLSocket objects that share a session, but these sockets can exchange information by using putValue( ) to bind a shared object to some well-known name that can be looked up by other sockets with getValue( ) . removeValue( ) removes such a binding, and getValueNames( ) returns an array of all ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.