src/java.base/share/classes/javax/net/ssl/SSLSession.java
Print this page
*** 33,43 ****
* that session may be used on many connections between those entities,
* simultaneously or sequentially. The session used on a connection may
* also be replaced by a different session. Sessions are created, or
* rejoined, as part of the SSL handshaking protocol. Sessions may be
* invalidated due to policies affecting security or resource usage,
! * or by an application explicitly calling <code>invalidate</code>.
* Session management policies are typically used to tune performance.
*
* <P> In addition to the standard session attributes, SSL sessions expose
* these read-only attributes: <UL>
*
--- 33,43 ----
* that session may be used on many connections between those entities,
* simultaneously or sequentially. The session used on a connection may
* also be replaced by a different session. Sessions are created, or
* rejoined, as part of the SSL handshaking protocol. Sessions may be
* invalidated due to policies affecting security or resource usage,
! * or by an application explicitly calling {@code invalidate}.
* Session management policies are typically used to tune performance.
*
* <P> In addition to the standard session attributes, SSL sessions expose
* these read-only attributes: <UL>
*
*** 80,91 ****
* <P>
* If the context is available and there is a
* security manager installed, the caller may require
* permission to access it or a security exception may be thrown.
* In a Java environment, the security manager's
! * <code>checkPermission</code> method is called with a
! * <code>SSLPermission("getSSLSessionContext")</code> permission.
*
* @throws SecurityException if the calling thread does not have
* permission to get SSL session context.
* @return the session context used for this session, or null
* if the context is unavailable.
--- 80,91 ----
* <P>
* If the context is available and there is a
* security manager installed, the caller may require
* permission to access it or a security exception may be thrown.
* In a Java environment, the security manager's
! * {@code checkPermission} method is called with a
! * {@code SSLPermission("getSSLSessionContext")} permission.
*
* @throws SecurityException if the calling thread does not have
* permission to get SSL session context.
* @return the session context used for this session, or null
* if the context is unavailable.
*** 146,163 ****
public boolean isValid();
/**
*
! * Binds the specified <code>value</code> object into the
* session's application layer data
! * with the given <code>name</code>.
* <P>
! * Any existing binding using the same <code>name</code> is
! * replaced. If the new (or existing) <code>value</code> implements the
! * <code>SSLSessionBindingListener</code> interface, the object
! * represented by <code>value</code> is notified appropriately.
* <p>
* For security reasons, the same named values may not be
* visible across different access control contexts.
*
* @param name the name to which the data object will be bound.
--- 146,163 ----
public boolean isValid();
/**
*
! * Binds the specified {@code value} object into the
* session's application layer data
! * with the given {@code name}.
* <P>
! * Any existing binding using the same {@code name} is
! * replaced. If the new (or existing) {@code value} implements the
! * {@code SSLSessionBindingListener} interface, the object
! * represented by {@code value} is notified appropriately.
* <p>
* For security reasons, the same named values may not be
* visible across different access control contexts.
*
* @param name the name to which the data object will be bound.
*** 185,195 ****
/**
* Removes the object bound to the given name in the session's
* application layer data. Does nothing if there is no object
* bound to the given name. If the bound existing object
! * implements the <code>SessionBindingListener</code> interface,
* it is notified appropriately.
* <p>
* For security reasons, the same named values may not be
* visible across different access control contexts.
*
--- 185,195 ----
/**
* Removes the object bound to the given name in the session's
* application layer data. Does nothing if there is no object
* bound to the given name. If the bound existing object
! * implements the {@code SessionBindingListener} interface,
* it is notified appropriately.
* <p>
* For security reasons, the same named values may not be
* visible across different access control contexts.
*
*** 347,357 ****
* If such a name is desired, it might
* be resolved through a name service based on the value returned
* by this method.
* <P>
* This value is not authenticated and should not be relied upon.
! * It is mainly used as a hint for <code>SSLSession</code> caching
* strategies.
*
* @return the host name of the peer host, or null if no information
* is available.
*/
--- 347,357 ----
* If such a name is desired, it might
* be resolved through a name service based on the value returned
* by this method.
* <P>
* This value is not authenticated and should not be relied upon.
! * It is mainly used as a hint for {@code SSLSession} caching
* strategies.
*
* @return the host name of the peer host, or null if no information
* is available.
*/
*** 362,372 ****
* <P>
* For the server, this is the client's port number; and for
* the client, it is the server's port number.
* <P>
* This value is not authenticated and should not be relied upon.
! * It is mainly used as a hint for <code>SSLSession</code> caching
* strategies.
*
* @return the port number of the peer host, or -1 if no information
* is available.
*
--- 362,372 ----
* <P>
* For the server, this is the client's port number; and for
* the client, it is the server's port number.
* <P>
* This value is not authenticated and should not be relied upon.
! * It is mainly used as a hint for {@code SSLSession} caching
* strategies.
*
* @return the port number of the peer host, or -1 if no information
* is available.
*
*** 373,390 ****
* @since 1.5
*/
public int getPeerPort();
/**
! * Gets the current size of the largest SSL/TLS packet that is expected
! * when using this session.
* <P>
! * A <code>SSLEngine</code> using this session may generate SSL/TLS
* packets of any size up to and including the value returned by this
! * method. All <code>SSLEngine</code> network buffers should be sized
* at least this large to avoid insufficient space problems when
! * performing <code>wrap</code> and <code>unwrap</code> calls.
*
* @return the current maximum expected network packet size
*
* @see SSLEngine#wrap(ByteBuffer, ByteBuffer)
* @see SSLEngine#unwrap(ByteBuffer, ByteBuffer)
--- 373,390 ----
* @since 1.5
*/
public int getPeerPort();
/**
! * Gets the current size of the largest SSL/TLS/DTLS packet that is
! * expected when using this session.
* <P>
! * An {@code SSLEngine} using this session may generate SSL/TLS/DTLS
* packets of any size up to and including the value returned by this
! * method. All {@code SSLEngine} network buffers should be sized
* at least this large to avoid insufficient space problems when
! * performing {@code wrap} and {@code unwrap} calls.
*
* @return the current maximum expected network packet size
*
* @see SSLEngine#wrap(ByteBuffer, ByteBuffer)
* @see SSLEngine#unwrap(ByteBuffer, ByteBuffer)
*** 396,406 ****
/**
* Gets the current size of the largest application data that is
* expected when using this session.
* <P>
! * <code>SSLEngine</code> application data buffers must be large
* enough to hold the application data from any inbound network
* application data packet received. Typically, outbound
* application data buffers can be of any size.
*
* @return the current maximum expected application packet size
--- 396,406 ----
/**
* Gets the current size of the largest application data that is
* expected when using this session.
* <P>
! * {@code SSLEngine} application data buffers must be large
* enough to hold the application data from any inbound network
* application data packet received. Typically, outbound
* application data buffers can be of any size.
*
* @return the current maximum expected application packet size