Re: Session Resumption problems with JSSE-OpenLDAP

["Cameron Morris" <CMorris@novell.com>]

It appears that Sun did not fix the problem with jdk 1.4.  One
workaround is to invalidate session resumption after a socket is
created.  Do this by calling the invalidate() method of the session in
the socket after it is created.  I did this by Extending the socket
factory that is used to create the sockets.

Here is the code I used for the socket factory:
  /**
   * Name: MyFactory
   * Desc: a workaround. Invalidates the session so it cannot be
resumed
   */
  private class MyFactory extends
com.novell.ldap.LDAPJSSESecureSocketFactory{
    public java.net.Socket createSocket(String host, int port)
          throws java.net.UnknownHostException, java.io.IOException {
      javax.net.ssl.SSLSocket socket = (javax.net.ssl.SSLSocket)
              super.createSocket(host, port);
      javax.net.ssl.SSLSession session = socket.getSession();
      session.invalidate();
      socket.setEnableSessionCreation(false);
      return socket;
      }
  }

There are two ways to set the new socket Factory in your code:
- LDAPConnection.setSocketFactory( MyFactory ); //global for all future
connections
- LDAPConnection conn = new LDAPConnection( MyFactory ) //used just for
this connection.

Hope that helps.
- Cameron

Cameron Morris
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com 



>>> "Cheng, Ted C" <Ted.Cheng@ca.com> 05/21/02 05:28PM >>>


Hi,

Sorry to bother you. I am wondering whether there are fixes/workarounds
for the session resumption problems and where I can find them.

http://www.openldap.org/lists/openldap-devel/200201/msg00059.html 

Your assistance is greatly appreciated.

Best regards,

-Ted