[Seaside-dev] tracking sessions by ssl session id?
Andreas Raab
andreas.raab at gmx.de
Thu Aug 12 03:58:55 UTC 2010
I have no idea what rules the browsers follow for SSL sessions, so I
really don't know if there's any particular gotcha down that path. As
for available support, SqueakSSL currently doesn't provide access to
sessions (one of the many things that remain to be done). It's on my
list eventually but as usual the APIs are completely different so I'll
have to spend a weekend reading up on the various bits and parts and
right now that's not a priority for me.
Cheers,
- Andreas
On 8/8/2010 1:42 PM, Philippe Marschall wrote:
> Hi
>
> Having the session id in the URL is a problem in some cases so I was
> wondering whether it would be possible to use the SSL session id as an
> alternative to cookies. Before starting any work:
> - Are there any reasons why this is a terrible idea?
> - Is there a way to get the SSL session id over mod_proxy?
> - Which server adapters besides AJP support getting the SSL session
> id? SqueakSSL/WebClient? SCGI? FastCGI? Swazoo? OpenTalk?
>
> Cheers
> Philippe
> _______________________________________________
> seaside-dev mailing list
> seaside-dev at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev
>
More information about the seaside-dev
mailing list