glassfish_at_javadesktop.org wrote:
> A SOAP web-service is deployed on Glassfish, and is listening over HTTPS. When a client calls a web-service method, obviously an SSL session is established to communicate with the web-service.
>
> The question is: when a second (or any subsequent) web-service method is invoked, does this establish a *new* SSL session with the application server, or does it cache the SSL session for a while so it can be reused?
>
> If the SSL session is NOT cached, is there a way to specify in Metro/Glassfish that it should be cached (on the client and server)?
>
> If the SSL session IS cached, how does one determine/configure the session parameters (time-to-live, etc.)?
>
Metro client uses JDK's HttpsURLConnection. So, the default JDK API and
properites would apply here too on the client side.
SSLContext.getInstance(...).getClientSessionContext().setSessionTimeout(..)
should work for your client.
Also, a metro client could pass a custom SSLSocketFactory via request
context and that will be set as
HttpsURLConnection#setSSLSocketFactory(SSLSocketFactory)
I don't know about server side.
Jitu
> TIA.
> [Message sent by forum member 'arshadnoor' ]
>
> http://forums.java.net/jive/thread.jspa?messageID=374628
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>