P4
The JSSE-based secure RMI transport provider continues to use SSL
sessions for an arbitrary length of time. Common practice suggests
that it should not use sessions for more than 24 hours.
In addition, the provider needs to handle sessions being invalidated
asynchronously by the server to permit it working with server
endpoints where SSL encryption and decryption are handled by a
firewall or servlet.
sessions for an arbitrary length of time. Common practice suggests
that it should not use sessions for more than 24 hours.
In addition, the provider needs to handle sessions being invalidated
asynchronously by the server to permit it working with server
endpoints where SSL encryption and decryption are handled by a
firewall or servlet.