File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes How are session IDs generated? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "How are session IDs generated?" Watch "How are session IDs generated?" New topic
Author

How are session IDs generated?

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42951
    
  72
I assume they are a hash of something, but does anyone know more about the algorithm? Like which pieces of information go into the hash, and within which timeframe IDs could conveivably collide? Any links are appreciated as well.

Thanks,
Ulf
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12836
    
    5
Why not look at the Tomcat source code?
Bill
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42951
    
  72
I know, the source is my friend. But I was hoping that someone had more insight, or had done the source-spelunking already.

Edited later: The session ID is a 16 byte random number, run thorough a digest (MD5 by default), and then converted to Hex.
[ August 01, 2005: Message edited by: Ulf Dittmer ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How are session IDs generated?