You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by siddharth <si...@fastmail.fm> on 2003/06/04 12:30:18 UTC
is session id unique across webapps ?
Hi all,
I am tring to find out about *uniqueness* of *session ids* which are
generated by tomcat.
are session ids are unique across webapps ???
-----------------------------------------------
thanx.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: is session id unique across webapps ?
Posted by Tim Funk <fu...@joedog.org>.
Tomcat creates its sessionids from a random number generator. The breadth of
random numbers is very wide allowing for "virtually" no overlaps. But since
they are random, dups may appear. Tomcat does have checks to make sure it
doesn't give out an existing session id in a particular webapp.
That being said, I think it is possible that the same session_id may be used
by two different users for two different webapps.
So if you really need a unique identifier, append session_id to context path.
There was a few discussions in developers list above session id uniqueness.
http://marc.theaimsgroup.com/?t=104072145900001&r=1&w=2
http://marc.theaimsgroup.com/?t=104207956000003&r=1&w=2
-Tim
siddharth wrote:
> Hi all,
>
> I am tring to find out about *uniqueness* of *session ids* which are
> generated by tomcat.
>
> are session ids are unique across webapps ???
> -----------------------------------------------
>
>
>
> thanx.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org