You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/11/04 12:06:12 UTC
svn commit: r1636541 -
/tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java
Author: markt
Date: Tue Nov 4 11:06:12 2014
New Revision: 1636541
URL: http://svn.apache.org/r1636541
Log:
Add getters.
Improve Javadoc.
Modified:
tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java
Modified: tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java?rev=1636541&r1=1636540&r2=1636541&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java Tue Nov 4 11:06:12 2014
@@ -48,36 +48,10 @@ public abstract class SessionIdGenerator
*/
private final Queue<SecureRandom> randoms = new ConcurrentLinkedQueue<>();
-
- /**
- * The Java class name of the secure random number generator class to be
- * used when generating session identifiers. The random number generator
- * class must be self-seeding and have a zero-argument constructor. If not
- * specified, an instance of {@link SecureRandom} will be generated.
- */
private String secureRandomClass = null;
-
- /**
- * The name of the algorithm to use to create instances of
- * {@link SecureRandom} which are used to generate session IDs. If no
- * algorithm is specified, SHA1PRNG is used. To use the platform default
- * (which may be SHA1PRNG), specify the empty string. If an invalid
- * algorithm and/or provider is specified the {@link SecureRandom} instances
- * will be created using the defaults. If that fails, the {@link
- * SecureRandom} instances will be created using platform defaults.
- */
private String secureRandomAlgorithm = "SHA1PRNG";
-
- /**
- * The name of the provider to use to create instances of
- * {@link SecureRandom} which are used to generate session IDs. If
- * no algorithm is specified the of SHA1PRNG default is used. If an invalid
- * algorithm and/or provider is specified the {@link SecureRandom} instances
- * will be created using the defaults. If that fails, the {@link
- * SecureRandom} instances will be created using platform defaults.
- */
private String secureRandomProvider = null;
@@ -90,7 +64,21 @@ public abstract class SessionIdGenerator
/**
- * Specify a non-default @{link {@link SecureRandom} implementation to use.
+ * Get the class name of the {@link SecureRandom} implementation used to
+ * generate session IDs.
+ *
+ * @return The fully qualified class name. {@code null} indicates that the
+ * JRE provided {@link SecureRandom} implementation will be used
+ */
+ public String getSecureRandomClass() {
+ return secureRandomClass;
+ }
+
+
+ /**
+ * Specify a non-default {@link SecureRandom} implementation to use. The
+ * implementation must be self-seeding and have a zero-argument constructor.
+ * If not specified, an instance of {@link SecureRandom} will be generated.
*
* @param secureRandomClass The fully-qualified class name
*/
@@ -100,7 +88,26 @@ public abstract class SessionIdGenerator
/**
- * Specify a non-default algorithm to use to generate random numbers.
+ * Get the name of the algorithm used to create the {@link SecureRandom}
+ * instances which generate new session IDs.
+ *
+ * @return The name of the algorithm. {@code null} or the empty string means
+ * that platform default will be used
+ */
+ public String getSecureRandomAlgorithm() {
+ return secureRandomAlgorithm;
+ }
+
+
+ /**
+ * Specify a non-default algorithm to use to create instances of
+ * {@link SecureRandom} which are used to generate session IDs. If no
+ * algorithm is specified, SHA1PRNG is used. To use the platform default
+ * (which may be SHA1PRNG), specify {@code null} or the empty string. If an
+ * invalid algorithm and/or provider is specified the {@link SecureRandom}
+ * instances will be created using the defaults for this
+ * {@link SessionIdGenerator} implementation. If that fails, the
+ * {@link SecureRandom} instances will be created using platform defaults.
*
* @param secureRandomAlgorithm The name of the algorithm
*/
@@ -110,7 +117,26 @@ public abstract class SessionIdGenerator
/**
- * Specify a non-default provider to use to generate random numbers.
+ * Get the name of the provider used to create the {@link SecureRandom}
+ * instances which generate new session IDs.
+ *
+ * @return The name of the provider. {@code null} or the empty string means
+ * that platform default will be used
+ */
+ public String getSecureRandomProvider() {
+ return secureRandomProvider;
+ }
+
+
+ /**
+ * Specify a non-default provider to use to create instances of
+ * {@link SecureRandom} which are used to generate session IDs. If no
+ * provider is specified, the platform default is used. To use the platform
+ * default specify {@code null} or the empty string. If an invalid algorithm
+ * and/or provider is specified the {@link SecureRandom} instances will be
+ * created using the defaults for this {@link SessionIdGenerator}
+ * implementation. If that fails, the {@link SecureRandom} instances will be
+ * created using platform defaults.
*
* @param secureRandomProvider The name of the provider
*/
@@ -148,6 +174,8 @@ public abstract class SessionIdGenerator
public int getSessionIdLength() {
return sessionIdLength;
}
+
+
/**
* Specify the number of bytes for a session ID
*
@@ -167,6 +195,7 @@ public abstract class SessionIdGenerator
return generateSessionId(jvmRoute);
}
+
protected void getRandomBytes(byte bytes[]) {
SecureRandom random = randoms.poll();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org