commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phil Steitz <>
Subject Re: [id] UUID Version 4
Date Mon, 26 Apr 2004 05:49:01 GMT
Jörg Schaible wrote:
> Hi,
> just to assure, that my assumptions regarding the usage of the UUID
> version 4 IdentitifierGenerator are correct.
> In my scenario I use the UUID to give some objects a unique id. These
> objects can be created very fast and some are serialized in the
> application realizing persistance. The generator itself is created at
> application startup. The application does not share this persistent
> storage with other instances, so my single requirement is to have
> unique ids independent of the application's session. IMHO UUID version
> 4 is enough for this purpose as long I do not set the system's clock.
> Can anyone configm this ?

The Version 4 UUID is based on random bytes so does not depend on the 
system clock.  The current [id] implementation uses a static SecureRandom 
to source the random bytes. The implementation tries to get a SecureRandom 
instance using SecureRandom.getInstance("SHA1PRNG", "SUN") and falls back 
to use a Random if this is not available.  Assuming a SecureRandom is 
used, initialization (which happens on first use once the class is loaded) 
will fully randomize PRNG state, so there is no need to worry 
(realistically) about collisions across application sessions, regardless 
of what may be going on with the system clock.  If the 
SecureRandom.getInstance fails and an ordinary Random is used, the default 
initialization using the system clock will apply, so collisions could in 
theory occur if the app is restarted with the same system clock time.

You could also use if all you need is 
uniqueness (i.e. you don't need the UUID format).


> Regards, Jörg
> --------------------------------------------------------------------- 
> To unsubscribe, e-mail: For
> additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message