tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Rescorla <...@rtfm.com>
Subject Re: Duplicate session IDs are *common*
Date Fri, 10 Jan 2003 21:57:44 GMT
Costin Manolache <cmanolache@yahoo.com> writes:

> Eric Rescorla wrote:
> 
> > Dirk-Willem van Gulik <dirkx@webweaving.org> writes:
> > 
> >> > ID provides a statistical probability of collision so low that
> >> > there is no need to explicitly check for uniqueness.
> >> 
> >> Or just add a syncronized i++ to make sure.
> > Yes.
> > 
> > There's nothing wrong with what you propose, but it's sort of
> > like saying "maybe I should wear a helmet at all times
> > because a meteor might drop on my head". Sure, it could happen,
> > btu it's not the thing I'd worry about.
> 
> I find it amazing that 2 people reported beeing hit by meteors (duplicate 
> session ids ) in the same week.  
I do too. Something is wrong but I don't know what it is yet.

However, the solution isn't to add a bandaid, but rather to
examine the code and figure out what's broken.

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
                http://www.rtfm.com/

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message