tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kief Morris <>
Subject Re: Length of JSESSIONID ?
Date Wed, 07 Feb 2001 11:15:17 GMT typed the following on 09:56 AM 2/7/2001 +0100
>In order to configure our load balancer to enable cookie based
>persistence we have to set the name of the cookie the load balancer will
>look for, but we also need to set the number of characters in that
>string that are unique. So my question is: What is the length of the
>JSESSIONID cookie? I snooped and counted to 26 characters. Is it a fixed

The specification doesn't say anything about the length of the ID. The code
to create session ID's in Tomcat 3.2 is org.apache.tomcat.util.SessionIdGenerator.
A comment at the top says, "This class generates a unique 10+ character id."
You could look through the code to figure out which parts of the string are
likely to be unique, but you'd be in danger of breaking your load balancer
as soon as somebody tweaked that bit of code. It might be safest to assume
the whole thing is unique.


View raw message