Return-Path: Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 78153 invoked from network); 7 Feb 2001 11:20:49 -0000 Received: from hinge3.mistral.co.uk (195.184.228.58) by h31.sny.collab.net with SMTP; 7 Feb 2001 11:20:49 -0000 Received: from SANTANA.bitbull.com (ip121.adsl.mistral.co.uk [195.184.249.121]) by hinge3.mistral.co.uk (8.9.3/8.9.3) with ESMTP id LAA25308 for ; Wed, 7 Feb 2001 11:20:52 GMT Message-Id: <4.3.2.7.2.20010207110912.02b3cf90@pop3.demon.co.uk> X-Sender: kief_bitbull@kief.demon.co.uk@pop3.demon.co.uk X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 07 Feb 2001 11:15:17 +0000 To: tomcat-user@jakarta.apache.org From: Kief Morris Subject: Re: Length of JSESSIONID ? In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N david.svanberg@kentor.se typed the following on 09:56 AM 2/7/2001 +0100 >In order to configure our load balancer to enable cookie based >persistence we have to set the name of the cookie the load balancer will >look for, but we also need to set the number of characters in that >string that are unique. So my question is: What is the length of the >JSESSIONID cookie? I snooped and counted to 26 characters. Is it a fixed >length? The specification doesn't say anything about the length of the ID. The code to create session ID's in Tomcat 3.2 is org.apache.tomcat.util.SessionIdGenerator. A comment at the top says, "This class generates a unique 10+ character id." You could look through the code to figure out which parts of the string are likely to be unique, but you'd be in danger of breaking your load balancer as soon as somebody tweaked that bit of code. It might be safest to assume the whole thing is unique. Kief