Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 3914 invoked from network); 4 Jun 2003 13:28:03 -0000 Received: from exchange.sun.com (192.18.33.10) by daedalus.apache.org with SMTP; 4 Jun 2003 13:28:03 -0000 Received: (qmail 7388 invoked by uid 97); 4 Jun 2003 13:30:18 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@nagoya.betaversion.org Received: (qmail 7381 invoked from network); 4 Jun 2003 13:30:17 -0000 Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12) by nagoya.betaversion.org with SMTP; 4 Jun 2003 13:30:17 -0000 Received: (qmail 2132 invoked by uid 500); 4 Jun 2003 13:27:34 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 2117 invoked from network); 4 Jun 2003 13:27:33 -0000 Received: from unknown (HELO wbmail.guidestar.org) (209.96.199.2) by daedalus.apache.org with SMTP; 4 Jun 2003 13:27:33 -0000 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: is session id unique across webapps ? Date: Wed, 4 Jun 2003 09:27:34 -0400 Message-ID: <24A8596C44DF4F4DA442CBE269C351BDBADFA3@wbmail.guidestar.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: is session id unique across webapps ? Thread-Index: AcMqh9Zg4e93qnZRQYunqEdYp+/zAQAFLc9w From: "Angus Mezick" To: "Tomcat Users List" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hmm, I just read those two thread and I didn't see a final solution. Is getJvmRoute() unique across tomcat instances running on 5 web servers all serving the same app using a JDBC session manager. I know session id is unique within a webapp but what about over a cluster of webapps that don't use sticky sessions? All that blather about it being a statistical improbability that a session id will be duped is crap. It has to be IMPOSSIBLE across a non-sticky cluster for a dupe session id to be generated. --Angus > -----Original Message----- > From: Tim Funk [mailto:funkman@joedog.org]=20 > Sent: Wednesday, June 04, 2003 6:56 AM > To: Tomcat Users List > Subject: Re: is session id unique across webapps ? >=20 >=20 > Tomcat creates its sessionids from a random number generator.=20 > The breadth of=20 > random numbers is very wide allowing for "virtually" no=20 > overlaps. But since=20 > they are random, dups may appear. Tomcat does have checks to=20 > make sure it=20 > doesn't give out an existing session id in a particular webapp. >=20 > That being said, I think it is possible that the same=20 > session_id may be used=20 > by two different users for two different webapps. >=20 > So if you really need a unique identifier, append session_id=20 > to context path. >=20 > There was a few discussions in developers list above session=20 > id uniqueness. >=20 http://marc.theaimsgroup.com/?t=3D104072145900001&r=3D1&w=3D2 http://marc.theaimsgroup.com/?t=3D104207956000003&r=3D1&w=3D2 -Tim siddharth wrote: > Hi all, >=20 > I am tring to find out about *uniqueness* of *session ids* which are=20 > generated by tomcat. >=20 > are session ids are unique across webapps ??? > ----------------------------------------------- >=20 >=20 >=20 > thanx. >=20 --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org