tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arnab Ghosh <>
Subject Re: Uniqueness of a sessionId
Date Sat, 09 Jan 2010 06:14:32 GMT
Dear Friends,

How it will be I create a new manager which will extend standardmanager and
then if  overload the generateSessionId() method. I will mot change the
session Id generation code. Instead of that I will add a new static set and
will store all generated sessionId there. I will continue the loop of
generating a unique session Id until it get added in that static set (By
default it will check a instance map where it used to store all session and
sessionId as a key).


On Sat, Jan 9, 2010 at 2:22 AM, Christopher Schultz <> wrote:

> Hash: SHA1
> Tim,
> On 1/8/2010 8:38 AM, Tim Funk wrote:
> > The way things work now by default ... The session cookie is set at the
> > path level and is different per context. So you may have multiple
> > sessino id cookies set for a given server (but given the path constraint
> > on the cookie - you only get one of those cookies (typically))
> Yup: as long as you don't have nested contexts (i.e. /foo and /foo/bar)
> then you shouldn't have any JSESSIONID cookie confusion.
> If you are using URL rewriting, then just make sure not to re-write URLs
> that switch between webapps (or re-write then very carefully) and you'll
> be fine.
> - -chris
> Version: GnuPG v1.4.10 (MingW32)
> Comment: Using GnuPG with Mozilla -
> F2UAn0P/3OCBKLu2YuHHCTGpd4xNU3/u
> =MfpQ
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message