Return-Path: 
 <users-return-206703-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: (qmail 48093 invoked from network); 9 Jan 2010 11:01:44 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 9 Jan 2010 11:01:44 -0000
Received: (qmail 76481 invoked by uid 500); 9 Jan 2010 11:01:40 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 76420 invoked by uid 500); 9 Jan 2010 11:01:40 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 76409 invoked by uid 99); 9 Jan 2010 11:01:40 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 09 Jan 2010 11:01:40 +0000
X-ASF-Spam-Status: No, hits=2.2 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of ghosh@glenwoodsystems.com
 designates 209.85.220.211 as permitted sender)
Received: from [209.85.220.211] (HELO mail-fx0-f211.google.com)
 (209.85.220.211)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 09 Jan 2010 11:01:33 +0000
Received: by fxm3 with SMTP id 3so10097824fxm.24
        for <users@tomcat.apache.org>; Sat, 09 Jan 2010 03:01:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.239.190.66 with SMTP id w2mr691888hbh.61.1263034871977; Sat,
	09 Jan 2010 03:01:11 -0800 (PST)
In-Reply-To: <62e0109f1001090257o16ed6d55g8d0608c9e760d6e0@mail.gmail.com>
References: <62e0109f1001090257o16ed6d55g8d0608c9e760d6e0@mail.gmail.com>
Date: Sat, 9 Jan 2010 16:31:11 +0530
Message-ID: <62e0109f1001090301h4f02b347t937caebe42dcbc6b@mail.gmail.com>
Subject: Fwd: Tomcat Session Id generation Overriding!!
From: Arnab Ghosh <ghosh@glenwoodsystems.com>
To: Tomcat Users List <users@tomcat.apache.org>
Content-Type: multipart/alternative; boundary=001485f1d8cee217f1047cb9384a

--001485f1d8cee217f1047cb9384a
Content-Type: text/plain; charset=ISO-8859-1

 Dear Friends,

Tomcat is using ManagerBase generateSessionId() to generate session Id. But
I want a generation mechnism where each sessionId will be unique in whole
tomcat. Right now it is unique in a single context. But I want uniqueness
will be among all context running under the tomcat. How can I do that (In a
easieast way)??

Still now I have written a class which has extended the
org.apache.session.standardManager class. Then I have changed the code
slightly. But I don't know whether any sideeffect will be there or not??


Please look on my
code----------------------------------------------------------------


package com.myproject.session;


import java.util.HashSet;
import java.util.Set;
import org.apache.catalina.Session;
import org.apache.catalina.session.StandardManager;


public class MySessionManager extends StandardManager {

 public static Set<String> unquieSessionIdset = new HashSet<String>();

 @Override
 public void remove(Session session) {
       unquieSessionIdset.remove(session.getIdInternal());
       super.remove(session);
 }



 @Override
 protected synchronized String generateSessionId() {
  byte random[] = new byte[16];
  String jvmRoute = getJvmRoute();
        String result = null;
        // Render the result as a String of hexadecimal digits
        StringBuffer buffer = new StringBuffer();
        do {
            int resultLenBytes = 0;
            if (result != null) {
                buffer = new StringBuffer();
               duplicates++;
            }
            while (resultLenBytes < this.sessionIdLength) {
                getRandomBytes(random);
                random = getDigest().digest(random);
                for (int j = 0;
                j < random.length && resultLenBytes < this.sessionIdLength;
                j++) {
                    byte b1 = (byte) ((random[j] & 0xf0) >> 4);
                    byte b2 = (byte) (random[j] & 0x0f);
                    if (b1 < 10)
                        buffer.append((char) ('0' + b1));
                    else
                        buffer.append((char) ('A' + (b1 - 10)));
                    if (b2 < 10)
                        buffer.append((char) ('0' + b2));
                    else
                        buffer.append((char) ('A' + (b2 - 10)));
                    resultLenBytes++;
                }
            }
            if (jvmRoute != null) {
                buffer.append('.').append(jvmRoute);
            }
            result = buffer.toString();
        } while (sessions.containsKey(result) ||
!unquieSessionIdset.add(result));

        return (result);
 }
}


Can You please tell me whether it will have any other problem or not?? Or
can you give any alternative solution??

Actually I kept the existing code. With that I addeda a static set. And I am
keeping the generated session in set also. While generating Id I am trying
to add that to set. if successfully added then I will return that key.

Thanks
Arnab Ghosh

--001485f1d8cee217f1047cb9384a--