I've seen people have problems with that approach (at least within the GWT
context). I prefer to just manually generate my session ids & set that in
the sid cookie.
public static final byte [] VALID_SESSION_CHAR = new byte[10 + ('z' - 'a' +
1)];
private static final SecureRandom rand = new SecureRandom();
static {
for (byte i = 0; i < 10; i++)
VALID_SESSION_CHAR[i] = '0' + i;
for (byte i = 'z' - 'a'; i >= 0; i--)
VALID_SESSION_CHAR[i] = 'a' + i;
}
static String authenticate(String clientName, String username, String
password)
{
if (!isValid(username, password)) {
// perhaps detect too many invalid attempts from clientName in a short
period of time & block temporarily
throw new AuthenticationException();
}
byte[] sessionID = new byte[SESSION_ID_LENGTH];
int failCount = 0;
// set a transaction save point (if not supported, then you have to
rework the logic).
while (++failCount < MAX_FAIL_COUNT) {
for (int i = SESSION_LENGTH - 1; i >= 0; i--) {
sessionID[i] =
VALID_SESSION_CHAR[rand.nextInt(VALID_SESSION_CHAR.length)];
}
// try to insert sessionID into a table where the session ID is
unique - on failure, reset to save point
}
if (failCount == MAX_FAIL_COUNT) {
// couldn't generate the session id - maybe the session id length
is too small
throw new AuthenticationException();
}
// complete transaction
return new String(sessionID);
}
static void createSession(String username, String password) {
String sessionID = authenticate(getThreadLocalRequest().getRemoteAddr(),
username, password);
Cookie sid = new Cookie("sid", sessionID);
getThreadLocalResponse().addCookie(sid);
}
2009/5/7 Joakim Sjöberg <joakim.sjob...@artificial-solutions.com>
>
> Hi!
>
> Just wanted to say thank you for your help! It worked nicely!
>
> // Joakim
>
> -----Original Message-----
> From: Google-Web-Toolkit@googlegroups.com [mailto:
> google-web-tool...@googlegroups.com] On Behalf Of Adligo
> Sent: Thursday, May 07, 2009 1:37 AM
> To: Google Web Toolkit
> Subject: Re: Unique identifier
>
>
> Hi,
>
> I would go with the HttpSession identifier, it should always be
> unique (something like 1 in 1 billion chance it will duplicate over a
> year). Also if I was going to add a log to do it, I would use the
> adligo i_log code (I'm partial I wrote it), but its already on in your
> Servlet api so assumeing your calling a rpc mehod somewhere.
>
> //something like...
> myRPC() {
> super.getThreadLocalRequest().getSession().getId();
> }
>
> Cheers,
> Scott
>
> On May 6, 2:43 pm, Joakim Sjöberg <joakim.sjob...@artificial-
> solutions.com> wrote:
> > Hi!
> >
> > Seems good, but I still got the problem with the unique identifier,
> right?
> >
> > // Joakim
> >
> > -----Original Message-----
> > From: Google-Web-Toolkit@googlegroups.com [mailto:
> google-web-tool...@googlegroups.com] On Behalf Of Salvador Diaz
> > Sent: Wednesday, May 06, 2009 4:46 PM
> > To: Google Web Toolkit
> > Subject: Re: Unique identifier
> >
> > You could use gwt-log:http://code.google.com/p/gwt-log/
> > with a RemoteLogger
> >
> > Hope that helps,
> >
> > Salvador
> >
> > On May 6, 4:33 pm, Joakim Sjöberg <joakim.sjob...@artificial-
> > solutions.com> wrote:
> > > Hi!
> >
> > > Yes I know that, more or less what I want is some way to uniquely
> identify every time a user
> > > goes into my page. When they do that I want to put that into a database
> (for example time when they used
> > > my page) and in the end I want when they come to the end of my page
> (it's a form page) record the time
> > > when they were finished. And for that I need to have a unique
> identifier that I can use to update the
> > > database with.
> >
> > > Hope this helps to explain more what I want.
> >
> > > // Joakim
> >
> > > -----Original Message-----
> > > From: Google-Web-Toolkit@googlegroups.com [mailto:
> google-web-tool...@googlegroups.com] On Behalf Of Salvador Diaz
> > > Sent: Wednesday, May 06, 2009 4:16 PM
> > > To: Google Web Toolkit
> > > Subject: Re: Unique identifier
> >
> > > What do you call a "GWT instance" ? Do you know that GWT applications
> > > are just HTML + js + servlets ? (servlets are the RPC implementations)
> >
> > > On May 6, 12:53 pm, Joakim Sjöberg <joakim.sjob...@artificial-
> > > solutions.com> wrote:
> > > > Hello!
> >
> > > > I am trying to build a function that stores data about each GWT
> instance that is running in a database. Is there anyway
> > > > way to get some sort of unique identifier from GWT in an easy way? I
> have looked some at session handling, is that
> > > > the right way to go? Should I use the RPC functionality for this?
> >
> > > > Joakim Sjöberg
> >
> > > > Technical Consultant
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to Google-Web-Toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/Google-Web-Toolkit?hl=en
-~----------~----~----~----~------~----~------~--~---
