About the session numbers: it uses SecureRandom to generate the
numbers. More information can be found in Tomcat's source code for
org.apache.tomcat.session.StandardManager, the method getNewSession seems to
be particularly relevant.
About storage of JSessionID: the clients software is free to store
it wherever it wants. Most web browsers persist this to the disk as soon as
they receive the cookie, but some delay and only persist when they want to.
Randy
> -----Original Message-----
> From: Pablo Trujillo [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 30, 2001 12:08 PM
> To: [EMAIL PROTECTED]
> Subject: Session in Tomcat
>
>
> Hello friends,
> I need information about how Tomcat assign the numbers of ID for each
> session.
> I also need to know where is the Cookie JSessionID stored.
> I wait you can help me and thank you
> Pablo
>
