Re: is session id unique across webapps ?

Tim Funk Wed, 04 Jun 2003 21:02:53 -0700

Tomcat creates its sessionids from a random number generator. The breadth of random numbers is very wide allowing for "virtually" no overlaps. But since they are random, dups may appear. Tomcat does have checks to make sure it doesn't give out an existing session id in a particular webapp.

That being said, I think it is possible that the same session_id may be used by two different users for two different webapps.

So if you really need a unique identifier, append session_id to context path.

There was a few discussions in developers list above session id uniqueness.

http://marc.theaimsgroup.com/?t=104072145900001&r=1&w=2
http://marc.theaimsgroup.com/?t=104207956000003&r=1&w=2

-Tim

siddharth wrote:

Hi all,

I am tring to find out about *uniqueness* of *session ids* which are generated by tomcat.
are session ids are unique across webapps ???
-----------------------------------------------
thanx.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: is session id unique across webapps ?

Reply via email to