org.apache.tomcat.modules.session
Class SessionIdGenerator

java.lang.Object
  |
  +--org.apache.tomcat.core.BaseInterceptor
        |
        +--org.apache.tomcat.modules.session.SessionIdGenerator

public final class SessionIdGenerator
extends BaseInterceptor

Generate session IDs. Will use a random generator and the load balancing route. This class generates a unique 10+ character id. This is good for authenticating users or tracking users around.

This code was borrowed from Apache JServ.JServServletManager.java. It is what Apache JServ uses to generate session ids for users. Unfortunately, it was not included in Apache JServ as a class so I had to create one here in order to use it.

Author:
costin@eng.sun.com, hans@gefionsoftware.com, pfrieden@dChain.com, Shai Fultheim [shai@brm.com], James Duncan Davidson [duncan@eng.sun.com], Jason Hunter [jhunter@acm.org], Jon S. Stevens jon@latchkey.com

Field Summary
static long maxRandomLen
           
static long maxSessionLifespanTics
           
static long ticDifference
           
 
Fields inherited from class org.apache.tomcat.core.BaseInterceptor
cm, ct, ctx, debug, DECLINED, loghelper, OK
 
Constructor Summary
SessionIdGenerator()
           
 
Method Summary
 void engineInit(ContextManager cm)
          Init session management stuff for this context.
 java.lang.String getIdentifier(java.lang.String jsIdent)
           
 int sessionState(Request req, ServerSession sess, int state)
          Hook for session state changes.
 void setRandomClass(java.lang.String randomClass)
           
 void setRandomFile(java.lang.String s)
          Use /dev/random-type special device.
 
Methods inherited from class org.apache.tomcat.core.BaseInterceptor
addContainer, addContext, addHandler, addInterceptor, addSecurityConstraint, afterBody, authenticate, authorize, beforeBody, beforeCommit, contextInit, contextMap, contextShutdown, contextState, engineShutdown, engineStart, engineState, engineStop, findSession, getContext, getContextManager, getDebug, getInfo, getLog, getNote, getNote, handleError, log, log, log, log, postReadRequest, postRequest, postService, postServletDestroy, postServletInit, preService, preServletDestroy, preServletInit, registerHooks, reload, removeContainer, removeContext, removeHandler, removeInterceptor, requestMap, setContext, setContextManager, setDebug, setInfo, setNote, setNote
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

maxRandomLen

public static final long maxRandomLen

maxSessionLifespanTics

public static final long maxSessionLifespanTics

ticDifference

public static final long ticDifference
Constructor Detail

SessionIdGenerator

public SessionIdGenerator()
Method Detail

setRandomClass

public final void setRandomClass(java.lang.String randomClass)

setRandomFile

public void setRandomFile(java.lang.String s)
Use /dev/random-type special device. This is new code, but may reduce the big delay in generating the random. You must specify a path to a random generator file. Use /dev/urandom for linux ( or similar ) systems. Use /dev/random for maximum security ( it may block if not enough "random" exist ). You can also use a pipe that generates random. The code will check if the file exists, and default to java Random if not found. There is a significant performance difference, very visible on the first call to getSession ( like in the first JSP ) - so use it if available.

sessionState

public int sessionState(Request req,
                        ServerSession sess,
                        int state)
Description copied from class: BaseInterceptor
Hook for session state changes. Will be called every time a session change it's state. A session module will announce all changes - like STATE_NEW when the session is created, STATE_EXPIRED when the session is expired, STATE_INVALID when the session is invalidated.
Overrides:
sessionState in class BaseInterceptor

engineInit

public void engineInit(ContextManager cm)
                throws TomcatException
Init session management stuff for this context.
Overrides:
engineInit in class BaseInterceptor
Following copied from class: org.apache.tomcat.core.BaseInterceptor
Throws:
TomcatException - The module will not be added if any exception is thrown by engineInit.

getIdentifier

public java.lang.String getIdentifier(java.lang.String jsIdent)


Copyright © 2001 Apache Software Foundation. All Rights Reserved.