org.apache.tomcat.modules.session
Class SessionIdGenerator
java.lang.Object
org.apache.tomcat.core.BaseInterceptor
org.apache.tomcat.modules.session.SessionIdGenerator
- public final class SessionIdGenerator
- extends BaseInterceptor
Generate session IDs. Will use a random generator and the
load balancing route.
This class generates a unique 10+ character id. This is good
for authenticating users or tracking users around.
This code was borrowed from Apache JServ.JServServletManager.java.
It is what Apache JServ uses to generate session ids for users.
Unfortunately, it was not included in Apache JServ as a class
so I had to create one here in order to use it.
- Author:
- costin@eng.sun.com, hans@gefionsoftware.com, pfrieden@dChain.com, Shai Fultheim [shai@brm.com], James Duncan Davidson [duncan@eng.sun.com], Jason Hunter [jhunter@acm.org], Jon S. Stevens jon@latchkey.com
Methods inherited from class org.apache.tomcat.core.BaseInterceptor |
addContainer, addContext, addHandler, addInterceptor, addSecurityConstraint, afterBody, authenticate, authorize, beforeBody, beforeCommit, contextInit, contextMap, contextShutdown, contextState, engineShutdown, engineStart, engineState, engineStop, findSession, getContext, getContextManager, getDebug, getInfo, getLog, getNote, getNote, handleError, log, log, log, log, postReadRequest, postRequest, postService, postServletDestroy, postServletInit, preService, preServletDestroy, preServletInit, registerHooks, reload, removeContainer, removeContext, removeHandler, removeInterceptor, requestMap, setContext, setContextManager, setDebug, setInfo, setNote, setNote |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
maxRandomLen
public static final long maxRandomLen
- See Also:
- Constant Field Values
maxSessionLifespanTics
public static final long maxSessionLifespanTics
- See Also:
- Constant Field Values
ticDifference
public static final long ticDifference
- See Also:
- Constant Field Values
SessionIdGenerator
public SessionIdGenerator()
setRandomClass
public final void setRandomClass(java.lang.String randomClass)
setRandomFile
public void setRandomFile(java.lang.String s)
- Use /dev/random-type special device. This is new code, but may reduce the
big delay in generating the random.
You must specify a path to a random generator file. Use /dev/urandom
for linux ( or similar ) systems. Use /dev/random for maximum security
( it may block if not enough "random" exist ). You can also use
a pipe that generates random.
The code will check if the file exists, and default to java Random
if not found. There is a significant performance difference, very
visible on the first call to getSession ( like in the first JSP )
- so use it if available.
sessionState
public int sessionState(Request req,
ServerSession sess,
int state)
- Description copied from class:
BaseInterceptor
- Hook for session state changes.
Will be called every time a session change it's state.
A session module will announce all changes - like STATE_NEW when
the session is created, STATE_EXPIRED when the session is expired,
STATE_INVALID when the session is invalidated.
- Overrides:
sessionState
in class BaseInterceptor
engineInit
public void engineInit(ContextManager cm)
throws TomcatException
- Init session management stuff for this context.
- Overrides:
engineInit
in class BaseInterceptor
- Throws:
TomcatException
- The module will not be added if any
exception is thrown by engineInit.
getIdentifier
public java.lang.String getIdentifier(java.lang.String jsIdent)
Copyright © 2001 Apache Software Foundation. All Rights Reserved.