Dave,
I missed your post in October. Yours and igain's are the only reports I've had
of this occuring. It's obviously a significant concern.
How frequently are you seeing this?
Only suggestions I can make involve code changes:
1) To
tomcat/src/main/org/jboss/web/tomcat/service/session/JBossCacheManager.java add
| @Override
| protected String getNextId()
| {
| while (true)
| {
| String id = super.getNextId();
| if (sessions_.containsKey(id) || unloadedSessions_.containsKey(id))
| {
| continue;
| }
| else
| {
| return id;
| }
| }
| }
That's in later version of the class.
2) The SessionIDGenerator class itself was recently changed, primarily to
support use of /dev/urandom as a source of random bytes. You could look at
porting some of that back to the 4.2.3 version. Current version of the class is
at
https://svn.jboss.org/repos/jbossas/trunk/tomcat/src/main/java/org/jboss/web/tomcat/service/session/SessionIDGenerator.java
I've tested the SessionIDGenerator and created millions of IDs without
duplicates. So any info on when/how this happens would be most appreciated.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270104#4270104
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270104
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
