Bill Barker wrote:
"Schnitzer, Jeff" <[EMAIL PROTECTED]> writes:
The standard fix for this is to use a cryptographic pseudo-random
number generator, such as Java's SecureRandom. SecureRandom
automatically seeds itself from allegedly random system data.
the probability that two sufficiently long random numbers
(e.g. 16 bytes) will collide is vanishing. (E.g. with a 16-byte
session ID, you'd have to generate > 2^60 session IDs to have
a reasonable chance of collision.
Nice to have you back Eric :-)
As far as I can tell, ManagerBase could really use your expertise on this.
The current algorithm is really bad :-(
Yes, it would be nice to have a new one for Tomcat 5.
Remy
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
