DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=29060>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29060 synchronized block too small in method createSession class session/ManagerBase.java [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From [EMAIL PROTECTED] 2004-05-18 14:04 ------- As I expected, we're talking about the possibility that a virtually perfect random number generator would generate a duplicate id, during a nanosecond long interval. I'm sure you can find plenty of valid Tomcat issues, but this doesn't look to me like one of them. It is actually not necessary to check if a session id exists or not, as it is an impossibility. The only reason the check is there was because of a number of people who were afraid of meteors, or who could find a valid Windows XP CD key without looking at the back of the CD case. This is why there's a very explicit comment and code (note: there was a bug with duplicate session ids which caused some of this worrying, but it had nothing to do with the session id generator). --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
