On Wed, 24 Feb 1999, Christopher G. Petrilli wrote:
Ah, I guess I glossed over the idea ... these IDs are generated once, and I *AM* assuming that at any instantaneous point in time (i.e. subsecond accuracy) there are not two of them from the same IP address being generated :-)
Actually, Linux/UNIX is hardly an issue any more for web servers, firewalls however, ARE :-)
So if you had two people coming from Firewall A (192.168.1.1), so long as they got their IDs at lest a 10th of a second apart (or whatever accuracy time.time() returns) they'd always be unique.
Make more sense now? :-) BTW, I've got to get an SHA1 implementation in the libraries, i Just don't like MD5.
Errr, could you hash in the user name as well so that we might even be able to further avoid that 10th of a second part. Heck why I'm at it (it being suggesting more work for others to do). Could we get these sessions to expire after a certain inactiviy period? And possibly map sessions to acl_user folders so that they don't have to re-login (as long as their sessions are valid) and so that we can replace that ugly browser dialog box with a pretty web page of our own design? --------------------------------------------------- - Scott Robertson Phone: 714.972.2299 - - CodeIt Computing Fax: 714.972.2399 - - http://codeit.com - ---------------------------------------------------