How are a session identifiers generated?

Posted by Asaf R on Stack Overflow See other posts from Stack Overflow or by Asaf R
Published on 2010-03-23T18:37:13Z Indexed on 2010/03/23 18:43 UTC
Read the original article Hit count: 235

Filed under:
|
|
|

Most web applications depend on some kind of session with the user (for instance, to retain login status). The session id is kept as a cookie in the user's browser and sent with every request.

To make it hard to guess the next user's session these session-ids need to be sparse and somewhat random. The also have to be unique.

The question is - how to efficiently generate session ids that are sparse and unique?

This question has a good answer for unique random numbers, but it seems not scalable for a large range of numbers, simply because the array will end up taking a lot of memory.

© Stack Overflow or respective owner

Related posts about language-agnostic

Related posts about random