This discussion is archived
3 Replies Latest reply: Mar 14, 2013 2:53 AM by Nilum RSS

Session ID of HttpServletRequest is too long

935795 Newbie
Currently Being Moderated
Hello,

I migrated an application from Websphere to Weblogic.
In our Application code, there is a usage for the javax.servlet.http.HttpServletRequest's getRequestedSessionId() method. The team that developed this Application has used this session id as an identity of a user transaction and stored in its Audit database table.
In Websphere/J2EE1.4, this id has a reliable length of 24 characters. However, in Weblogic/JavaEE6, the length is variable. So far, I have seen it grow to 63. I am not permitted to increase the database column value. I can change the code, but its not advisable.
I could not see any documentation on why the length of the requestedSessionID is variable, what is the max length and why do you have special characters in the id.

Example
Weblogic generated ID FGHbR1FMFL1XCJKvV6MQ1HYBvJvvywh59Y8n2tjPZ10p0C81tvzy!-485579981!1363101068366
Websphere generated ID Dbpr3DJUbCanpEXDpLxFZ7D

Your guidance will be very useful.

Thanks,
Raj

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points