1 16 22 23 package org.mortbay.j2ee.session; 24 25 29 import java.security.MessageDigest ; 30 import java.security.NoSuchAlgorithmException ; 31 import java.security.SecureRandom ; 32 import java.util.Random ; 33 34 import javax.servlet.http.HttpServletRequest ; 35 36 import org.jfox.ioc.logger.Logger; 37 38 public class 39 GUIDGenerator 40 implements IdGenerator 41 { 42 protected static final Logger _log=Logger.getLogger(GUIDGenerator.class); 43 44 protected final static int SESSION_ID_BYTES = 16; protected final static String SESSION_ID_HASH_ALGORITHM = "MD5"; 46 protected final static String SESSION_ID_RANDOM_ALGORITHM = "SHA1PRNG"; 47 protected final static String SESSION_ID_RANDOM_ALGORITHM_ALT = "IBMSecureRandom"; 48 49 protected MessageDigest _digest=null; 50 protected Random _random=null; 51 52 56 public synchronized String nextId(HttpServletRequest request) 57 { 58 if (_digest==null) { 59 _digest=getDigest(); 60 } 61 62 if (_random==null) { 63 _random=getRandom(); 64 } 65 66 byte[] bytes=new byte[SESSION_ID_BYTES]; 67 68 _random.nextBytes(bytes); 70 71 bytes=_digest.digest(bytes); 73 74 return encode(bytes); 76 } 77 78 85 protected String encode(byte[] data) 86 { 87 char[] out = new char[((data.length + 2) / 3) * 4]; 88 char[] alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-*".toCharArray(); 89 90 for (int i=0, index=0; i<data.length; i+=3, index+=4) { 95 boolean quad = false; 96 boolean trip = false; 97 98 int val = (0xFF & (int) data[i]); 99 val <<= 8; 100 if ((i+1) < data.length) { 101 val |= (0xFF & (int) data[i+1]); 102 trip = true; 103 } 104 val <<= 8; 105 if ((i+2) < data.length) { 106 val |= (0xFF & (int) data[i+2]); 107 quad = true; 108 } 109 out[index+3] = alphabet[(quad? (val & 0x3F): 64)]; 110 val >>= 6; 111 out[index+2] = alphabet[(trip? (val & 0x3F): 64)]; 112 val >>= 6; 113 out[index+1] = alphabet[val & 0x3F]; 114 val >>= 6; 115 out[index+0] = alphabet[val & 0x3F]; 116 } 117 return new String (out); 118 } 119 120 124 protected synchronized Random getRandom() 125 { 126 long seed; 127 Random random=null; 128 129 seed=System.currentTimeMillis(); 131 seed^=Runtime.getRuntime().freeMemory(); 132 133 try { 134 random=SecureRandom.getInstance(SESSION_ID_RANDOM_ALGORITHM); 135 } 136 catch (NoSuchAlgorithmException e) 137 { 138 try 139 { 140 random=SecureRandom.getInstance(SESSION_ID_RANDOM_ALGORITHM_ALT); 141 } 142 catch (NoSuchAlgorithmException e_alt) 143 { 144 _log.error("Could not generate SecureRandom for session-id randomness",e); 145 _log.error("Could not generate SecureRandom for session-id randomness",e_alt); 146 return null; 147 } 148 } 149 150 random.setSeed(seed); 152 153 return random; 154 } 155 156 160 protected synchronized MessageDigest getDigest() 161 { 162 MessageDigest digest=null; 163 164 try { 165 digest=MessageDigest.getInstance(SESSION_ID_HASH_ALGORITHM); 166 } catch (NoSuchAlgorithmException e) { 167 _log.error("Could not generate MessageDigest for session-id hashing",e); 168 return null; 169 } 170 171 return digest; 172 } 173 174 public synchronized Object 175 clone() 176 { 177 try 178 { 179 return super.clone(); 180 } 181 catch (CloneNotSupportedException e) 182 { 183 _log.warn("could not clone IdGenerator",e); 184 return null; 185 } 186 } 187 } 188 | Popular Tags |