cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Bit strength of JSESSIONID?

mkane1
Participant ,
Aug 10, 2011 Aug 10, 2011

Our security folks are proposing new coding standards, one being "Use session identifiers of at least 128 bits long". Sorry if I missed it, but I can't find how many bits is JSESSIONID, does anyone know?

1.3K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Adam Cameron.
LEGEND , Aug 10, 2011 Aug 10, 2011

You should be able to work this out for yourself.

Looking @ a jsessionid value, you can see it's a 36 digit hexadecimal number.  Each hexadecimal digit is four bits long.  36x4=144 bits.

As an aside, I'm rather surprised it's 36 digits long, rather than just a UUID (32 digits long).  Anyone else know why?

--

Adam

Translate
replies 3 Replies 3
latest latest Jump to latest reply
Adam Cameron.
LEGEND ,
Aug 10, 2011 Aug 10, 2011

You should be able to work this out for yourself.

Looking @ a jsessionid value, you can see it's a 36 digit hexadecimal number.  Each hexadecimal digit is four bits long.  36x4=144 bits.

As an aside, I'm rather surprised it's 36 digits long, rather than just a UUID (32 digits long).  Anyone else know why?

--

Adam

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
mkane1
Participant ,
Aug 10, 2011 Aug 10, 2011
In Response To Adam Cameron.

Thanks Adam. hexadecimal? bits long? I never understood that kind of math!

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adam Cameron.
LEGEND ,
Aug 10, 2011 Aug 10, 2011
LATEST
In Response To mkane1

I guess I'm old school... we needed to know this stuff back when I started out.  I s'pose it's less important to know these days.

But that's no reason for you to not find out:

http://en.wikipedia.org/wiki/Hexadecimal

--

Adam

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices