Custom session id generator for Tomcat 7/JBoss7

Folks,

My webapp needs URL-safe session ids. Those generated by JBoss 7 (embedded Tomcat 7 inside JBoss) have characters like "+" which cause us some heartache. One of the avenues I am ex开发者_JAVA技巧ploring is the generate URL-safe session ids. Does someone know the correct hook point in a J2EE web application where I can plug in my custom session id generator?

Ideally this hook point comes from the servlet API itself. If not, am happy with a Tomcat/JBoss specific solution too.

Thanks.

-Raj

I know this was asked more than 10 years ago but, I just had a chance of working on Custom Session Id Generator and found this unanswered question during my RND.

Here is a Tomcat specific solution. (Tomcat 10.0)

You can plug-in your Custom Session Id Generator in Tomcat by following the steps given below:

1. Implement org.apache.catalina.SessionIdGenerator interface.
2. Create jar file for this implementation and place it in {CATALINA_HOME}\lib folder (This step is important as you will get ClassNotFoundException in case you don't perform this step)
3. Add configuration for your session id generator in WEB-INF/context.xml file of your application. e.g.

<Context>
    <Manager>
       <SessionIdGenerator className="com.yourpackage.MySessionIdGenerator"/>
    </Manager>
</Context>