2 // System.Web.SessionState.SessionId
5 // Jackson Harper (jackson@ximian.com)
7 // Copyright (C) 2003,2006 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using System.Security.Cryptography;
31 using System.Web.Util;
33 namespace System.Web.SessionState {
35 internal class SessionId {
37 internal const int IdLength = 24;
38 const int half_len = IdLength / 2;
39 static RandomNumberGenerator rng = RandomNumberGenerator.Create ();
41 internal static string Create ()
43 byte[] key = new byte [half_len];
48 return MachineKeySectionUtils.GetHexString (key);
52 internal static string Lookup (HttpRequest request, bool cookieless)
55 return (string) request.Headers [SessionStateModule.HeaderName];
57 HttpCookie cookie = request.Cookies [SessionStateModule.CookieName];