NAME

       Apache::Session::Generate::MD5 - Use MD5 to create random object IDs

SYNOPSIS

        use Apache::SessionX::Generate::MD5;

        $id = Apache::SessionX::Generate::MD5::generate($string);

DESCRIPTION

       This module fulfills the ID generation interface of Apache::SessionX.  If you don't give the argument
       $string, the IDs are generated using a two-round MD5 of a random number, the time since the epoch, the
       process ID, and the address of an anonymous hash.  The resultant ID number is highly entropic on Linux
       and other platforms that have good random number generators.  You are encouraged to investigate the
       quality of your system's random number generator if you are using the generated ID numbers in a secure
       environment.  If you give $string the ID is the MD5 hash of that string.

       This module can also examine session IDs to ensure that they are, indeed, session ID numbers and not evil
       attacks.  The reader is encouraged to consider the effect of bogus session ID numbers in a system which
       uses these ID numbers to access disks and databases.

       This modules takes one argument in the usual Apache::Session style.  The argument is IDLength, and the
       value, between 0 and 32, tells this module where to truncate the session ID.  Without this argument, the
       session ID will be 32 hexadecimal characters long, equivalent to a 128-bit key.

AUTHOR

       This module was written by Jeffrey William Baker <jwbaker@acm.org> and modified by Gerald Richter
       <richter@dev.ecos.de>.

SEE ALSO

       Apache::Session