Provide Session Id Generation Strategy

[rwinch]

We are currently using UIDs for session id generation. It may be better to include other characters to increase the entropy. We should be careful in how we use SecureRandom See https://www.synopsys.com/blogs/software-security/proper-use-of-javas-securerandom/ Last, we may want to make generating ids a strategy interface so that users can swap this out

• See PR Allow for configuration of session id generation and format. #204

[artgramlich]

+1
Thanks for closing the other issue, somehow I didn't see this issue.

[artgramlich]

I submitted a pull request #204.

[derylspielman]

This would be very helpful so that we can customize the session ID with a suffix of the jvmRoute. We have legacy code that requires the .jvmRoute at the end and currently calling httpRequest.getSession().getId()
comes without the jvmRoute. Any progress on this?