Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v diff -u -r1.13.2.2 -r1.13.2.3 --- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 20 Feb 2003 07:34:37 -0000 1.13.2.2 +++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 7 Mar 2003 00:32:29 -0000 1.13.2.3 @@ -986,17 +986,21 @@ @param secret allows the caller to specify a known secret external to the random secret management mechanism. - @param token_id allows the caller to specify a token_id. + @param token_id allows the caller to specify a token_id which is then ignored so don't use it. @param value the value to be signed. } { - # pick a random token_id + if { [empty_string_p $secret] } { - set token_id [sec_get_random_cached_token_id] + if {[empty_string_p $token_id]} { + # pick a random token_id + set token_id [sec_get_random_cached_token_id] + } set secret_token [sec_get_token $token_id] } else { set secret_token $secret } + ns_log Debug "Security: Getting token_id $token_id, value $secret_token"