Is the random number generator used to create Session ID's for SSO FIPS 140-2 compliant and is at least half of the value created using a definable source of entropy (PRNG)?
Yes, the random number generator used to create Session IDs is FIPS 140-2 compliant and at least half of the value is created using a definable source of entropy.