You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2010/09/03 19:41:36 UTC

[jira] Created: (SLING-1729) FormAuthenticationHandler activation may take a long time

FormAuthenticationHandler activation may take a long time
---------------------------------------------------------

                 Key: SLING-1729
                 URL: https://issues.apache.org/jira/browse/SLING-1729
             Project: Sling
          Issue Type: Improvement
          Components: Authentication
    Affects Versions: Form Based Authentication 1.0.0
            Reporter: Felix Meschberger
            Assignee: Felix Meschberger
             Fix For: Form Based Authentication 1.0.2


During the activation of the FormAuthenticationHandler the TokenStore is initialized which includes setting up codes for cookie hashing. These codes are based on SecureRandom.getBytes which may take some time to complete.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (SLING-1729) FormAuthenticationHandler activation may take a long time

Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/SLING-1729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Felix Meschberger updated SLING-1729:
-------------------------------------

    Attachment: SLING-1729.patch

Patch implementing a faster mechanism to seed the SecureRandom number generator. By default this faster mechanism is disabled and must be explicitly enabled with configuration.

> FormAuthenticationHandler activation may take a long time
> ---------------------------------------------------------
>
>                 Key: SLING-1729
>                 URL: https://issues.apache.org/jira/browse/SLING-1729
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0
>         Environment: Ubuntu Jaunty 09.10, 64bit
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Form Based Authentication 1.0.2
>
>         Attachments: SLING-1729.patch
>
>
> During the activation of the FormAuthenticationHandler the TokenStore is initialized which includes setting up codes for cookie hashing. These codes are based on SecureRandom.getBytes which may take some time to complete.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Resolved: (SLING-1729) FormAuthenticationHandler activation may take a long time

Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/SLING-1729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Felix Meschberger resolved SLING-1729.
--------------------------------------

    Resolution: Fixed

Applied the patch in Rev. 993004.

For now, I keep this functionality switched off by default since I am not sure about the quality of the seed and it only affects Linux and Solaris platforms.

> FormAuthenticationHandler activation may take a long time
> ---------------------------------------------------------
>
>                 Key: SLING-1729
>                 URL: https://issues.apache.org/jira/browse/SLING-1729
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0
>         Environment: Ubuntu Jaunty 09.10, 64bit
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Form Based Authentication 1.0.2
>
>         Attachments: SLING-1729.patch
>
>
> During the activation of the FormAuthenticationHandler the TokenStore is initialized which includes setting up codes for cookie hashing. These codes are based on SecureRandom.getBytes which may take some time to complete.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SLING-1729) FormAuthenticationHandler activation may take a long time

Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/SLING-1729?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12906089#action_12906089 ] 

Felix Meschberger commented on SLING-1729:
------------------------------------------

It looks like the issue is related to how Java's SecureRandom is implemented on Linux: It is based on reading from /dev/random which uses entropy in the system generate a stream of random data. If the entropy is not high enough it may take a long time (or some key pressing and mouse moving and such) to generate entropy for /dev/random.

As a workaround, /dev/random can be renamed and a symbolic link from /dev/urandom to /dev/random be created. This prevents startup from blocking.

> FormAuthenticationHandler activation may take a long time
> ---------------------------------------------------------
>
>                 Key: SLING-1729
>                 URL: https://issues.apache.org/jira/browse/SLING-1729
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0
>         Environment: Ubuntu Jaunty 09.10, 64bit
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Form Based Authentication 1.0.2
>
>
> During the activation of the FormAuthenticationHandler the TokenStore is initialized which includes setting up codes for cookie hashing. These codes are based on SecureRandom.getBytes which may take some time to complete.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (SLING-1729) FormAuthenticationHandler activation may take a long time

Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/SLING-1729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Felix Meschberger updated SLING-1729:
-------------------------------------

    Environment: Ubuntu Jaunty 09.10, 64bit

> FormAuthenticationHandler activation may take a long time
> ---------------------------------------------------------
>
>                 Key: SLING-1729
>                 URL: https://issues.apache.org/jira/browse/SLING-1729
>             Project: Sling
>          Issue Type: Improvement
>          Components: Authentication
>    Affects Versions: Form Based Authentication 1.0.0
>         Environment: Ubuntu Jaunty 09.10, 64bit
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Form Based Authentication 1.0.2
>
>
> During the activation of the FormAuthenticationHandler the TokenStore is initialized which includes setting up codes for cookie hashing. These codes are based on SecureRandom.getBytes which may take some time to complete.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.