You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Pid <pi...@pidster.com> on 2012/01/28 17:25:19 UTC
[OT] Re: TC7 very slow SessionIdGenerator SecureRandom initialization
On 28/01/2012 14:23, Rainer Jung wrote:
> On 28.01.2012 00:38, Pid wrote:
>> On 27/01/2012 23:25, Caldarale, Charles R wrote:
>>>> From: David Rees [mailto:drees76@gmail.com]
>>>> Subject: Re: TC7 very slow SessionIdGenerator SecureRandom
>>>> initialization
>>>
>>>> Hmm, yes, the systems I've checked running Java 1.7.0_02 list
>>>> /dev/urandom as the securerandom.source.
>>>
>>> Unfortunately, there's a misguided part of the JRE that insists it's
>>> smarter than any sysadmin, so it checks for /dev/urandom and uses
>>> /dev/random instead - that's why the setting of /dev/./urandom is
>>> important, even though it would seem to be equivalent.
>>
>> So editing the file fixes this, or just using the system property?
>
> I expect either will help.
>
> Using /dev/random instead of the configured /dev/urandom IMHO is an
> implementation bug. Some more details at
>
> http://marc.info/?l=tomcat-dev&m=130182757504685&w=2
>
> http://search.oracle.com/search/search?search_p_main_operator=all&start=1&group=bugs.sun.com&q=%2Fdev%2Furandom
>
>
> The one bug closest to this topic is
>
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6202721
>
> but Oracle doesn't care :(.
I wonder if the OpenJDK project will be more responsive.
p
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
[key:62590808]