You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Pid <pi...@pidster.com> on 2012/01/28 17:25:19 UTC

[OT] Re: TC7 very slow SessionIdGenerator SecureRandom initialization

On 28/01/2012 14:23, Rainer Jung wrote:
> On 28.01.2012 00:38, Pid wrote:
>> On 27/01/2012 23:25, Caldarale, Charles R wrote:
>>>> From: David Rees [mailto:drees76@gmail.com]
>>>> Subject: Re: TC7 very slow SessionIdGenerator SecureRandom
>>>> initialization
>>>
>>>> Hmm, yes, the systems I've checked running Java 1.7.0_02 list
>>>> /dev/urandom as the securerandom.source.
>>>
>>> Unfortunately, there's a misguided part of the JRE that insists it's
>>> smarter than any sysadmin, so it checks for /dev/urandom and uses
>>> /dev/random instead - that's why the setting of /dev/./urandom is
>>> important, even though it would seem to be equivalent.
>>
>> So editing the file fixes this, or just using the system property?
> 
> I expect either will help.
> 
> Using /dev/random instead of the configured /dev/urandom IMHO is an
> implementation bug. Some more details at
> 
> http://marc.info/?l=tomcat-dev&m=130182757504685&w=2
> 
> http://search.oracle.com/search/search?search_p_main_operator=all&start=1&group=bugs.sun.com&q=%2Fdev%2Furandom
> 
> 
> The one bug closest to this topic is
> 
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6202721
> 
> but Oracle doesn't care :(.

I wonder if the OpenJDK project will be more responsive.


p


> Regards,
> 
> Rainer
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


-- 

[key:62590808]