You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jamie <ja...@stimulussoft.com> on 2012/05/21 09:18:28 UTC
TC7: trigger seeding of SecureRandom
Hi There
We've just upgraded out web app to TC7. It seems the following is being
outputted repeatedly on the console for each page load:
trigger seeding of SecureRandom
done seeding SecureRandom
Closer inspection reveals, the Tomcat class SessionIdGenerator using
SecureRandom.
Is this normal? Why would SecureRandom have to be seeded so often? I am
also worried about the Tomcat console log filling up over time.
Thanks
Jamie
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: TC7: trigger seeding of SecureRandom
Posted by Pid <pi...@pidster.com>.
On 21/05/2012 08:18, Jamie wrote:
> Hi There
>
> We've just upgraded out web app to TC7. It seems the following is being
> outputted repeatedly on the console for each page load:
>
> trigger seeding of SecureRandom
> done seeding SecureRandom
Can you post the full information from the log file, including the lines
before and after these entries?
p
> Closer inspection reveals, the Tomcat class SessionIdGenerator using
> SecureRandom.
>
> Is this normal? Why would SecureRandom have to be seeded so often? I am
> also worried about the Tomcat console log filling up over time.
>
> Thanks
>
> Jamie
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
[key:62590808]
Re: TC7: trigger seeding of SecureRandom
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jamie,
On 5/21/12 3:18 AM, Jamie wrote:
> We've just upgraded out web app to TC7. It seems the following is
> being outputted repeatedly on the console for each page load:
>
> trigger seeding of SecureRandom done seeding SecureRandom
Hmm.
> Closer inspection reveals, the Tomcat class SessionIdGenerator
> using SecureRandom.
Since you've looked at the code, have you found any indication that it
would log a) any message like this at all or b) to the console? What
makes you suspect SessionIdGenerator when there are other classes in
Tomcat that use SecureRandom?
> Is this normal?
I've never seen it. Then again, I've never run your web app in my
environment.
> Why would SecureRandom have to be seeded so often?
I can't imagine why. I would recommend looking through your webapp's
code for clues. There isn't anything
> I am also worried about the Tomcat console log filling up over
> time.
You shouldn't be logging to stdout, then.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+6nGsACgkQ9CaO5/Lv0PAHsgCfWahEvD+tBt2B7M8Dg6RWuuQb
PfkAn2CNoWYOXav2qXmtaeVbbU8u6hj4
=UTit
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org