You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Jamie <ja...@stimulussoft.com> on 2012/05/21 09:18:28 UTC

TC7: trigger seeding of SecureRandom

Hi There

We've just upgraded out web app to TC7. It seems the following is being 
outputted repeatedly on the console for each page load:

trigger seeding of SecureRandom
done seeding SecureRandom

Closer inspection reveals, the Tomcat class SessionIdGenerator using 
SecureRandom.

Is this normal? Why would SecureRandom have to be seeded so often? I am 
also worried about the Tomcat console log filling up over time.

Thanks

Jamie

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: TC7: trigger seeding of SecureRandom

Posted by Pid <pi...@pidster.com>.

On 21/05/2012 08:18, Jamie wrote:
> Hi There
> 
> We've just upgraded out web app to TC7. It seems the following is being
> outputted repeatedly on the console for each page load:
> 
> trigger seeding of SecureRandom
> done seeding SecureRandom

Can you post the full information from the log file, including the lines
before and after these entries?


p


> Closer inspection reveals, the Tomcat class SessionIdGenerator using
> SecureRandom.
> 
> Is this normal? Why would SecureRandom have to be seeded so often? I am
> also worried about the Tomcat console log filling up over time.
> 
> Thanks
> 
> Jamie
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


-- 

[key:62590808]

Re: TC7: trigger seeding of SecureRandom

Posted by Christopher Schultz <ch...@christopherschultz.net>.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jamie,

On 5/21/12 3:18 AM, Jamie wrote:
> We've just upgraded out web app to TC7. It seems the following is 
> being outputted repeatedly on the console for each page load:
> 
> trigger seeding of SecureRandom done seeding SecureRandom

Hmm.

> Closer inspection reveals, the Tomcat class SessionIdGenerator
> using SecureRandom.

Since you've looked at the code, have you found any indication that it
would log a) any message like this at all or b) to the console? What
makes you suspect SessionIdGenerator when there are other classes in
Tomcat that use SecureRandom?

> Is this normal?

I've never seen it. Then again, I've never run your web app in my
environment.

> Why would SecureRandom have to be seeded so often?

I can't imagine why. I would recommend looking through your webapp's
code for clues. There isn't anything

> I am also worried about the Tomcat console log filling up over
> time.

You shouldn't be logging to stdout, then.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+6nGsACgkQ9CaO5/Lv0PAHsgCfWahEvD+tBt2B7M8Dg6RWuuQb
PfkAn2CNoWYOXav2qXmtaeVbbU8u6hj4
=UTit
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org