On 28.01.2012 00:38, Pid wrote:
On 27/01/2012 23:25, Caldarale, Charles R wrote:
From: David Rees [mailto:dree...@gmail.com]
Subject: Re: TC7 very slow SessionIdGenerator SecureRandom initialization
Hmm, yes, the systems I've checked running Java 1.7.0_02 list
/dev/urandom as the securerandom.source.
Unfortunately, there's a misguided part of the JRE that insists it's smarter
than any sysadmin, so it checks for /dev/urandom and uses /dev/random instead -
that's why the setting of /dev/./urandom is important, even though it would
seem to be equivalent.
So editing the file fixes this, or just using the system property?
I expect either will help.
Using /dev/random instead of the configured /dev/urandom IMHO is an
implementation bug. Some more details at
http://marc.info/?l=tomcat-dev&m=130182757504685&w=2
http://search.oracle.com/search/search?search_p_main_operator=all&start=1&group=bugs.sun.com&q=%2Fdev%2Furandom
The one bug closest to this topic is
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6202721
but Oracle doesn't care :(.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org