[
https://issues.apache.org/jira/browse/WICKET-6730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17021492#comment-17021492
]
ASF subversion and git services commented on WICKET-6730:
---------------------------------------------------------
Commit ac966ee03438a9f144c281e101b51b88b9101a24 in wicket's branch
refs/heads/master from Emond Papegaaij
[ https://gitbox.apache.org/repos/asf?p=wicket.git;h=ac966ee ]
WICKET-6730: replaced SecureRandom.getStrongInstance() by SHA1PRNG due to
performance
> Global access to secure random data
> -----------------------------------
>
> Key: WICKET-6730
> URL: https://issues.apache.org/jira/browse/WICKET-6730
> Project: Wicket
> Issue Type: New Feature
> Components: wicket-core
> Affects Versions: 9.0.0-M4
> Reporter: Emond Papegaaij
> Assignee: Emond Papegaaij
> Priority: Major
> Fix For: 9.0.0-M5
>
>
> Web applications often need secure random data, for example to generate keys
> for encryption or to generate nonces. In most cases, a simple SecureRandom
> may be enough. But for more demanding applications, it may be necessary to
> reseed the SecureRandom periodically or to use a different algorithm. With
> several SecureRandoms used throughout Wicket, this is becoming very hard (if
> not impossible).
> SecuritySettings should contain a central implementation of a
> ISecureRandomSupplier to hold the SecureRandom and to generate random bytes.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
