Increase strength of viewState token
------------------------------------
Key: TRINIDAD-1375
URL: https://issues.apache.org/jira/browse/TRINIDAD-1375
Project: MyFaces Trinidad
Issue Type: Bug
Components: Archetype
Affects Versions: 1.0.10-core, 1.2.10-core
Reporter: Blake Sullivan
Strengthen the default seed used by TokenCache.getTokenCacheFromSession() to:
1) Use a cryptographically strong hash function to derive the token from teh
JSessionId
2) Use a larger than 32-bit hash size
The fix should:
1) Use the java cryptography apis to retrieve a sufficiently strong hash value
2) Use a larger, potentially 64 bit hash
3) Change the TokenCache to use a long seed rather than an int seed
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
