GitHub user prabhjyotsingh opened a pull request:
https://github.com/apache/zeppelin/pull/2606
[ZEPPELIN-2970] Enhance Authentication decrypting key generation
### What is this PR for?
Overview : The random number generator implemented by nextInt() cannot
withstand a cryptographic attack.
In the file IdHashes.java similar issues were on line numbers 74
Comments : Use of SecureRandom is recommended
### What type of PR is it?
[Refactoring]
### What is the Jira issue?
*
[https://issues.apache.org/jira/browse/ZEPPELIN-2970](https://issues.apache.org/jira/browse/ZEPPELIN-2970)
### How should this be tested?
CI should be green
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/prabhjyotsingh/zeppelin ZEPPELIN-2970
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zeppelin/pull/2606.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2606
----
commit 6c6e90d31c54ff6dc98ad23f8c86ba33926168d0
Author: Prabhjyot Singh <[email protected]>
Date: 2017-10-04T09:10:34Z
use SecureRandom instead of Random
----
---
