On 18/03/2011 14:07, Konstantin Kolinko wrote: > Just a note: Maybe it is worth to measure the time that the sessionId > generation takes (looking at the stack trace in [1]) and print some > warning if org.apache.catalina.util.SessionIdGenerator.getRandomBytes( > ) > or > org.apache.catalina.util.SessionIdGenerator.generateSessionId( ) > takes too long. I would say that more than 2 seconds would be too > long. Just saying.
createSecureRandom() is where you need the logging. The log message (at debug level) and the threshold (hard-coded 100ms) are already there. You have the commit bit and a +1 from me if you want to change it. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org