Versions Compared

Old Version 2

changes.mady.by.user Greg Wilkins

Saved on

compared with

New Version 3

changes.mady.by.user Jan Bartel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Session IDs generated by Random may be able to be predicted, thus it is not recommended to use Random in production.

For more information, here are the relevant Sun bug numbers: 6202721, 6521844, 5031872.

Note that one of the workarounds suggested is to try and force the use of the /dev/urandom device, which does NOT block, rather than the /dev/random device which does:

Code Block

Set the system property: -Djava.security.egd=file:/dev/urandom 
Make sure that the java.security file contains this setting:
  securerandom.source=file:/dev/urandom

NB Some workaround reports use /dev/./urandom instead of /dev/urandom.

Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery