tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Windows Path Not Found for urandom
Date Wed, 29 Aug 2012 21:04:41 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jeff,

On 8/29/12 4:54 PM, Jeffrey Janner wrote:
> Looking at that code, it looks like the only way to set the file is
>  to change it there and recompile.

Not at all: you should be able to configure the Manager by setting
attributes on the <Manager> element in your context.xml. If you don't
already have one, add one and then set the randomFile attribute to
whatever you want.

> The <manager> element doesn't have anything to do with the session 
> manager.

Er, it has everything to do with it. <Manager> configures the session
manager. If you don't believe me, read the documentation and/or the code.

> What we really need is a way for Tomcat to understand that it's on 
> windows and automatically use that java.security routine you 
> mentioned.

It will. You created a zero-length file in C:\dev\urandom and it's
causing a one-time error message. Don't do that!

> Even a way of setting the filepath as null in the server.xml or 
> context.xml would probably be helpful.

You could do that, or you could set it to a path that points to nothing.
Under normal circumstances, you wouldn't find a C:\dev\urandom file in a
Microsoft Windows environment, so the default automatically falls-back
to java.security.SecureRandom. Why don't you just remove that file?

> Not that it's really that big a deal.  Apparently, from my
> testing, it only happens twice/context at startup.

It should happen once, but I suppose anything is possible --
especially if you have an ... odd deployment configuration.

> My real problem is somewhere else.  On login, we call 
> request.getSession, which I'm pretty sure is generating a new 
> sessionid (verified by turning off cookies), and thus generating
> the first PNF. On bad login credentials, we invalidate() the
> session, which I'm guessing is doing the second PNF.

Invalidating the session shouldn't require any entropy to be read, so
I wouldn't expect any failure.

> Overall, I'm thinking nothing to worry about, right?

If I were you, I'd delete the file and move on with my life: the error
message will go away and otherwise the system will operate exactly as
before.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlA+g+kACgkQ9CaO5/Lv0PDhuACfaQ4v0010KLSlJAdCowaV3Hzh
e/AAn1TC3demwBOsqs8NEIDgMJLjk+P+
=G/Aa
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message