https://issues.apache.org/bugzilla/show_bug.cgi?id=53830
--- Comment #5 from Konstantin Kolinko <knst.koli...@gmail.com> --- (In reply to comment #4) > RE:documentation of the attribute name, Jeffrey reported that setting the > "randomFile" attribute on the <Manager> had no effect: /dev/urandom was > still used. I'm not sure why that was (it could have been a > misconfiguration), but please check that setting "randomFile" actually has > an effect. Regarding 6.0.35: I do not know why it did not work for Jeffrey. http://markmail.org/message/4zfhs6fii6vb7pf4 a) A known issue is that if the value is a non-existent file, then in 6.0.35 setting the value would not have much effect. ManagerBase silently accepts the file name and then it will try to reopen it, like it does with the default value of /dev/urandom. Anyway, whether the value was set can be confirmed via JMX. b) Maybe a typo, or it was set in a wrong place? For 6.0.35 and earlier running on Windows I would suggest to set randomFile attribute to point to an existing file, containing 8 bytes. The initial 8 bytes are read during readLong() call in setRandomFile(). Having a non-empty file avoids logging an IOException there. An attempt to read more bytes in ManagerBase#getRandomBytes() will result in IOException, which will be caught and will set the devRandomSource field to null. Using a longer file is not recommended, as it will affect the randomness of session ids. Regarding 6.0 + patch, I tested setting the value a) Using JMX b) In conf/context.xml: <Manager randomFile="${catalina.base}/conf/server.xml"/> In conf/logging.properties: org.apache.catalina.session.ManagerBase.level=FINE In logs/catalina.2012-09-05.log the following is logged: 05.09.2012 22:45:17 org.apache.catalina.session.ManagerBase doSetRandomFile FINE: Opening C:\[redacted]/conf/server.xml -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
