[jboss-jira] [JBoss JIRA] (WFCORE-490) ModelControllerImpl uses SecureRandom per request for no obvious reason
James Livingston (JIRA)
issues at jboss.org
Tue Dec 30 23:50:30 EST 2014
[ https://issues.jboss.org/browse/WFCORE-490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Livingston updated WFCORE-490:
------------------------------------
Summary: ModelControllerImpl uses SecureRandom per request for no obvious reason (was: ModelControllerImpl uses SecureRandom per requet for no obvious reason)
> ModelControllerImpl uses SecureRandom per request for no obvious reason
> -----------------------------------------------------------------------
>
> Key: WFCORE-490
> URL: https://issues.jboss.org/browse/WFCORE-490
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Domain Management
> Affects Versions: 1.0.0.Alpha15
> Reporter: James Livingston
> Assignee: Brian Stansberry
>
> https://github.com/wildfly/wildfly-core/blob/master/controller/src/main/java/org/jboss/as/controller/ModelControllerImpl.java#L337 and https://github.com/wildfly/wildfly-core/blob/master/controller/src/main/java/org/jboss/as/controller/ModelControllerImpl.java#L401 create a new SecureRandom which is used to seed a normal Random, and that is thrown away after one use. That causes it to use entropy from the OS pool, which if done at a sufficiently high rate on servers can cause stalls.
> I can't think of any reason why the operation ID would need to be a secure random number rather than a normal one, so unless there is one it may be better to use a normal Random and not drain the entropy pool.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list