--- /dev/null
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.startup;
+
+import java.security.SecureRandom;
+import java.util.Random;
+
+public class FastNonSecureRandom extends SecureRandom {
+
+ private static final long serialVersionUID = 1L;
+
+ private final Random random = new Random();
+
+ @Override
+ public String getAlgorithm() {
+ return "INSECURE";
+ }
+
+ @Override
+ public synchronized void setSeed(byte[] seed) {
+ // Not implemented
+ }
+
+ @Override
+ public synchronized void setSeed(long seed) {
+ // The super class constructor calls this method earlier than our
+ // fields are initialized. Ignore the call.
+ if (random == null) {
+ return;
+ }
+ random.setSeed(seed);
+ }
+
+ @Override
+ public synchronized void nextBytes(byte[] bytes) {
+ random.nextBytes(bytes);
+ }
+
+ @Override
+ public byte[] generateSeed(int numBytes) {
+ byte[] value = new byte[numBytes];
+ nextBytes(value);
+ return value;
+ }
+
+}
\ No newline at end of file
import org.junit.After;
import org.junit.Before;
+import org.apache.catalina.Container;
+import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleState;
+import org.apache.catalina.Server;
+import org.apache.catalina.Service;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.core.AprLifecycleListener;
import org.apache.catalina.core.StandardServer;
+import org.apache.catalina.session.StandardManager;
import org.apache.catalina.valves.AccessLogValve;
import org.apache.tomcat.util.buf.ByteChunk;
fail("Unable to create appBase for test");
}
- tomcat = new Tomcat();
+ tomcat = new TomcatWithFastSessionIDs();
String protocol = getProtocol();
Connector connector = new Connector(protocol);
return rc;
}
+ private static class TomcatWithFastSessionIDs extends Tomcat {
+
+ @Override
+ public void start() throws LifecycleException {
+ // Use fats, insecure session ID generation for all tests
+ Server server = getServer();
+ for (Service service : server.findServices()) {
+ Container e = service.getContainer();
+ for (Container h : e.findChildren()) {
+ for (Container c : h.findChildren()) {
+ StandardManager m = (StandardManager) c.getManager();
+ if (m == null) {
+ m = new StandardManager();
+ m.setSecureRandomClass(
+ "org.apache.catalina.startup.FastNonSecureRandom");
+ c.setManager(m);
+ }
+ }
+ }
+ }
+ super.start();
+ }
+ }
}
projects / tomcat7.0 / commitdiff