Bill Shannon wrote:
> Kedar Mhaswade wrote on 8/26/09 5:39 PM:
>
>>> Maybe someone should just put an instance of SecureRandom in the Habitat
>>> so everyone can get it by injection and use it?
>>>
>> That's doable.
>>
>
> So who should do it?
>
I think an appropriate place for this is SecurityService that Kumar
owns. I also have
an IdmService that does some identity management related stuff. It's an
Init Service, and I can create the global SecureRandom there. It can
be the usual Contract/Service thingie. Let me know what you guys prefer.
>
>> One thing we should note is that we need instance of
>> SecureRandom
>> on both client and server side. In the occurrences of SecureRandom you
>> listed,
>> at list one is used by asadmin client explicitly. asadmin does not have
>> access
>> to server's Habitat.
>>
>
> Is any of that code that uses SecureRandom used on both the client and
> the server? If so, it would need a fallback in case there's no SecureRandom
> in the habitat, and/or we would need to make asadmin add a SecureRandom to
> the habitat.
>
For asadmin, I haven't yet looked into the habitat it creates, but what
server does is possible there when we add SecureRandom in the AsadminMain
to habitat. I'll talk to you offline.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
>