I have the problem that Tomcat 7 is terribly slow on startup. I found this in the log file:
INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [12,367] milliseconds.
Security is important, sure, but not on my development machine. I could perfectly live with a standard fast random number generator. So I don't need this ridiculously slow SecureRandom implementation.
Question is: How can I disable it? Is searched for a solution but only found some deprecated info about a randomClass
attribute which can be set to java.util.Random
. I also found out that this attribute seems to be named secureRandomClass
now in Tomcat 7. I tried to set it to java.util.Random
but this fails because Tomcat 7 casts the object to java.util.SecureRandom (And it's also documented that the specified class must extend java.util.SecureRandom, so it's no longer possible to use java.util.Random instead.)
So how can I get rid of this terribly slow random number generator startup so my development tomcat starts/restarts as fast as possible?