Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1036624

Summary: SecureRandomGenerator instance per container requires too much entropy
Product: [JBoss] JBoss Enterprise Portal Platform 6 Reporter: Dominik Pospisil <dpospisi>
Component: Performance, PortalAssignee: mposolda
Status: CLOSED UPSTREAM QA Contact: Tomas Kyjovsky <tkyjovsk>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1.1CC: epp-bugs, mposolda, ppalaga
Target Milestone: DR02   
Target Release: 6.1.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
The SecureRandom service is a portal service used for generating random numbers for security purposes. The service requires a seed for each instance of the service. It was discovered that because a separate SecureRandom service was required for each portal instance, installations containing many portal instances may have been experiencing slower boot times as a result of individual seed creation for each SecureRandom bootstrap. The fix implements SecureRandom as a shared service between all portal instances, which results in an improved startup time for installations containing many portal instances.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2025-02-10 03:34:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dominik Pospisil 2013-12-02 11:24:08 UTC 
Currently every portal container instance uses it's own instance of SecureRandomGenerator for generating password salts. This requires too much entropy if many containers are used (50).

In QA lab environment, registering new generator freezes portal boot for roughly 20-30s (1 min 40s max).
Comment 1 Dominik Pospisil 2013-12-02 11:25:19 UTC 
Link to the CI build showing boot freezes:

https://jenkins.mw.lab.eng.bos.redhat.com/hudson/view/EPP/view/EPP/view/6.1/view/Performance/view/Preparation/job/epp6_portal_perf_db_prepare_manyContainers/18/console
Comment 3 JBoss JIRA Server 2013-12-09 23:08:45 UTC 
Marek Posolda <mposolda> made a comment on jira GTNPORTAL-3342

The fix is adding SecureRandomService to be configured at RootContainer level, so it's shared between all portal containers and initialized only once per JVM.
Comment 4 Dominik Pospisil 2014-01-31 14:22:05 UTC 
It does not seem to be fixed in 6.1.1.ER1.

https://jenkins.mw.lab.eng.bos.redhat.com/hudson/view/EPP/view/EPP/view/6.1/view/Performance/view/Preparation/job/epp6_portal_perf_db_prepare_manyContainers/21/console
Comment 5 Dominik Pospisil 2014-01-31 15:04:07 UTC 
After discussion with Marek, closing as verified. Reseed only happen once during portal startup. Remaining delay caused by other tasks.
Comment 7 Peter Palaga 2014-02-11 07:46:00 UTC 
Hi Jared, just a small note on the last version of the relnote: The term "portal" is terribly ambiguous in general and also in how we use it ourselves. It can mean (1) the product, (2) an installation of the product and (3) a Portal Container as described in https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_Portal/6.1/html/Development_Guide/chap-Portal_Containers.html . When speaking about "portal instance" in the relnote, it is perhaps not clear at the first sight if we mean (2) or (3). Therefore, I'd propose to replace "portal instance" with "portal container instance".
Comment 10 Red Hat Bugzilla 2025-02-10 03:34:31 UTC 
This product has been discontinued or is no longer tracked in Red Hat Bugzilla.