Oracle ATG Web Commerce includes a component you can use to generate secure random numbers. This component, with a Nucleus address of /atg/dynamo/service/random/SecureRandom, can generate random numbers more efficiently than the Java class, java.security.SecureRandom, as it provides the random number generator with a random seed, rather than using the slower process of Java’s SeedGenerator.

You can configure the SecureRandom service using another component, /atg/dynamo/service/random/SecureRandomConfiguration. The SecureRandomConfiguration component can configure the behavior of the SecureRandom service with these properties:

Property

Description

Default Values

algorithm

The secure random algorithm to use.

SHA1PRNG

provider

The security provider supplying SecureRandom algorithms to use.

SUN

seed

Oracle ATG Web Commerce generates a seed value for the random number generator when your application starts up. If the seed property is null, the SecureRandom service uses that seed value. Otherwise, the seed is supplemented by the byte array specified by the seed property.

null

For more information, read the Java security architecture documentation, including the Javadoc for java.security.SecureRandom.