[prev in list] [next in list] [prev in thread] [next in thread] 

List:       woden-dev
Subject:    [jira] [Closed] (WSS-673) Using default Java Security and Merlin is very slow for PKCS12
From:       "Colm O hEigeartaigh (Jira)" <jira () apache ! org>
Date:       2020-12-23 7:18:01
Message-ID: JIRA.13308205.1590713391000.363565.1608707881363 () Atlassian ! JIRA
[Download RAW message or body]


     [ https://issues.apache.org/jira/browse/WSS-673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

Colm O hEigeartaigh closed WSS-673.
-----------------------------------

> Using default Java Security and Merlin is very slow for PKCS12
> --------------------------------------------------------------
> 
> Key: WSS-673
> URL: https://issues.apache.org/jira/browse/WSS-673
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.2.5
> Reporter: Joseph Athman
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 2.3.0, 2.2.6
> 
> 
> We use WSS4J to create SAML digital signatures. Recently, we switch from storing \
> our client private key from a JKS file to PKCS12 file. This seems to have had the \
> unintended consequence of causing huge spikes in CPU usage. After investigating the \
> root cause, I believe the problem lies with the way WSS4J will retrieve a new \
> instance of the private key for every request. With a PKCS12 file this appears to \
> be extremely slow and CPU intensive due to the amount of time it takes to decrypt \
> the private key. I'm wondering if there is some way to have WSS4J cache this \
> private key lookup since it will always be the same each time.   Any ideas?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]