[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: [jira] [Created] (WSS-673) Using default Java Security and Merlin is very slow for PKCS12
From: "Joseph Athman (Jira)" <jira () apache ! org>
Date: 2020-05-29 0:50:00
Message-ID: JIRA.13308205.1590713391000.129970.1590713400037 () Atlassian ! JIRA
[Download RAW message or body]
Joseph Athman created WSS-673:
---------------------------------
Summary: Using default Java Security and Merlin is very slow f=
or PKCS12
Key: WSS-673
URL: https://issues.apache.org/jira/browse/WSS-673
Project: WSS4J
Issue Type: Improvement
Components: WSS4J Core
Affects Versions: 2.2.5
Reporter: Joseph Athman
Assignee: Colm O hEigeartaigh
We use WSS4J to create SAML digital signatures. Recently, we switch from st=
oring our client private key from a JKS file to PKCS12 file. This seems to =
have had the unintended consequence of causing huge spikes in CPU usage.
After investigating the root cause, I believe the problem lies with the way=
WSS4J will retrieve a new instance of the private key for every request. W=
ith a PKCS12 file this appears to be extremely slow and CPU intensive due t=
o the amount of time it takes to decrypt the private key.
I'm wondering if there is some way to have WSS4J cache this private key loo=
kup since it will always be the same each time.=C2=A0
Any ideas?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic