On 23/11/2018 21:18, schu...@apache.org wrote: > Author: schultz > Date: Fri Nov 23 21:18:48 2018 > New Revision: 1847318 > > URL: http://svn.apache.org/viewvc?rev=1847318&view=rev > Log: > Fix EncryptInterceptor to be thread-safe. > Add multi-threaded unit test.
Calling setProviderName() while the Interceptor is running may have some interesting side-effects. I'd recommend caching it during initInternal(). You can cache the result of cipher.getBlockSize() and then take advantage of that to reduce the time the Cipher objects are out of the pool. For example, in decrypt you can then construct the IV before you obtain the cipher object. Likewise in encrypt you can reduce the time both the SecureRandom and Cipher are out of the pool. There is a trade-off here between clarity of code and efficiency. I don't have any hard numbers to support my views (so they are probably wrong) but my instinct would always be to reduce the time the objects are out of the pool as much as practical. I think the first point should be addressed. The remaining points are certainly debatable so feel free to follow your own instincts on those. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org