[
https://issues.apache.org/jira/browse/WSS-673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17126849#comment-17126849
]
Colm O hEigeartaigh commented on WSS-673:
-----------------------------------------
Yes definitely for 2.3.0. I'll backport it for 2.2.X, but I have to think about
whether it should be enabled by default or not.
> Using default Java Security and Merlin is very slow for PKCS12
> --------------------------------------------------------------
>
> Key: WSS-673
> URL: https://issues.apache.org/jira/browse/WSS-673
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.2.5
> Reporter: Joseph Athman
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 2.3.0
>
>
> We use WSS4J to create SAML digital signatures. Recently, we switch from
> storing our client private key from a JKS file to PKCS12 file. This seems to
> have had the unintended consequence of causing huge spikes in CPU usage.
> After investigating the root cause, I believe the problem lies with the way
> WSS4J will retrieve a new instance of the private key for every request. With
> a PKCS12 file this appears to be extremely slow and CPU intensive due to the
> amount of time it takes to decrypt the private key.
> I'm wondering if there is some way to have WSS4J cache this private key
> lookup since it will always be the same each time.
> Any ideas?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
