[
https://issues.apache.org/jira/browse/WSS-673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128047#comment-17128047
]
Colm O hEigeartaigh commented on WSS-673:
-----------------------------------------
For the record, this will default to false for WSS4J 2.2.6, but true for 2.3.0.
> Using default Java Security and Merlin is very slow for PKCS12
> --------------------------------------------------------------
>
> Key: WSS-673
> URL: https://issues.apache.org/jira/browse/WSS-673
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.2.5
> Reporter: Joseph Athman
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 2.3.0, 2.2.6
>
>
> We use WSS4J to create SAML digital signatures. Recently, we switch from
> storing our client private key from a JKS file to PKCS12 file. This seems to
> have had the unintended consequence of causing huge spikes in CPU usage.
> After investigating the root cause, I believe the problem lies with the way
> WSS4J will retrieve a new instance of the private key for every request. With
> a PKCS12 file this appears to be extremely slow and CPU intensive due to the
> amount of time it takes to decrypt the private key.
> I'm wondering if there is some way to have WSS4J cache this private key
> lookup since it will always be the same each time.
> Any ideas?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
