I see. Looks like there would be a some hit on performance then. Thanks Azeez for the explanation.
On Tue, Jan 9, 2018 at 11:22 PM, Afkham Azeez <[email protected]> wrote: > IIRC, Rampart uses WSS4J and WSS4J works with DOM. So when Rampart kicks > in, it will convert OM (Axiom) to DOM. Actually we implemented a hybrid > object model called DOOM (DOM-OM) which supports both models because Axis2 > knows only Axiom and WSS4J knows only OM. So we can't avoid the cost of > creating the DOM. Even with SAX, once the events start firing, you cannot > stop and SAX doesn't support deferred building. That is why we used the > StAX parser in Axiom. The issue in Dennis Sosnoski's article refers to a > bug and should have been fixed a long time ago. > > Thanks > Azeez > > On Tue, Jan 9, 2018 at 11:55 PM, Lahiru Sandaruwan <[email protected]> > wrote: > >> Hi Devs, >> >> Got a question on $subject. Concern is, if the username token is >> retrieved by building the whole message with DOM or it is read up to >> security header as in SAX(see [1] for difference) when parsing for >> authentication. >> >> [2] says, >> "Part of this performance hit from WS-Security is due to a flaw in the >> Rampart handler implementation, which causes it to convert each request and >> response message to Document Object Model (DOM) form any time Rampart is >> engaged (even if no security processing is to be done for the message). >> This particular issue should be fixed in time for a Rampart 1.5 release to >> go along with Axis2 1.5. Depending on how the fix is implemented, it may >> substantially improve the times for the UsernameToken test.". >> >> Difference is, when the messages get bigger, DOM model will cause more >> latency than SAX. >> Anyone can confirm if this was fixed in latest Rampart/Axis2 versions? >> >> [1] https://stackoverflow.com/questions/6828703/what-is-the- >> difference-between-sax-and-dom >> [2] https://www.ibm.com/developerworks/library/j-jws6/index.html >> >> Thanks. >> >> -- >> -- >> >> Lahiru Sandaruwan >> Associate Technical Lead, >> WSO2 Inc., http://wso2.com >> >> lean.enterprise.middleware >> >> m: +1 901 530 2379 <+1%20901-530-2379> >> e: [email protected] b: https://medium.com/@lahirugmg >> in: http://lk.linkedin.com/pub/lahiru-sandaruwan/16/153/146 >> >> > > > -- > *Afkham Azeez* > Senior Director, Platform Architecture; WSO2, Inc.; http://wso2.com > Member; Apache Software Foundation; http://www.apache.org/ > * <http://www.apache.org/>* > *email: **[email protected]* <[email protected]> > * cell: +94 77 3320919 <077%20332%200919>blog: **http://blog.afkham.org* > <http://blog.afkham.org> > *twitter: **http://twitter.com/afkham_azeez* > <http://twitter.com/afkham_azeez> > *linked-in: **http://lk.linkedin.com/in/afkhamazeez > <http://lk.linkedin.com/in/afkhamazeez>* > > *Lean . Enterprise . Middleware* > -- -- Lahiru Sandaruwan Associate Technical Lead, WSO2 Inc., http://wso2.com lean.enterprise.middleware m: +1 901 530 2379 e: [email protected] b: https://medium.com/@lahirugmg in: http://lk.linkedin.com/pub/lahiru-sandaruwan/16/153/146
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
