[jira] [Commented] (CXF-5304) WS-Security UsernameToken slow performance

Thu, 26 Sep 2013 14:48:50 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-5304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13779286#comment-13779286
 ] 

Venkat Nalla commented on CXF-5304:
-----------------------------------

Hi Daniel,
Can you please send me the link to example.
Thanks,Venkat

                                          

                
> WS-Security UsernameToken slow performance
> ------------------------------------------
>
>                 Key: CXF-5304
>                 URL: https://issues.apache.org/jira/browse/CXF-5304
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime, WS-* Components
>    Affects Versions: 2.7.6
>         Environment: IBM AIX 6.1, IBM JDK 7
>            Reporter: Venkat Nalla
>              Labels: performance
>             Fix For: Invalid
>
>
> WS-Security UsernameToken (Username and Password only) performance is slow 
> when compared to the results of without WS-Security. With WS-Security the 
> overhead is 60% to 222% more than without WS-Security for various 
> message/payload sizes, and increases with payload/message size. The timing 
> are average of 1000 iterations (round trip time) with various message sizes. 
> Is it due to DOM processing inWSS4JInInterceptor/SAAJInInterceptor.It is been 
> observed that the SAAJInInterceptor.handleMessage taking good chunk of time 
> based on the message size. Are there any settings to improve the performance.
> The server and client are configured with WSS4JInInterceptor and 
> WSS4JOutInterceptor as shown below.
> <jaxws:endpoint name="..." createdFromAPI="true">
>     <jaxws:inInterceptors>
>       
>       <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>         <constructor-arg>
>           <map>
>             <entry key="action" value="UsernameToken" />
>             <entry key="passwordType" value="PasswordText" />
>             <entry key="passwordCallbackClass" 
> value="com.mycompany.server.PasswordCallback" />
>           </map>
>         </constructor-arg>
>       </bean>
>     </jaxws:inInterceptors>
>   </jaxws:endpoint>
> <jaxws:client name="..." createdFromAPI="true">
>               <jaxws:outInterceptors>
>                       <bean 
> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>                               <constructor-arg>
>                                       <map>
>                                               <entry key="action" 
> value="UsernameToken"/>
>                                               <entry key="user" 
> value="userName"/>
>                                               <entry key="PasswordType" 
> value="PasswordText"/>
>                                               
>                                               <entry 
> key="passwordCallbackClass" 
> value-ref="com.mycompany.client.PasswordCallback"/>
>                                       </map>
>                               </constructor-arg>
>                       </bean>
>               </jaxws:outInterceptors>
>       </jaxws:client>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to