Bugs item #974735, was opened at 2004-06-17 15:32 Message generated for change (Comment added) made by slaboure You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=974735&group_id=22866
Category: JBossSX Group: v3.2 Status: Open Resolution: None Priority: 5 Submitted By: iprigg (iprigg) Assigned to: Nobody/Anonymous (nobody) Summary: Slow performance of JaasSecurityManager Initial Comment: I am operating Jboss 3.2.3 on an Athlon XP 1400+ machine with 512 MB of RAM running Windows 2000 server. I am using JDK 1.4.1.I would like to report a bug in the jbossSX framework. In fact I don't know if it is actually a bug or just an implementation approach, that restricts the performance of the framework. I think it is the second, but I would like to know, whether it has been noticed and If there are plans for changing it.So lets continue with the description of the problem: What I have tried lately to do was to perform some benchmark testing of a service access control data model I have created. In order to do that I decided to use the jbossSX framework for performing access control on 200 stateless EJBs. The security data was stored in an LDAP server, so I have created 3 login modules that perform specific searches in it, retrieving roles and assigning them to users. All Login modules were specified as required.The benchmark involved thousand of invocations of these EJBs (they all belong in the same security domain), within a few minutes, through a stateless client EJB, using the "org.jboss.security.ClientLoginModule" in order to pass the security credentials (username and password) to the server. The ldap server contains the credentials of 1000 users. So in practice I had 1000 users randomly performing calls on the methods provided by 200 stateless EJBs. Each EJB contained 5 methods, each secured with a different role. Generation of invocation requests was extremely fast (about 3000 requests in a 3 minutes period). What I noticed, straight from the begining was that the whole process was extremely slow. For example 3000 invocations of the secured EJBs (notice that the business logic included in the EJB is minimal, just printing a string), consumes the following time: 1) if JAAS cache is disabled 50 minutes 2) if JAAS cache is enabled 15 minutes (notice however that we have at maximum 1000 security checks the same with the total number of users) Finally I have performed the same invocations without specifying a security domain for the EJBs and the testing was completed almost with the post of the final request (3 minutes).At first I suspected that the delay was due to the searches and the actual processing that takes place inside the Login Modules. However by measuring the actual time of each operation, I found out that less than 1% percent of the total execution time is spent there.After several tests, I found out that the actual problem was imposed by the "JAASSecurityManager.class" and speciffically its boolean method "isValid(Principal principal, Object credential, Subject activeSubject)", which is defined as synchronized. This results to all execution threads freezing upon accessing the method and ceasing their execution for very large periods of time. The more the threads accessing the class the more the experienced delay. Is that something that would be taken care in the future? or it just needs to be done on this way, so no possible solution is foreseen? ---------------------------------------------------------------------- >Comment By: Sacha Labourey (slaboure) Date: 2004-06-17 19:33 Message: Logged In: YES user_id=95900 to make sure that is the problem, could you please: - remove the synchronized keyword - recompile jboss - test the behaviour would not be strictly correct from a security standpoint but would at least be the proof that this is indeed the point of contention and the size of it. Cheers, sacha ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=974735&group_id=22866 ------------------------------------------------------- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
