Hi Sanjiv
We don't use OncePerRequestFilter as it subclasses GenericFilterBean, which unfortunately is designed for Filters that are wired by web.xml. The property setting this class performs I suspect would conflict with Acegi Security Filters, which are wired directly in the IoC container and proxied using FilterToBeanProxy.
I have just added once per request checking to FilterSecurityInterceptor. We already perform once per request checking for other filters as well. It is very easy to do directly, without needing to subclass OncePerRequestFilter. Hope this sorts out your performance issue.
I'll cc: the developers list so there is some record of why this change was made.
Best regards Ben
---------
Sanjiv Jivan wrote:
Ben, I'm emailing you directly because I'd like to attach screenshots and the Spring forum doesn't support uploading files. Will update relevant thread on forum too.
I ran into an issue where the the response time of any page of the same web app would be less than a couple of seconds under Tomcat 4.x while under Weblogic 8.1 it would take over a minute. I tried examining the logs etc but had to use a profiler to get to the root of the issue. Please find attached profile screenshots of the same page request under Weblogic and Tomcat.
Contrary to what is mentioned in the thread http://forum.springframework.org/viewtopic.php?t=1524, Weblogic executes servlet filters when a RequestDispatcher.include call is made. Tomcat does not have this behavior.
If you examine the Weblogic screenshot closely, you'll see all kinds of redundant calls being made primarily triggered do to the fact that Sitemesh is in the mix which goes on to calling Acegi which in turns goes on to calling Sitemesh
See net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor#proceedWithObject in call stack.
public Object proceedWithObject(Object object) throws Throwable { FilterInvocation fi = (FilterInvocation) object; fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
return null; }
Clearly such response times are unacceptable. While it certainly seems to be a Weblogic issue, I was wondering if there is any reason the Acegi filters do no extend org.springframework.web.filter.OncePerRequestFilter. This would certainly help reduce the number of times the Acegi filters are executed and cut down the execution time.
Let me know your thoughts.
Thanks,
Sanjiv
------------------------------------------------------------------------
------------------------------------------------------------------------
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer