this also results in very good XML-SEC
processing times.
Because the WSS4J processing is only part of the overall
processing of a request/response pair (Axis internal, operating
system overhead, internal JVM processing, GC, etc need some CPU
cycles as well) the overall improvement is somewhere betwe
Does someone knows what the "AdminServlet" does in the Axis Engine???
I enabled it, but entering "http://localhost:8080/axis/servlet/AdminServlet";
the information I get is only that the server is running...
I was wonder if the AdminServlet pr
sses to facilitate
> adding WSS features to the axis-SOAP-engine. The classes i wrote,
> i wrote using apache xml security, so maybe i thought it would
> be nice to add them either to the official source or to the samples.
>
> I have the following use cases completed:
> - signing o
Hi there,
I would like to propose to add a branch (well, a namespace)
to the sources containing some classes to facilitate
adding WSS features to the axis-SOAP-engine. The classes i wrote,
i wrote using apache xml security, so maybe i thought it would
be nice to add them either to the official
> Can you please send me the details of EXACTLY what kind of
> jar signing needs to be done to get the
> RSA stuff working? I dug/googled a bit but could not find the details.
Here's the relevant pointer:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/HowToImplAJCEProvider
.html
Basical
Scott,
Can you please send me the details of EXACTLY what kind of jar signing needs to be
done to get the
RSA stuff working? I dug/googled a bit but could not find the details.
thanks,
dims
--- Davanum Srinivas <[EMAIL PROTECTED]> wrote:
> I just downloaded OpenSSL, compiled nativejce.dll (MSDE
authentication doesn't use any of the XML
security API. Now, the invocation time taken by axis Call.invoke is just 30
msec.
* Secondly I ran only one client and only ONCE with advanced authentication
that uses XML security APIs.
* Thirdly, I repeated the first step again. Now, the invocation ti
I just downloaded OpenSSL, compiled nativejce.dll (MSDEV on WIN32) and am able to run
the tests (I
had to comment out System.loadLibrary("crypto") calls in 2 java files and keep just the
System.loadLibrary("nativejce") calls). Here's the output from the test
(http://marsalis.internet2.edu/cgi-bin/
> Was reviewing the codeQuestion - If we write a class that
> extends SignatureAlgorithm (see SignatureBaseRSA$SignatureRSASHA1 for
> example, we should be able to use the NativeJCE jar without
> having to sign it first). Right?
Yes, signature providers can be unsigned, it's encryption provid
Scott, Berin,
Was reviewing the codeQuestion - If we write a class that extends
SignatureAlgorithm (see
SignatureBaseRSA$SignatureRSASHA1 for example, we should be able to use the NativeJCE
jar without
having to sign it first). Right?
Has anyone looked in the Claymore stuff? (http://www.rtf
> You're saying you need Linux support from PKCS11 hardware devices,
and
> haven't found any?
Rainbow is a fairly good example. They have a working PKCS11 library for
Linux but they won't give it to you without some real begging and no
support. More importantly, it turns out in Rainbow's cas
ridge approach sounds
very cool indeed. Hats off and good luck.
-Jon
-Original Message-
From: Scott Cantor [mailto:[EMAIL PROTECTED]
Sent: Friday, February 27, 2004 2:55 PM
To: [EMAIL PROTECTED]
Subject: RE: Using XML security slows down the Axis Call
> Some time ago (6 weeks o
understood. will kick the tires when i get a chance next week.
thanks,
dims
--- Scott Cantor <[EMAIL PROTECTED]> wrote:
> > Can you please post your config.xml?
>
> I don't actually have it configured in or tested yet, I was busy playing
> with Phaos' JCE while they were building this thing. I'll
> Can you please post your config.xml?
I don't actually have it configured in or tested yet, I was busy playing
with Phaos' JCE while they were building this thing. I'll ask them to give
me a copy.
I can tell you more or less what's involved. You just go down into the
section under providers and
Can you please post your config.xml?
thanks,
dims
--- Scott Cantor <[EMAIL PROTECTED]> wrote:
> > You mentioned in your previous e-mail that you have seen significant
> > performance improvements. Is this when interfaced with xml-security?
>
> Yes, exactly. We edit the config.xml to reference t
> You mentioned in your previous e-mail that you have seen significant
> performance improvements. Is this when interfaced with xml-security?
Yes, exactly. We edit the config.xml to reference the OpenSSL shim provider
for RSAwithSHA1, some hashing, etc. That static approach to the JCE
selection
Scott,
That is really cool!
You mentioned in your previous e-mail that you have seen significant
performance improvements. Is this when interfaced with xml-security?
It would be interesting to turn this (or something like it) into a fully
fledged library. I wonder if one could apply for a si
> Is this an open-source effort? (JCE Interface to OpenSSL)?
> i'd like to use it as well.
Yeah, but it's not in the form of a complete solution so user beware. Just a
few needed algorithms and operations are implemented, and we don't implement
RSA crypto directly because it's not a signed JCE. Y
Scott,
Is this an open-source effort? (JCE Interface to OpenSSL)? i'd like to use it as well.
thanks,
dims
--- Scott Cantor <[EMAIL PROTECTED]> wrote:
> > Some time ago (6 weeks or so) I did some performance measures (WSS4J has
> > timing logs build in) and we see here that Verification/Signatur
> Some time ago (6 weeks or so) I did some performance measures (WSS4J has
> timing logs build in) and we see here that Verification/Signature
> is real time consuming, followed by public KEy encryption, followed
> by symmetrical encryptionthis ordering comes with no surprise.
>
> Only the rea
consumed is quite high.
Regards,
Werner
- Original Message -
From: "Anderson Jonathan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 27, 2004 7:23 PM
Subject: RE: Using XML security slows down the Axis Call
> We're using Apache's WSS4J
ary 27, 2004 10:57 AM
To: [EMAIL PROTECTED]
Subject: Re: Using XML security slows down the Axis Call
But I am very much worried about the PERFORMANCE. After
"org.apache.xml.security.Init.init()" of xml security is called (during
authentication), calling Call.invoke method takes more time.
-Original Message-
From: Erwin van der Koogh [mailto:[EMAIL PROTECTED]
Sent: Friday, February 27, 2004 10:57 AM
To: [EMAIL PROTECTED]
Subject: Re: Using XML security slows down the Axis Call
> But I am very much worried about the PERFORMANCE. After
> "org.apache.xml.security.Init.
But I am very much worried about the PERFORMANCE. After
"org.apache.xml.security.Init.init()" of xml security is called (during
authentication), calling Call.invoke method takes more time. The
difference is in the order of multiples of 5.
Verifying signatures is a very expensive operation.. Back in
Hi folks,
I am really sorry if this question is not related to this group. I was
stronly feeling that some of you guys would have worked with both Axis and
XML security, and you guys can lend a help to me.
I am facing a severe performance problem while using "Axis" along with
&
25 matches
Mail list logo
