Re: AuthenticatorBase.getJaspicProvider taking most time
I have created a pull request with this change. https://github.com/apache/tomcat85/pull/9 On 30 August 2017 at 15:57, Venkata Pavan Kumar Sannisetty < sunny...@gmail.com> wrote: > I think we can cache the AuthConfigFactory instance in AuthenticatorBase > (or somewhere else) without having lock. AuthConfigFactory already > caching it but it is taking a lock (take a look at the code below). We can > do the same as below without synchronization. > > public static synchronized AuthConfigFactory getFactory() { > checkPermission(getFactorySecurityPermission); > if (factory != null) { > return factory; > } > > On 29 August 2017 at 23:14, Venkata Pavan Kumar Sannisetty < > sunny...@gmail.com> wrote: > >> I have tried with 8.5.15 still experiencing the same issue. I have seen >> this particular piece of code getting changed from 8.5.11 to 8.5.15. But >> hitting the same issue, >> >> On 29 August 2017 at 23:11, Mark Thomaswrote: >> >>> On 29/08/17 17:27, Venkata Pavan Kumar Sannisetty wrote: >>> > Hi, >>> > >>> > Our Application is running on Tomcat 8.5.11 with Java Security >>> Manager. We >>> > see a huge difference in performance dip with tomcat when Java security >>> > manager is enabled. The test uses Jmeter and measures the throughput. >>> Using >>> > JVisualVM provided few bottlenecks in our application as well as with >>> > Tomcat. Our application is around 5 times slow. Jvisualvm shows in each >>> > thread the below call is taking around 70 percent of cpu time. I think >>> this >>> > is because the synchronized call made to AuthConfigFactory.getFactory() >>> > method. >>> > >>> > When security manager is enabled tomcat most of the time spends >>> > at AuthenticatorBase.getJaspicProvider() call. Looking at this piece >>> of >>> > code in Tomcat Github >>> > >>> > >>> > private AuthConfigProvider getJaspicProvider() { >>> > AuthConfigProvider provider = jaspicProvider; >>> > if (provider == null) { >>> > provider = findJaspicProvider(); >>> > } >>> > if (provider == NO_PROVIDER_AVAILABLE) { >>> > return null; >>> > } >>> > return provider; >>> > } >>> > >>> > private AuthConfigProvider findJaspicProvider() { >>> > AuthConfigFactory factory = AuthConfigFactory.getFactory() >>> > ;//bottleneck >>> > AuthConfigProvider provider = null; >>> > if (factory != null) { >>> > provider = factory.getConfigProvider("HttpServlet", >>> > jaspicAppContextID, this); >>> > } >>> > if (provider == null) { >>> > provider = NO_PROVIDER_AVAILABLE; >>> > } >>> > jaspicProvider = provider; >>> > return provider; >>> > } >>> > >>> > The jaspicProvider variable is an instance variable i am assuming may >>> be it >>> > is getting created in each and every request (just my assumption). >>> > >>> > Is it possible cache the AuthConfigFactory instance in the code >>> > findJaspicProvider to improve the performance of tomcat with java >>> security >>> > manager. >>> > >>> > Please let me know your inputs. >>> >>> And if you test with a more recent version than 8.5.11 ? >>> >>> Mark >>> >>> - >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> >
Re: AuthenticatorBase.getJaspicProvider taking most time
I think we can cache the AuthConfigFactory instance in AuthenticatorBase (or somewhere else) without having lock. AuthConfigFactory already caching it but it is taking a lock (take a look at the code below). We can do the same as below without synchronization. public static synchronized AuthConfigFactory getFactory() { checkPermission(getFactorySecurityPermission); if (factory != null) { return factory; } On 29 August 2017 at 23:14, Venkata Pavan Kumar Sannisetty < sunny...@gmail.com> wrote: > I have tried with 8.5.15 still experiencing the same issue. I have seen > this particular piece of code getting changed from 8.5.11 to 8.5.15. But > hitting the same issue, > > On 29 August 2017 at 23:11, Mark Thomaswrote: > >> On 29/08/17 17:27, Venkata Pavan Kumar Sannisetty wrote: >> > Hi, >> > >> > Our Application is running on Tomcat 8.5.11 with Java Security Manager. >> We >> > see a huge difference in performance dip with tomcat when Java security >> > manager is enabled. The test uses Jmeter and measures the throughput. >> Using >> > JVisualVM provided few bottlenecks in our application as well as with >> > Tomcat. Our application is around 5 times slow. Jvisualvm shows in each >> > thread the below call is taking around 70 percent of cpu time. I think >> this >> > is because the synchronized call made to AuthConfigFactory.getFactory() >> > method. >> > >> > When security manager is enabled tomcat most of the time spends >> > at AuthenticatorBase.getJaspicProvider() call. Looking at this piece of >> > code in Tomcat Github >> > >> > >> > private AuthConfigProvider getJaspicProvider() { >> > AuthConfigProvider provider = jaspicProvider; >> > if (provider == null) { >> > provider = findJaspicProvider(); >> > } >> > if (provider == NO_PROVIDER_AVAILABLE) { >> > return null; >> > } >> > return provider; >> > } >> > >> > private AuthConfigProvider findJaspicProvider() { >> > AuthConfigFactory factory = AuthConfigFactory.getFactory() >> > ;//bottleneck >> > AuthConfigProvider provider = null; >> > if (factory != null) { >> > provider = factory.getConfigProvider("HttpServlet", >> > jaspicAppContextID, this); >> > } >> > if (provider == null) { >> > provider = NO_PROVIDER_AVAILABLE; >> > } >> > jaspicProvider = provider; >> > return provider; >> > } >> > >> > The jaspicProvider variable is an instance variable i am assuming may >> be it >> > is getting created in each and every request (just my assumption). >> > >> > Is it possible cache the AuthConfigFactory instance in the code >> > findJaspicProvider to improve the performance of tomcat with java >> security >> > manager. >> > >> > Please let me know your inputs. >> >> And if you test with a more recent version than 8.5.11 ? >> >> Mark >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >
Re: AuthenticatorBase.getJaspicProvider taking most time
I have tried with 8.5.15 still experiencing the same issue. I have seen this particular piece of code getting changed from 8.5.11 to 8.5.15. But hitting the same issue, On 29 August 2017 at 23:11, Mark Thomaswrote: > On 29/08/17 17:27, Venkata Pavan Kumar Sannisetty wrote: > > Hi, > > > > Our Application is running on Tomcat 8.5.11 with Java Security Manager. > We > > see a huge difference in performance dip with tomcat when Java security > > manager is enabled. The test uses Jmeter and measures the throughput. > Using > > JVisualVM provided few bottlenecks in our application as well as with > > Tomcat. Our application is around 5 times slow. Jvisualvm shows in each > > thread the below call is taking around 70 percent of cpu time. I think > this > > is because the synchronized call made to AuthConfigFactory.getFactory() > > method. > > > > When security manager is enabled tomcat most of the time spends > > at AuthenticatorBase.getJaspicProvider() call. Looking at this piece of > > code in Tomcat Github > > > > > > private AuthConfigProvider getJaspicProvider() { > > AuthConfigProvider provider = jaspicProvider; > > if (provider == null) { > > provider = findJaspicProvider(); > > } > > if (provider == NO_PROVIDER_AVAILABLE) { > > return null; > > } > > return provider; > > } > > > > private AuthConfigProvider findJaspicProvider() { > > AuthConfigFactory factory = AuthConfigFactory.getFactory() > > ;//bottleneck > > AuthConfigProvider provider = null; > > if (factory != null) { > > provider = factory.getConfigProvider("HttpServlet", > > jaspicAppContextID, this); > > } > > if (provider == null) { > > provider = NO_PROVIDER_AVAILABLE; > > } > > jaspicProvider = provider; > > return provider; > > } > > > > The jaspicProvider variable is an instance variable i am assuming may be > it > > is getting created in each and every request (just my assumption). > > > > Is it possible cache the AuthConfigFactory instance in the code > > findJaspicProvider to improve the performance of tomcat with java > security > > manager. > > > > Please let me know your inputs. > > And if you test with a more recent version than 8.5.11 ? > > Mark > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: AuthenticatorBase.getJaspicProvider taking most time
On 29/08/17 17:27, Venkata Pavan Kumar Sannisetty wrote: > Hi, > > Our Application is running on Tomcat 8.5.11 with Java Security Manager. We > see a huge difference in performance dip with tomcat when Java security > manager is enabled. The test uses Jmeter and measures the throughput. Using > JVisualVM provided few bottlenecks in our application as well as with > Tomcat. Our application is around 5 times slow. Jvisualvm shows in each > thread the below call is taking around 70 percent of cpu time. I think this > is because the synchronized call made to AuthConfigFactory.getFactory() > method. > > When security manager is enabled tomcat most of the time spends > at AuthenticatorBase.getJaspicProvider() call. Looking at this piece of > code in Tomcat Github > > > private AuthConfigProvider getJaspicProvider() { > AuthConfigProvider provider = jaspicProvider; > if (provider == null) { > provider = findJaspicProvider(); > } > if (provider == NO_PROVIDER_AVAILABLE) { > return null; > } > return provider; > } > > private AuthConfigProvider findJaspicProvider() { > AuthConfigFactory factory = AuthConfigFactory.getFactory() > ;//bottleneck > AuthConfigProvider provider = null; > if (factory != null) { > provider = factory.getConfigProvider("HttpServlet", > jaspicAppContextID, this); > } > if (provider == null) { > provider = NO_PROVIDER_AVAILABLE; > } > jaspicProvider = provider; > return provider; > } > > The jaspicProvider variable is an instance variable i am assuming may be it > is getting created in each and every request (just my assumption). > > Is it possible cache the AuthConfigFactory instance in the code > findJaspicProvider to improve the performance of tomcat with java security > manager. > > Please let me know your inputs. And if you test with a more recent version than 8.5.11 ? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org