I don't think you can do much about it. WSS4J used as WS-Sec implementation needs XML data in DOM format so flow looks like : StAX -> DOM -> SIGN ->(DOM) -> StAX. Operations on DOM are slow, so every request must takes more time. But the difference in time isn't so big in "normal" environment where business logic takes time and data send over the wire is bigger. I did some tests of different aspects of ws-sec and i got "only" 2 or 3 times worse result then plain call.
On 3/14/07, Andrey Utis <[EMAIL PROTECTED]> wrote:
Some of you may be interested in these performance stats that I collected. My setup: Web Service client and server: XFire 1.2.4 with JiBX binding, both on localhost (Pentium 4, 2.8Ghz, 1GB memory) Web server: Tomcat 5.0 JRE: Sun 1.4.2_13 The web service request contains just a couple fields, populated by constants. The response also contains just a couple fields, also constants (so no logic is executed). When I invoke the service 100000 times without any security, it takes an average of 5 milliseconds per call. When I sign the request only, and invoke this service 10000 times, it takes an average of 40 milliseconds per call. I used a self-signed cert and BouncyCastle provider. Does anyone know a way to improve the performance of the request signature process? Or is this pretty much consistent with the norm? Thanks Andrey ________________________________ Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta.
-- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
