Am Freitag, 2. November 2018, 06:35:09 CET schrieb Jesper Duelund Isaksen: > Hello! > > I am currently on a project where we are building a platform exposing > a large number of standard WSDL-first SOAP services with typed SEI > classes. The purpose of the platform is to do authentication and > authorization for a large number of users before the users access > external data systems. We are aware that it is not proper usage of > SOAP services however we do not have control over our users. > > We are however experiencing unexpected large size requests and > responses to and from the platform (10-60 MB SOAP messages) and we > are seeing that: > > > * It seems that all these large requests take up a large amount of > memory since they are unmarshalled into Java object hierarchies and > marshalled back to XML when the requests and responses are forwarded. > * A large amount of CPU time is used for garbage collecting of all > these objects. > > Additionally we are using the WS-SecurityPolicy functionality handled > by Apache CXF since we in a WS-Trust-like setup for most of the > services. > > So the question is, is there any way we can avoid generating the Java > object hierarchies and keep the using CXF for handling security?
you can switch to dynamic SEIs with a provider based implementations. take a look at http://cxf.apache.org/docs/provider-services.html. you can still unmarshal on demand the request xml into a java object structure. regards msc
