users@glassfish.java.net

Re: ws-security performance

From: notoadw <notoadw_at_gmail.com>
Date: Fri, 25 May 2012 08:59:31 -0400

My issue is not the token retrival but the Encryption of the Body of the
SOAP message and the signing of all the parts, which is the default when
you secure the webservice. When I have a small payload, the performance
isn't bad. Larger payloads take multiple seconds to encrypt and sign and
decrypt on the other end. Since I have the open source version of
glassifsh, is there anything I can do to tune that?

On Fri, May 25, 2012 at 4:09 AM, kumarjayanti
<v.b.kumar.jayanti_at_oracle.com>wrote:

> see if this helps :
>
> It is in Metro guide:
> http://metro.java.net/2.1/guide/Advanced_Usages_of_STS_in_Security.html
>
>
>
> On May 21, 2012, at 8:39 PM, <notoadw_at_gmail.com> <notoadw_at_gmail.com>
> wrote:
>
> I have secured a Metro Service using an STS Issued token. By default
> the web service Signs each part of the Soap Envelope and additionally
> Encrypts the Body. Our response has a pretty big payload (10 MB
> byte[]). Our key is 1024bits. We are noticing that it will take 5+
> seconds to process the message between the service and client. The
> same message with no security transfers in <1second.
>
> We are using Glassfish 3.1.1 (Open Source). Also, we have tweaked the
> default JVM settings (increased default and max Heap Size and set to
> server mode). I am wondering what else we can do to help speed up some
> of the cryptography processing of the message itself. Because we are
> using the Open Source version, I guess we don't have access to the
> Performance Tuner.
>
> I know that WS-Security will be slower, but 5 seconds + to process the
> message doesn't "feel" right. Any guidance would be appreciated.
>
> Thanks.
>
>
>