axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <ami...@wso2.com>
Subject Re: Enabling crypto caching in Rampart by-default
Date Sat, 29 Jan 2011 17:00:16 GMT
On Fri, Jan 28, 2011 at 12:56 PM, Thilina Mahesh Buddhika <
thilinamb@gmail.com> wrote:

> Hi Devs,
>
> At the moment, Rampart do have the support for caching of crypto objects.
> Enabling crypto caching provides a significant performance gain to Rampart,
> as it is not required to read the key stores from the file system each time
> it performs a cryptographic operation. But users have to enable it by
> setting certain properties in the RampartConfig. This mailing thread
> discusses the current crypto caching implementation[1].
>
> WSS4J provides the flexibility of having different Crypto implementations.
> So the key that should be used as the cache key is different from
> implementation to implementation. That is the reason behind the requirement
> of setting these properties in order to enable crypto caching.
>
> But most of the time users go with the Merlin, which is the default Crypto
> implementation provided by WSS4J. IMO, we should enable crypto caching for
> Merlin by default without asking users to enable it. And also if they want
> to disable it, then we should provide them the option to do it as well. If
> they are using any other crypto implementation, then they should enable it
> by setting the corresponding properties.
>
> WDYT ?
>

+1
Thanks
AmilaJ


>
> Thanks,
> Thilina
>
> [1] - http://www.mail-archive.com/rampart-dev@ws.apache.org/msg04375.html
>
> Thilina Mahesh Buddhika
> http://blog.thilinamb.com
>

Mime
View raw message