axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thilina Mahesh Buddhika <thilin...@gmail.com>
Subject Enabling crypto caching in Rampart by-default
Date Fri, 28 Jan 2011 07:26:23 GMT
Hi Devs,

At the moment, Rampart do have the support for caching of crypto objects.
Enabling crypto caching provides a significant performance gain to Rampart,
as it is not required to read the key stores from the file system each time
it performs a cryptographic operation. But users have to enable it by
setting certain properties in the RampartConfig. This mailing thread
discusses the current crypto caching implementation[1].

WSS4J provides the flexibility of having different Crypto implementations.
So the key that should be used as the cache key is different from
implementation to implementation. That is the reason behind the requirement
of setting these properties in order to enable crypto caching.

But most of the time users go with the Merlin, which is the default Crypto
implementation provided by WSS4J. IMO, we should enable crypto caching for
Merlin by default without asking users to enable it. And also if they want
to disable it, then we should provide them the option to do it as well. If
they are using any other crypto implementation, then they should enable it
by setting the corresponding properties.

WDYT ?

Thanks,
Thilina

[1] - http://www.mail-archive.com/rampart-dev@ws.apache.org/msg04375.html

Thilina Mahesh Buddhika
http://blog.thilinamb.com

Mime
View raw message