axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thilina Mahesh Buddhika <>
Subject Re: Enabling crypto caching in Rampart by-default
Date Tue, 15 Feb 2011 12:59:43 GMT
Hi all,

I implemented this in the Rampart trunk and updated the documentation.


On Fri, Jan 28, 2011 at 12:56 PM, Thilina Mahesh Buddhika <> wrote:

> Hi Devs,
> At the moment, Rampart do have the support for caching of crypto objects.
> Enabling crypto caching provides a significant performance gain to Rampart,
> as it is not required to read the key stores from the file system each time
> it performs a cryptographic operation. But users have to enable it by
> setting certain properties in the RampartConfig. This mailing thread
> discusses the current crypto caching implementation[1].
> WSS4J provides the flexibility of having different Crypto implementations.
> So the key that should be used as the cache key is different from
> implementation to implementation. That is the reason behind the requirement
> of setting these properties in order to enable crypto caching.
> But most of the time users go with the Merlin, which is the default Crypto
> implementation provided by WSS4J. IMO, we should enable crypto caching for
> Merlin by default without asking users to enable it. And also if they want
> to disable it, then we should provide them the option to do it as well. If
> they are using any other crypto implementation, then they should enable it
> by setting the corresponding properties.
> WDYT ?
> Thanks,
> Thilina
> [1] -
> Thilina Mahesh Buddhika

Thilina Mahesh Buddhika

View raw message