santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davanum Srinivas <dava...@gmail.com>
Subject Re: FW: Signing huge SOAP requests
Date Sat, 26 Mar 2005 11:02:19 GMT
Raul,

Unfortunately, this means we will need changes to wss4j to use your
code in the bug report. Right?

-- dims


On Fri, 25 Mar 2005 22:34:59 +0100, Raul Benito
<raul.benito.garcia@gmail.com> wrote:
> Depending the structure of signature you can try this
> patch(http://issues.apache.org/bugzilla/show_bug.cgi?id=32657)
> It Is a single pass sax verification, I have manage to verify 100MB
> XML files with just 10MB of footprint. But it only works with some
> kind of signatures out of the box(but it can be adapted to other
> types),.
> I have submitted a proposal to ApacheCon Europe about this
> subject(speed and memory considerations in xml digital signatures, but
> it also includes sax parsing). If it is admitted I will post the
> material that I will do here.(If not i will do it also but it will
> take longer ;( )
> 
> Regards,
> 
> Raul
> 
> On Fri, 25 Mar 2005 10:57:39 +0100, Yves Langisch <lists@langisch.ch> wrote:
> > All,
> >
> > Are there any hints from the XML-security side?
> >
> > Thanks
> > Yves
> >
> > -----Original Message-----
> > From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
> > Sent: Freitag, 25. März 2005 09:24
> > To: Yves Langisch
> > Cc: dims@apache.org; fx-dev@ws.apache.org; hgranqvist@verisign.com
> > Subject: Re: Signing huge SOAP requests
> >
> > Yves,
> >
> > looking at this it seems that this is not a problem of WSS4J but of the
> > underlying XML security lib. WSS4J delegates the whole signature processing
> > to xmlsec lib.
> >
> > Maybe you can copy your problem to the xmlsec mailing list? AFAIK there were
> > some discussions about signing very large objects on this list some time
> > ago.
> >
> > Regards,
> > Werner
> >
> > Yves Langisch schrieb:
> >
> > >Not at all!
> > >
> > >We really have huge data to sign. And obviously the in-memory
> > >DOM-representation itself is not the problem. With appropriate
> > >VM-params I'm able to parse a 100MB file into a DOM-document. The
> > >problems start while signing. The memory demand is much higher than
> > >during parsing and I'm able to sign "only" a 10MB SOAP request.
> > >
> > >Are there any streaming/event based (SAX, StAX) security libraries
> > >which are able to handle such huge requests (performance has not top
> > priority)?
> > >
> > >Yves
> > >
> > >-----Original Message-----
> > >From: Davanum Srinivas [mailto:davanum@gmail.com]
> > >Sent: Donnerstag, 24. März 2005 13:55
> > >To: Yves Langisch
> > >Cc: fx-dev@ws.apache.org
> > >Subject: Re: Signing huge SOAP requests
> > >
> > >You kidding me? that's huge!. problem is that the whole thing needs to
> > >be in DOM as xml-security (AND the w3c specs) works on DOM and not
> > >streaming/sax stuff.
> > >
> > >-- dims
> > >
> > >On Thu, 24 Mar 2005 09:27:50 +0100, Yves Langisch <lists@langisch.ch>
> > wrote:
> > >
> > >
> > >>All,
> > >>
> > >>Is there anyone having experiences (memory requirements, performance,
> > >>...) with signing huge SOAP requests (w/o attachments, body is about
> > >>100MB) with WSS4J?
> > >>
> > >>Thanks
> > >>Yves
> > >>
> > >>
> > >>
> > >>
> > >
> > >
> > >
> > >
> >
> >
> 
> --
> http://r-bg.com
> 


-- 
Davanum Srinivas - http://webservices.apache.org/~dims/

Mime
View raw message