[jboss-jira] [JBoss JIRA] (JBJCA-1156) encrypted datasource security , big performence hit.

encrypted datasource security , big performence hit. ---------------------------------------------------- Key: JBJCA-1156 URL: https://issues.jboss.org/browse/JBJCA-1156 Project: IronJacamar Issue Type: Bug Affects Versions: 1.0.12.Final Environment: using jboss 7.1.1 or jboss 7.1.3 Reporter: John L Assignee: Jesper Pedersen We setup our jboss7.1.3 to use encrypted datasource passwords: <datasources> <datasource jndi-name="java:/SomDS" pool-name="SomeDS" enabled="true" use-java-context="true"> ..... <security> <security-domain>some-encrypted-ds</security-domain> </security> </datasource> ... <security-domain name="some-encrypted-ds" cache-type="default"> <authentication> <login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required"> <module-option name="username" value="some"/> <module-option name="password" value="-......."/> </login-module> </authentication> </security-domain> By using this our system took a 30% performance hit. Some transactions might call getConnection 50 times. It seems from looking at code that even if a connection already exists in the pool the password is decrypted on every call to get a connection from the datasource. Seems like it should only decrypt when a new connection is created to the database. Moving back to unencrypted passwords solves the performance problem. That is using: <security xmlns="urn:jboss:domain:datasources:1.1"> <user-name>xxx</user-name> <password>yyy</password> </security>