[jboss-jira] [JBoss JIRA] Commented: (EJBTHREE-2042) Investigate performance issue related to use of @SecurityDomain on EJB
Remi Nodet (JIRA)
jira-events at lists.jboss.org
Tue Sep 14 07:23:12 EDT 2010
[ https://jira.jboss.org/browse/EJBTHREE-2042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12550766#action_12550766 ]
Remi Nodet commented on EJBTHREE-2042:
--------------------------------------
We are having as well performance problems related to security. Since we have migrated from JBoss 4.2 to JBoss EAP 5.0.1 we have seen a noticeable performance decrease, both during our nightly automated tests and on production.
Doing a quick profiling during our nightly load tests (sampling) shows that there is a bottleneck in this method:
20.4% - 32,520 ms java.security.AccessController.doPrivileged(java.security.PrivilegedAction)
It is called from a lot of different places:
2.8% - 4,479 ms org.jboss.ejb.plugins.security.SecurityActions.getSecurityContext
2.7% - 4,254 ms org.jboss.ejb.plugins.SecurityActions.getSecurityContext
2.3% - 3,662 ms org.jboss.ejb.plugins.security.SecurityActions.trace(org.jboss.security.SecurityContext)
2.0% - 3,234 ms org.jboss.ejb.plugins.security.SecurityActions.trace(org.jboss.security.SecurityIdentity)
2.0% - 3,121 ms org.jboss.ejb.SecurityActions.setContextID
1.7% - 2,783 ms org.jboss.ejb.plugins.SecurityActions.authorize
1.0% - 1,545 ms org.jboss.security.SimplePrincipal.equals
0.9% - 1,381 ms org.jboss.security.jacc.SubjectPolicyContextHandler.getContext
0.8% - 1,232 ms org.jboss.ejb.SecurityActions.getSecurityContext
0.7% - 1,173 ms org.jboss.ejb.plugins.SecurityActions.isValid
0.6% - 989 ms org.jboss.ejb.plugins.SecurityActions.popSubjectContext
0.3% - 464 ms org.jboss.security.authorization.modules.SecurityActions.getContextClassLoader
0.2% - 397 ms org.jboss.ejb.plugins.security.SecurityActions.setSecurityDomain
0.2% - 348 ms org.jboss.ejb.plugins.PerTxEntityInstanceCache.removeTimerServiceIfAllCancelledOrExpired
0.2% - 339 ms org.jboss.ejb.plugins.security.SecurityActions.getSecurityIdentity
Also noticeable
12.3% - 19,653 ms java.lang.StringBuilder.append
7.1% - 11,243 ms javax.security.auth.Subject.toString
7.1% - 11,243 ms javax.security.auth.Subject.toString
7.1% - 11,243 ms java.lang.String.valueOf
> Investigate performance issue related to use of @SecurityDomain on EJB
> ----------------------------------------------------------------------
>
> Key: EJBTHREE-2042
> URL: https://jira.jboss.org/browse/EJBTHREE-2042
> Project: EJB 3.0
> Issue Type: Task
> Reporter: jaikiran pai
> Assignee: jaikiran pai
>
> A user has reported that the use of @SecurityDomain shows a relatively poor performance (even when a @PermitAll) is applied to the bean. See the referenced forum thread for details.
> Although, it can't be guaranteed that the performance of a bean method invocation with a @SecurityDomain will be same as that without a @SecurityDomain, the difference in the timings as reported in that thread looks a bit too high. This JIRA is to track to investigate the issue and see if there's any genuine performance bug.
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list