[jboss-user] [Security & JAAS/JBoss] - Very slow authorization CertRolesLoginModule

[mgamer]

I use my own login module which extends CertRolesLoginModule and looks like this:

public class CustonCertLoginModule extends CertRolesLoginModule {
  | 
  |     private String issuer;
  |     private String defaultRole;
  | 
  |     public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
  |         super.initialize(subject, callbackHandler, sharedState, options);
  |         issuer = (String) options.get("issuer");
  |         defaultRole = (String) options.get("defaultRole");
  |     }
  | 
  |     
  |     protected Group[] getRoleSets() throws LoginException {
  |          
  |         X509CertImpl credentials = (X509CertImpl) getCredentials();
  |         if (issuer.equals(credentials.getIssuerDN().getName())) {
  |             Group[] roleSets = {new SimpleGroup("Roles") {
  |                 {
  |                     addMember(new SimplePrincipal(defaultRole));
  |                 }
  |             }};
  | 
  |             return roleSets;
  |         }
  |         return null;
  |     }
  | 
  | 

It seems to work fine, but sometimes (which is about one or two times in one minute) when I try to access restricted page it seems to work really slow (more than one minute of waiting to load requested page).

I could't find any pattern in this strange behaviour of authorizing module, so I'm lost. 

Is there anything bad wity my custom class?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4164750#4164750

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4164750