wood burning stoves
The moose likes Performance and the fly likes Security and Performance Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Performance
Bookmark "Security and Performance" Watch "Security and Performance" New topic

Security and Performance

Steve Feldman

Joined: Jun 20, 2001
Posts: 21
I'm not sure if many people have ever bridged this discussion. I work with a number of applications that use a common security model. It's home grown security application consisting mainly of EJBs and Read Only Entity Beans. In it we maintain credentials about a user: username/password, roles, permissions (Create, Read, Update, Delete, Execute), etc...
I am finding that our ACL lookups for security are so expensive that our applications that extend these Security APIs suffer in performance and scalability. I am curious if anyone in the group can point me to a white paper or specification on implementing role-based security in Java for performance and scalability? I feel like we need a different approach to managing advanced level security.
Ilja Preuss

Joined: Jul 11, 2001
Posts: 14112
I am curious - can you explain *why* you are suffering in performance from your security model? That is, what *exactly* is the bottleneck?

The soul is dyed the color of its thoughts. Think only on those things that are in line with your principles and can bear the light of day. The content of your character is your choice. Day by day, what you do is who you become. Your integrity is your destiny - it is the light that guides your way. - Heraclitus
John Smith
Ranch Hand

Joined: Oct 08, 2001
Posts: 2937
To echo Ilja, I would recommend running the app through a profiler and pinpoint the bottleneck(s), instead of discarding the whole security model as "slow".
I agree. Here's the link: http://aspose.com/file-tools
subject: Security and Performance
It's not a secret anymore!