2 Replies Latest reply on Mar 17, 2014 2:29 PM by John L

    encrypting datasource passwords severe performance hit.

    John L Newbie

      We setup our jboss7.1.3 to use encrypted datasource passwords:



                      <datasource jndi-name="java:/SomDS" pool-name="SomeDS" enabled="true" use-java-context="true">








                  <security-domain name="some-encrypted-ds" cache-type="default">
                          <login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
                              <module-option name="username" value="some"/>
                              <module-option name="password" value="-......."/>

      By using this our system took a 30% performance hit.

      Some transactions might call getConnection 50 times.


      It seems from looking at code that even if a connection already exists in the pool the password is

      decrypted on every call to get a connection from the datasource.


      Seems like it should only decrypt when a new connection is created to the database.


      Any workarounds?

      Moving back to unencrypted passwords solves the performance problem.


      <security xmlns="urn:jboss:domain:datasources:1.1">