I'm facing a strange problem: My non-secure web app works fine.
Securing the web app (web.xml/jboss-web.xml/jboss.xml) makes it very slow: The time spent in the servlets service() method is the same (< 100 ms), but the transmission back to the client takes about 20s. Even the delivery of simple static html pages takes very long.
jboss 2.4.9 with tomcat 3.2.3
jsps/servlets with some session beans
The session beans have a XADataSource,
the login module has a simple JDBC Data Source to get rid of "not in a tx" messages.
[WARN,XAConnectionFactory] XAConnectionImpl: org.jboss.pool.jdbc.xa.wrapper.XAConnectionImpl@6d0040 has no current tx!
I assume a problem in the way the response is transmitted back to the client -- how does security change that?
Things get really worse with file uploads -- "document contains no data", no reaction at all ...
tomcat 4.x has the same problem, further it gives me a MAPPING configuration error
[INFO,Engine] StandardHost[localhost]: MAPPING configuration error for request URI
jboss 3.x security is not stable, tried this too.
<!-- These roles have access -->
<!-- BASIC HTTP authorization: Works -->