2 Replies Latest reply on Mar 2, 2004 10:00 AM by Scott Stark

    Fundamental performance problem with JaasSecurityManager

    Craig Day Newbie


      It appears to us that the synchronization in JaasSecurityManager is capable of causing significant performance problems in JBoss 3.2.1. The isValid() method, which is called from everywhere to do authentication and check authorization, is synchronized, presumably to protect the security cache. Ultimately the isValid() call may result in a call to our login module, which typically does database work. While our login module is doing the database work (username/password lookup, roles etc) no other part of the system can make a call to isValid(). Scott? Anyone? does this make sense, or are we missing something more fundamental :)

      cheers
      craig