Hi Devs, At the moment, Rampart do have the support for caching of crypto objects. Enabling crypto caching provides a significant performance gain to Rampart, as it is not required to read the key stores from the file system each time it performs a cryptographic operation. But users have to enable it by setting certain properties in the RampartConfig. This mailing thread discusses the current crypto caching implementation[1].
WSS4J provides the flexibility of having different Crypto implementations. So the key that should be used as the cache key is different from implementation to implementation. That is the reason behind the requirement of setting these properties in order to enable crypto caching. But most of the time users go with the Merlin, which is the default Crypto implementation provided by WSS4J. IMO, we should enable crypto caching for Merlin by default without asking users to enable it. And also if they want to disable it, then we should provide them the option to do it as well. If they are using any other crypto implementation, then they should enable it by setting the corresponding properties. WDYT ? Thanks, Thilina [1] - http://www.mail-archive.com/[email protected]/msg04375.html Thilina Mahesh Buddhika http://blog.thilinamb.com
