Greetings, I work for a large financial services organization that provides banking solutions for middle and MEGA tier banks in the US and abroad. We have been using Axis 1 and WSS4J in production within our SOA and channel applications for 4 years now and have had good success using these tools.
Last year we converted several of our apps to use the newer Axis2/Rampart framework and are concerned about performance related issues for using the WSS processing functionality. In particular Dennis Sosnoski's article points out a flaw in how the XML data is passed between the two layers: http://www.ibm.com/developerworks/java/library/j-jws6/index.html "Part of this performance hit from WS-Security is due to a flaw in the Rampart handler implementation, which causes it to convert each request and response message to Document Object Model (DOM) form any time Rampart is engaged (even if no security processing is to be done for the message). This particular issue should be fixed in time for a Rampart 1.5 release to go along with Axis2 1.5. Depending on how the fix is implemented, it may substantially improve the times for the UsernameToken test. But even a fix to this issue will probably not affect the other WS-Security times." Currently we are using Axis 2 1.4 Will upgrading to 1.5.1 resolve the issue Dennis points out? Thanks in advance for your reply Shawn McKinney
