Here are some jar versions being used in test: 29 AXIS 2 Client JARS:
1. activation.jar 2. addressing-1.4.jar 3. axiom-api-1.2.7.jar 4. axiom-dom-1.2.7.jar 5. axiom-impl-1.2.7.jar 6. axis2-codegen-1.4.jar 7. axis2-kernel-1.4.jar 8. backport-util-concurrent-3.1.jar 9. commons-codec-1.3.jar 10. commons-fileupload-1.2.jar 11. commons-httpclient-3.1.jar 12. commons-logging-1.1.1.jar 13. FastInfoset.jar 14. geronimo-stax-api_1.0_spec-1.0.1.jar 15. mail.jar 16. neethi-2.0.4.jar 17. opensaml-1.1.jar 18. rampart-1.4 19. rampart-core-1.4.jar 20. rampart-policy-1.4.jar 21. rampart-trust-1.4.jar 22. serializer-2.7.1.jar 23. woden-api-1.0M8.jar 24. wsdl4j-1.6.2.jar 25. wss4j-1.5.4.jar 26. wstx-asl-3.2.4.jar 27. xalan-2.7.1.jar 28. XmlSchema-1.4.2.jar 29. xmlsec-1.4.0.jar --- On Fri, 10/10/08, Shawn McKinney <[EMAIL PROTECTED]> wrote: > From: Shawn McKinney <[EMAIL PROTECTED]> > Subject: Re: WSS4J 1.5.4 Encryption Performance Question > To: [email protected] > Date: Friday, October 10, 2008, 11:20 AM > Apologize for duplicate post but had the client-side > configuration details wrong. > > Here goes again: > > ******************************* > > We have been using Axis1 and WSS4J in production for 3 > years now. Our token configuration varies by client but > typically is Usernametoken encrypt, timestamp with nonce. > > Recently we have begun the preparations to convert our > clients and services to support Axis2 and Rampart. > > Out of this effort I have been running micro benchmarks for > the following 4 scenarios: > > UNT1: Usernametoken, unencrypt, unsigned, timestamp, nonce > UNT2: Usernametoken, unencrypt, signed, timestamp, nonce > UNT3: Usernametoken, encrypt, signed, timestamp, nonce > UNT4: Usernametoken, encrypt, signed, timestamp, nonce > > Each of the 4 scenarios are encrypting and signing the > username token itself. No encryption of elements within XML > payload have been benchmarked. > > The test results show: > * signing username token is relatively unexpensive. > * encrypting username token is relatively expensive. > > Related to 2nd bullet above. Is there something we are > doing wrong? Our results show a 35% dropoff in overall > throughput when enabling > encryption of the username token. Are these results > consistent with others findings on same, or are we likely > doing something wrong here? > > More details on the tests can be found below: > > Client Machine 1: > * AMD 64 Dual Core > * 2 GHz, 2 GB RAM > * WinXP > * Axis2 client driven by Jmeter > > Server Machine 2: > * Intel Dual core > * 2 GHz, 3 GB RAM > * Linux - Centos 5 > * Running in Tomcat 5.5.x > > * Both machines using Java 1.5 > > Test Objective: > * Compare the 4 UNT types, measure relative performance > costs for performing cryptographic functions. > > 4 Test Cases: > * 10 threads X 5000 service transactions = 50K > transactions per test. > > Benchmark Summary > 1. UNT1 > i. Avg response time: 116 ms > ii. Avg throughput: 85.2/s > iii.Avg CPU utilization (client): 37% > > 2. UNT2 > i. Avg response time: 127 ms > ii. Avg throughput: 78.3/s > iii.Avg CPU utilization (client): 42% > > 3. UNT3 > i. Avg response time: 177 ms > ii. Avg throughput: 56.2/s > iii.Avg CPU utilization (client): 34% > > 4. UNT4 > i. Avg response time: 181 ms > ii. Avg throughput: 54.8/s > iii.Avg CPU utilization (client): 36% > > > Client-side config: > <parameter name="OutflowSecurity"> > <action> > ... > > <!-- UNT1: --> > <items>UsernameToken Timestamp</items> > > <!-- UNT2: --> > <!--items>UsernameTokenSignature > Timestamp</items--> > > <!-- UNT3: --> > <!--items>UsernameToken Encrypt > Timestamp</items--> > > <!-- UNT4: --> > <!--items>UsernameTokenSignature Encrypt > Timestamp</items--> > > ... > > <passwordType>PasswordText</passwordType> > <addUTElements>Nonce Created</addUTElements> > > <encryptionParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</encryptionParts> > > > > signatureParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</signatureParts> > </action> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
