Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

Security and Performance

 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm not sure if many people have ever bridged this discussion. I work with a number of applications that use a common security model. It's home grown security application consisting mainly of EJBs and Read Only Entity Beans. In it we maintain credentials about a user: username/password, roles, permissions (Create, Read, Update, Delete, Execute), etc...
I am finding that our ACL lookups for security are so expensive that our applications that extend these Security APIs suffer in performance and scalability. I am curious if anyone in the group can point me to a white paper or specification on implementing role-based security in Java for performance and scalability? I feel like we need a different approach to managing advanced level security.
Regards,
Steve
 
author
Posts: 14112
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am curious - can you explain *why* you are suffering in performance from your security model? That is, what *exactly* is the bottleneck?
 
Ranch Hand
Posts: 2937
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
To echo Ilja, I would recommend running the app through a profiler and pinpoint the bottleneck(s), instead of discarding the whole security model as "slow".
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic