I think we can cache the AuthConfigFactory instance in AuthenticatorBase
(or somewhere else) without having lock. AuthConfigFactory already
caching it but it is taking a lock (take a look at the code below). We can
do the same as below without synchronization.
public static synchronized AuthConfigFactory getFactory() {
checkPermission(getFactorySecurityPermission);
if (factory != null) {
return factory;
}
On 29 August 2017 at 23:14, Venkata Pavan Kumar Sannisetty <
sunny...@gmail.com> wrote:
> I have tried with 8.5.15 still experiencing the same issue. I have seen
> this particular piece of code getting changed from 8.5.11 to 8.5.15. But
> hitting the same issue,
>
> On 29 August 2017 at 23:11, Mark Thomas <ma...@apache.org> wrote:
>
>> On 29/08/17 17:27, Venkata Pavan Kumar Sannisetty wrote:
>> > Hi,
>> >
>> > Our Application is running on Tomcat 8.5.11 with Java Security Manager.
>> We
>> > see a huge difference in performance dip with tomcat when Java security
>> > manager is enabled. The test uses Jmeter and measures the throughput.
>> Using
>> > JVisualVM provided few bottlenecks in our application as well as with
>> > Tomcat. Our application is around 5 times slow. Jvisualvm shows in each
>> > thread the below call is taking around 70 percent of cpu time. I think
>> this
>> > is because the synchronized call made to AuthConfigFactory.getFactory()
>> > method.
>> >
>> > When security manager is enabled tomcat most of the time spends
>> > at AuthenticatorBase.getJaspicProvider() call. Looking at this piece of
>> > code in Tomcat Github
>> >
>> >
>> > private AuthConfigProvider getJaspicProvider() {
>> > AuthConfigProvider provider = jaspicProvider;
>> > if (provider == null) {
>> > provider = findJaspicProvider();
>> > }
>> > if (provider == NO_PROVIDER_AVAILABLE) {
>> > return null;
>> > }
>> > return provider;
>> > }
>> >
>> > private AuthConfigProvider findJaspicProvider() {
>> > AuthConfigFactory factory = AuthConfigFactory.getFactory()
>> > ;//bottleneck
>> > AuthConfigProvider provider = null;
>> > if (factory != null) {
>> > provider = factory.getConfigProvider("HttpServlet",
>> > jaspicAppContextID, this);
>> > }
>> > if (provider == null) {
>> > provider = NO_PROVIDER_AVAILABLE;
>> > }
>> > jaspicProvider = provider;
>> > return provider;
>> > }
>> >
>> > The jaspicProvider variable is an instance variable i am assuming may
>> be it
>> > is getting created in each and every request (just my assumption).
>> >
>> > Is it possible cache the AuthConfigFactory instance in the code
>> > findJaspicProvider to improve the performance of tomcat with java
>> security
>> > manager.
>> >
>> > Please let me know your inputs.
>>
>> And if you test with a more recent version than 8.5.11 ?
>>
>> Mark
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
