Eliminating the security overhead when not running with a security manager
David Lloyd
david.lloyd at redhat.com
Tue Nov 21 13:14:26 UTC 2017
On Tue, Nov 21, 2017 at 5:41 AM, Alan Bateman <Alan.Bateman at oracle.com> wrote:
> On 21/11/2017 00:48, David Lloyd wrote:
>>
>> One thing that springs to mind. Some allowance would have to be made
>> for domain combiners and JAAS Subject propagation: this mechanism also
>> uses access control contexts, to its own great detriment.
>
> Are you thinking about usages where there is no security manager but
> AccessController.checkPermission is still used to check permissions?
Not specifically; I'm thinking more of the general problem of Subject
association. Calling Subject#doAs*() has a heavy cost, as does
Subject#getSubject(). I believe that most container vendors who use
JAAS for authentication therefore provide an alternative association
API using thread-locals.
> In terms of performance the main interest here is the "no security manager"
> case. If you have prototypes that moving the stack walking and help the
> security manager case then I expect the folks here will be interested.
I think that the main benefit of this suggested approach is in fact
that it should reduce the cost of the "no security manager" case.
Maybe if I get some time over the upcoming holidays I'll give it a
spin and see how it goes.
--
- DML
More information about the security-dev
mailing list