mace-opensaml-users - Re: [OpenSAML]
Subject: OpenSAML user discussion
List archive
- From:
- To:
- Subject: Re: [OpenSAML]
- Date: Thu, 17 Jul 2008 14:38:41 -0400
Thank you - thats what I was looking for (though as you noted the JVM was the real issue, and only on my Wiindows box, niot in UNIX).
I just didn't connect those dots when I was tracing through.
Edward Thompson
Authentication & Entitlements
Brent Putman <>
07/17/2008 02:34 PM
|
|
Aside from the JVM issues you and Chad have already been discussing, note that on the SAML 2 Encrypter, the ID generator is a configurable property:
/**
* Set the generator to use when creating XML ID attribute values.
*
* @param newIDGenerator the new IdentifierGenerator to use
*/
public void setIDGenerator(IdentifierGenerator newIDGenerator) {
this.idGenerator = newIDGenerator;
}
The IdentifierGenerator defaults to our org.opensaml.common.impl.SecureRandomIdentifierGenerator.
However we also have another impl, org.opensaml.common.impl.RandomIdentifierGenerator, which just uses java.util.Random.
And of course you could supply your own impl if there is a better option on your platform. IdentifierGenerator is a pretty simple interface, just 2 methods.
Perhaps that will help you if you can't find a better solution re: the JVM issues.
--Brent
wrote:
I am using the latest SAML2 library for Java.
When I call the encrypt() method of an Encryter for an Attribute, it looks like the downline code is using
SecureRandom to generate an unique id for the Node. On my XP machine at least, this is a VERY expensive operation, and I find it spending 2.2-2.5 seconds
in the nextByte() .
Do others find this to be true? Is there a way I can generate my own id for the Node?
SecureRandom is critical for key generation et al. but isn't it overkill for generating a simple id?
What am I missing?
Edward Thompson
Charlotte, NC 28202
- [no subject], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Brent Putman, 07/17/2008
- Re: [OpenSAML], edward . thompson, 07/17/2008
- Re: [OpenSAML], Chad La Joie, 07/17/2008
Archive powered by MHonArc 2.6.16.