000022418 - Does RSA Security provide an async interface with the Java Authentication API?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022418
Applies ToRSA Authentication Agent 5.0.3 API for Java
IssueDoes RSA Security provide an async interface with the Java Authentication API?
CauseThe C API for RSA Authentication Agent has both synchronous and asynchronous options, where the asynchronous option has more complexities, but potentially delivers higher performance than its synchronous counterpart. The Java API offers a single interface which appears to most resemble the synchronous interface.
ResolutionWhen we look at the RSA SecurID API, there are a number of different (but related) features to be considered:

1. Blocking vs. Non-Blocking IO - this relates to the ability to send UDP packets for multiple requests at the same time

2. Multithreading

3. Asynchronous vs. synchronous processing of authentication requests (closely tied to item 1 above)

4. Callback handles for the asynchronous mechanisms

The original C / C++ language was not designed for multithreading; they are languages designed prior to threading becoming a mainstream architecture. Because of this, a variety of features are designed into API's, such as the SecurID API's ability to allow high performance (where the underlying architecture did not offer this ability).

Java has multithreading at the core of its functionality; hence, it does not need the "artificial" threading architecture put into an API since it is already present. What does become important is that the underlying classes in the API are written to actually work in a multithreading API.

The RSA Authentication Agent API for Java fully supports threading, meaning that all of the desired high performance options such as asynchronous processing, non-blocking IO, and call-backs (for checking the status of a concurrent authentication) are all instantly delivered by the standard Java threading model.

It is a common misconception that the asynchronous interface will give better or faster performance, but in reality, it is often the opposite. RSA Security tests have found that the Java API is approximately 4 times faster than the ?C? asynchronous API.
Legacy Article IDa28417