|Applies To||RSA Federated Identity Manager (FIM) 2.0|
|Issue||RSA Federated Identity Manager (FIM) 2.0 shows very high memory usage when under load using DSig|
|Cause||While using digital signatures can be an expensive operation, this site was performing an extra, unnecessary DSig operation of signing both the SAML Response and the SAML Assertion|
|Resolution||Signing both the SAML Response and SAML Assertion is not necessary, since the Assertion is actually a subset of what is contained in the Response.|
Disable signing of the Assertion on the AP and your load tests should show more favorable memory usage.
|Legacy Article ID||a21570|