000021201 - RSA Federated Identity Manager (FIM) 2.0 shows very high memory usage when under load using DSig

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021201
Applies ToRSA Federated Identity Manager (FIM) 2.0
Digital Signing
IssueRSA Federated Identity Manager (FIM) 2.0 shows very high memory usage when under load using DSig
CauseWhile using digital signatures can be an expensive operation, this site was performing an extra, unnecessary DSig operation of signing both the SAML Response and the SAML Assertion
ResolutionSigning both the SAML Response and SAML Assertion is not necessary, since the Assertion is actually a subset of what is contained in the Response.

Disable signing of the Assertion on the AP and your load tests should show more favorable memory usage.
Legacy Article IDa21570

Attachments

    Outcomes