I Had a Server facing around 10000 requests per second. I Added Esapi for Security checks ( mostly getValidInput) and it crashed the CPU. CPU Utilization went to 90&ESAPILEG-37; with around 1500 requests per sec. I use ESAPI.validator().getValidInput(params) everytime i need to check. Am i doing something wrong or is it a performance bug?? Please help asap. I am stuck. DO I have to implement singleton class somewhere?
Figured out the issue. In ValidInput we were not setting Encoder to true or false Manually. So it used to read the properties and cause a Severe Performance Issue. As a Data for 1 lakh Requests it took 3 times more time when no input was provided. Maybe we should mention it in the documents somewhere as a Safe Practice.
From guptanav...@gmail.com on July 08, 2014 14:33:53
I Had a Server facing around 10000 requests per second. I Added Esapi for Security checks ( mostly getValidInput) and it crashed the CPU. CPU Utilization went to 90&ESAPILEG-37; with around 1500 requests per sec. I use ESAPI.validator().getValidInput(params) everytime i need to check. Am i doing something wrong or is it a performance bug?? Please help asap. I am stuck. DO I have to implement singleton class somewhere?
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=332