Bug 38596

Summary: Unnecessary synchronization and garbage in DataSourceRealm
Product: Tomcat 5 Reporter: Sandy McArthur <sandymac>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Severity: trivial    
Priority: P4    
Version: Nightly Build   
Target Milestone: ---   
Hardware: Other   
OS: All   
URL: http://svn.apache.org/repos/asf/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java

Description Sandy McArthur 2006-02-09 17:55:11 UTC
DataSourceRealm.java declares two StringBuffers fields, preparedRoles and
preparedCredentials, that hold the SQL to be used. After these fields are
assigned they do not change but to use them StringBuffer.toString() must be
called. The toString method is synchronized and creates a new String instance
each time it's called.

The simple fix is to change those fields to Strings and update the start()
method, and remove the toString() calls in credentials(...) and roles(...) methods.

A better, more intrusive, fix is to take advantage of PreparedStatements like
JDBCRealm does.
Comment 1 Yoav Shapira 2006-04-14 15:34:47 UTC
Trivial, as you noted ;)  I did the simple optimization you suggested above, not
the more intrusive one.  If you really think there's good value in doing the
more intrusive one, please submit a patch that does it and reopen this issue. 
Thanks ;)