Description
FYI: I did some performance measurement of pysaml2 (4.5-0 on Python 2.7) and python-saml from onelogin.
My result are, that pysaml2 performs a little bit better. I would have expected the opposite because of the subprocess calls with xmldsig.
# python -m timeit -n 100 -r 100 -s 'import compare_saml' 'compare_saml.sso_pysaml()'
100 loops, best of 100: 12.4 msec per loop
# python -m timeit -n 100 -r 100 -s 'import compare_saml' 'compare_saml.sso_onelogin()'
100 loops, best of 100: 20.7 msec per loop
# python -m timeit -n 100 -r 100 -s 'import compare_saml' 'compare_saml.acs_pysaml()'
100 loops, best of 100: 24.1 msec per loop
# python -m timeit -n 100 -r 100 -s 'import compare_saml' 'compare_saml.acs_onelogin()'
100 loops, best of 100: 23.7 msec per loop
(If you want to see the exact script I used: https://forge.univention.org/bugzilla/attachment.cgi?id=10547)
I created some cachegrind files which shows where the time goes in the implementations.
https://forge.univention.org/bugzilla/attachment.cgi?id=10548
https://forge.univention.org/bugzilla/attachment.cgi?id=10549
If you want, you can watch them with kcachegrind.
The results are:
The creation of the AuthNRequest (SSO) costs:
AuthNRequest.to_string(): 69,94%
sign_statement: 37,7%
(_run_xmlsec: 28,40%)
The parsing of the AuthNResponse (ACS) costs:
str_to_time: 35,8%
correctly_signed_response: 58,38%
DefusedXMLParser.feed: 37%
_run_xmlsec: 11,77 %
(The numbers are aligned to over 100%, I don't understand the cachegrind format fully yet).
My conclusion is:
With Python 3 it will probably get much faster, as then cElementTree is used.
The time parsing might need optimization, which will probably be done by PR #518 .
You can close this issue, it's just informational.