JVM Garbage Collection and Optimizations

Overview When troubleshooting systems for performance-related issues, memory optimizations are a place that needs a deep analysis of what each system stores in the memory, how long those are stored, and access patterns. This post is to keep a note on the background information and valuable points to note in such an effort, specific to Java-based implementations as a deep understanding of the JVM behaviors is very beneficial in the process.

Java language provides much convenience to the developers by taking care of the memory management to a great extent letting the focus be on the rest of the logic. Still having a good understanding of how Java does this underneath, rationalize several best practices we follow in Java implementations and help design the programs better and think seriously on some aspects that can later lead to memory leaks and system stability in the long run. Java Garbage Collector has a big role in this been responsible for freeing up memory by removing memory gar…

Signing SOAP Messages - Generation of Enveloped XML Signatures

Digital signing is a widely used mechanism to make digital contents authentic. By producing a digital signature for some content, we can let another party capable of validating that content. It can provide a guarantee that, is not altered after we signed it, with this validation. With this sample I am to share how to generate the a signature for SOAP envelope. But of course this is valid for any other content signing as well.

Here, I will sign
  • The SOAP envelope itself
  • An attachment 
  • Place the signature inside SOAP header 
With the placement of signature inside the SOAP header which is also signed by the signature, this becomes a demonstration of enveloped signature.

I am using Apache Santuario library for signing. Following is the code segment I used. I have shared the complete sample here to to be downloaded.

public static void main(String unused[]) throws Exception {

        String keystoreType = "JKS";
        String keystoreFile = "src/main/resources/PushpalankaKeystore.jks";
        String keystorePass = "pushpalanka";
        String privateKeyAlias = "pushpalanka";
        String privateKeyPass = "pushpalanka";
        String certificateAlias = "pushpalanka";
        File signatureFile = new File("src/main/resources/signature.xml");
        Element element = null;
        String BaseURI = signatureFile.toURI().toURL().toString();
        //SOAP envelope to be signed
        File attachmentFile = new File("src/main/resources/sample.xml");

        //get the private key used to sign, from the keystore
        KeyStore ks = KeyStore.getInstance(keystoreType);
        FileInputStream fis = new FileInputStream(keystoreFile);
        ks.load(fis, keystorePass.toCharArray());
        PrivateKey privateKey =

                (PrivateKey) ks.getKey(privateKeyAlias, privateKeyPass.toCharArray());
        //create basic structure of signature
        javax.xml.parsers.DocumentBuilderFactory dbf =
        DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
        DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
        Document doc = dBuilder.parse(attachmentFile);
        XMLSignature sig =
                new XMLSignature(doc, BaseURI, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);

        //optional, but better
        element = doc.getDocumentElement();

            Transforms transforms = new Transforms(doc);
            //Sign the content of SOAP Envelope
            sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);

            //Adding the attachment to be signed
            sig.addDocument("../resources/attachment.xml", transforms, Constants.ALGO_ID_DIGEST_SHA1);


        //Signing procedure
            X509Certificate cert =
                    (X509Certificate) ks.getCertificate(certificateAlias);

        //write signature to file
        FileOutputStream f = new FileOutputStream(signatureFile);
        XMLUtils.outputDOMc14nWithComments(doc, f);

At first it reads in the private key which is to be used in signing. To create a key pair for your own, this post  will be helpful. Then it has created the signature and added the SOAP message and the attachment as the documents to be signed. Finally it performs signing  and write the signed document to a file.

The signed SOAP message looks as follows.

<soap:Envelope xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pj="http://www.pjxml.org/namespaces/messageHeader"
        <pj:MessageHeader pj:version="1.0" soap:mustUnderstand="1">
                <pj:PartyId pj:type="ABCDE">FUN</pj:PartyId>
                <pj:PartyId pj:type="ABCDE">PARTY</pj:PartyId>
            <pj:ConversationId>FUN PARTY FUN 59c64t0087fg3kfs000003n9</pj:ConversationId>
                <pj:MessageId>FUN 59c64t0087fg3kfs000003n9</pj:MessageId>
        <pj:Via pj:id="59c64t0087fg3ki6000003na" pj:syncReply="False" pj:version="1.0"
                soap:actor="http://schemas.xmlsoap.org/soap/actor/next" soap:mustUnderstand="1">
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
                <ds:Reference URI="">
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                <ds:Reference URI="../resources/attachment.xml">
                        <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Transform>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
            <ds:SignatureValue>d0hBQLIvZ4fwUZlrsDLDZojvwK2DVaznrvSoA/JTjnS7XZ5oMplN9  THX4xzZap3+WhXwI2xMr3GKO................x7u+PQz1UepcbKY3BsO8jB3dxWN6r+F4qTyWa+xwOFxqLj546WX35f8zT4GLdiJI5oiYeo1YPLFFqTrwg==
   <ds:X509Certificate>                MIIDjTCCAnWgAwIBAgIEeotzFjANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJMSzEQMA4GA1UE...............qXfD/eY+XeIDyMQocRqTpcJIm8OneZ8vbMNQrxsRInxq+DsG+C92b
        <pr:GetPriceResponse xmlns:pr="http://www.pushpalankajaya.com/prices">

In a next post we will see how to verify this signature, so that we can guarantee signed documents are not changed (in other words guarantee that the integrity of the content is preserved) .



  1. This comment has been removed by a blog administrator.

  2. Hi,

    I was looking out for such example to digital sign a soap request to access a webservice. Thanks for the nice example.
    My query is webserver administrator has provided us a .Keystore file (probably a jks file). I would like to know whether privatekeyalias, privatekeypass and certificatealias values would be there in that keystore file or they are to be any values which we would like to set. What is command to see contain of .keystore. Please advise as this is the first time I am trying to sign an XML document.


    Sudhir Kulkarni

    Mumbai - India

    1. Hi,

      The alias values are there in the keystore. But the keystore password, you should know from the administrator.

      Following command will list the certificates in the key store. If you know the alias you are looking at use the second command.

      keytool -list -v -keystore .jks

      keytool -list -v -keystore .jks -alias

  3. Digital Signature in ASP.Net: Super Signature You can Download Supersignature Integration demo project
    electronic signature pad

  4. Please check your sample. Ubuntuone is deleting the file on 31.7.2014 but it is already unavailable for visitors. Is it possible to attach it to your blog ?

    1. Thanks for the heads up.. I will updating the posts hosting them in a new location.

  5. sample program is not available for downloading. could you please attach it to your blog or provide its new loaction?


    1. Hi,

      You can download it from this link 'https://drive.google.com/file/d/0B1njqfOEx3g8dHVaSHh6Mml5NU0/view?usp=sharing'.

    2. Thanks.

      Actually I need soap request in below format.



      I tried it using wss4j but I am facing issue while configuring security header. any pointer would help,


    3. Hi Pushpalanka,
      Still I am unable to download from the link given by you. Could you please attach to your blog or provide some working location ?

      Thank you.

  6. Hello, My name is Juan Carrillo, I am from Ecuador South America. Thank you for you sample. I am wondering if you can give me some advice: I need to add and "Object" node in my "Signature" node, and I do not know where I can find information to modify my code. Any help I will appreciate. This "Object" is used to meet the requirements of the European Community (etsi.org/01903/v1.3.2)

  7. I need to access a web service . I was given a jks file , its alias and password . So I need to build a soap message and sign with this jks file ( Not my own jks file ). How do I do that ? I believe jks file I got is the public key as nobody would share one's private key.. So I need a method to sign SOAP message with public key. I would request you to help on this.

    1. We can encrypt the SOAP message using public key, but not to sign. For signing purposes we should use private key. This convention is made depending on the particular needs each is satisfying.

      Encrypt with public key - Only the party with the relevant private key can read the information. This preserves confidentiality.
      Sign with private key - Any party can get the publicly available public key, generate the signature and compare. This can satisfy, integrity of the information and non-repudiation.

      Considering the above information(which explains the general use), you should decide what you should do.

  8. Hi there! glad to drop by your page and found these very interesting and informative stuff. Thanks for sharing, keep it up!

  9. Just a quick question, why is the sig.addDocument line not referencing the actual content being signed (ie Body)? Shouldn't an identifier be provided to achieve such thing?

  10. This comment has been removed by the author.

  11. hi,

    Thanks for your tutorial, i need to have SOAP message to be digitally signed and added WSSE Securuty Header with keystore , which i want it runnable in SOAP UI.

    Can you please help me to sort this..


  12. Replies
    1. No Jais. I usually do not delete these posts except for advertising stuff. I have replied you question above. If there is another question, please post, I will see if there is anything I can do for you.

  13. Hi,
    Excellent post

    Could you please post - how to verify this signature


  14. Hi,

    Please provide link for how to verify signature and sample code of response.


  15. Hi,

    I need to digitally sign my soap xml request. I have read your code. In your case, it is kept in some file and you pick it up and sign it. But, in my case the request xml is created by some code written in java. How to do it if request is not contained in a file, rather created dynamically. Can anyone help me?



    1. modify the inputstream to be byte array instead of file.

    2. I have the same problem.Can anyone help out with the solution. I am using Spring-WS that would automatically generate XML request. Wanted to know how can I integrate this signed signature with the XML. Any suggestions/sample code with something like interceptors..etc please?

  16. Hi,
    Can you provide idea how to verify Digital Signature

  17. hi pushpa we are facing an issue in acessing a web service that needs to digitally signed SOAP request we are not getting an idea how to send that request please can you help us for resolving this issue

  18. Hi Pushpalanka,

    This blog post was very helpful! Thank you so much.

    Your blog is great. Keep up the good work!

  19. This comment has been removed by a blog administrator.

  20. Hi Pushpalanka,
    I'm currently working on a program where I will be sending a SOAP request to a third party. I'm currently having issues with the WSSE:BinarySecurityToken.

    The third party has provided me with a cert and cert password to test with, I am able to export the cert but storing it into the WSSE:BinarySecurityToken element ends when SOAP is sending request as "authentication issues". I posted a question at c sharp corner if you could help me that would be great!


  21. This comment has been removed by a blog administrator.

  22. good post!.


  23. Hi ,
    I have a requirement to have the X509Data element inside SecurityTokenReference element.

    Any views on how to do it with apache santuario / org apache xml security signature is much appreciated.

    I have added a question in stackoverflow on the same:


  24. It is our need that you put it here in your post as much useful that all can take it as a good thing from your site. Thank you.
    digital marketing company in india

  25. In the last few months we've seen a lot of Health Care Reform rules and regulations being introduced by the Health and Human Services Department. Every time that happens, the media gets hold of it and all kinds of articles are written in the Wall Street Journal, the New York Times, and the TV network news programs talk about it. All the analysts start talking about the pros and cons, and what it means to businesses and individuals. Health is God

  26. I think this is a real great article post.Really looking forward to read more. Visit at
    Crazy Video Hub

  27. Nutra Trials defines personal characteristics of different health products including skincare, weight loss, muscle and male enhancement. The study presented here is briefly described for reader convenience and to deliver them assurance with health standards. The best possible answers are given here regarding the selection of an ideal supplement or cream or serum that possibly remains to be safe for health and do not cause any side effects.

  28. It is a great job, I like your posts and wish you all the best. and I hope you continue this job well.
    NutraT line

  29. This is a great post ! it was very informative. I look forward in reading more of your work. Also, I made sure to bookmark your website so I can come back later. I enjoyed every moment of reading it..
    kim kardashian sex tape
    porn sex video hd
    mia khalifa sex video
    sunny leone sexy movie

  30. It is nice blog Thank you provide important information and I am searching for the same information to save my time Big Data Hadoop Online Training

  31. Hello, I am thomus jons thank you for this informative post. That is a great job. Wish you more success.Thank you so much and for you all the best. Takes Down

  32. Times For Health is Online Health & Wellness Program! Your post is so informative and i got everything from it. Thanks again! https://www.timesforhealth.com/

  33. TecSmash is your ultimate source of Technology news and Make Money Online product reviews. We research and review all Tech, MMO, Biz Opp and IM products.TecSmash

  34. Best softwares for Internet Marketers and legitimate make money online opportunities cxyrc

  35. HealRun is a health news blog we provide the latest news about health, Drugs and latest Diseases and conditions. We update our users with health tips and health products reviews. If you want to know any information about health or health product (Side Effects & Benefits) Feel Free To ask HealRun Support Team.

  36. We are here to give you a complete review on the Parallel Profit project by Steve Clayton and Aidan Booth. If you are someone from the field you would already be familiar with these two names, for those of who are new. Parallel Profits Price

  37. Supplements For Fitness While we have discovered some applications for vitamins and plant compounds isolated ... and although sometimes I suggest that my patients use certain extracts or isolated vitamins ... when it comes to this, nothing better than the complex chemistry of food to give your body The best nutrition.

  38. Pilpedia is supplying 100 percent original and accurate information at each moment of time around our site and merchandise, and the intent is to improve the usage of good and pure health supplement. For More Info please visit Pilpedia online store.

  39. Keto 180 Shark Tank : Nutrients vegetarians might try out a replacement vegan menu created of six food teams alone. How sometimes do folks start working out solely to prevent after a few days, weeks or months. However, considering that the diet lasts solely three days, these don't seem to be dispositive. Many superfoods like green tea, acai berry, and other berries are thought-about as superfoods due to the quantity of antioxidants present in them.



  40. This comment has been removed by the author.


  41. Legends Keto Sure running burns more calories than walking, but if running wipes you out or bothers your knees, you are better off walking. This is one example; when you start yourself with any cardio weight loss workout plan, you will get to know which one suits you. If you do not see the results within a few weeks, you should switch over to different cardio exercise. You must be expecting a rapid result, just because you do not drop weight quickly, it does not mean the program is not working. Always adopts a healthy weight loss workout plan that can last you a lifetime.

  42. Revuesdefaits defines personal characteristics of various health merchandise together with skincare, weight loss, muscle and male enhancement. The study presented here is briefly described for reader convenience and to deliver them assurance with health standards. The best potential answers are given here concerning the selection of a perfect supplement or cream or serum that presumably remains to be safe for health and do not cause any facet effects.



  43. Thank you for providing such an awesome article and it is a very useful blog for others to read.

    Oracle ICS Online Training

  44. Thanks for providing a useful article containing valuable information. start learning the best online software courses.

    Workday Online Training

  45. #Sunsign is a sign manufacturer which provide signs solutions for companies, governments, malls, stores, hotels, hospital, and other industries. we focus on providing all kinds of sign products and service such as designing, #manufacturing, installation, after-sale service, etc.
    to know more follow our store at https://sunsign.en.alibaba.com/

  46. New You Keto - Another day, another Keto. I think you can see where this is going. I reckon that you'll easily find a beautiful weight Loss Formula is that it looks more weight Loss. What can they do? To date, I feel weight Lose is much better than Keto. I want them to attain new goals. Ketosis Diet is usually a quandary. The knockoff copies of weight Lose may need to have similar functionality. There isn't a need to go beyond that. Weight Loss Formula has been very potent so far as I continue to work on other weight Loss. Weight Lose always has an advantage and who's prevent you.


  47. Constantly CBD - At that time improvements in Wellness could also be seen in Wellness. When I feel about my own experiences with Wellness, I have a sense about Wellness. I, like you, was astonished regarding Wellness. You may not expect Wellness to give important pleasure. I have completed my review of Wellness.


  48. Alka Tone Keto - In the humble opinion of that particular writer I found this to be a veritable cornucopia of both Ketosis and it. Weight Loss Supplement is starting to lean more towards Weight Loss Shark tank. That has woven itself within our conversation. This is a way to spend a share of hard earned cash on finding out more relating to it. Everybody might have varying tastes in Keto while I am not in favor of Ketosis.


  49. Suplementarios >>> La autenticidad de nuestro sitio web es claramente visible a través de salud y estado fisico con el nombre mencionado en él. Tenemos el mejor producto relacionado con la salud aquí y la tendencia a ofrecer nuestro mejor apoyo a los huéspedes que buscan detalles de los suplementos y comparaciones entre ellos. Para más información amable >>> http://suplementarios.es/








  50. This comment has been removed by the author.

  51. Thank you so much for providing me information about SOAP API and its utilities.
    SQL Server Load Soap Api

  52. Healthy GNC - In usa is a wide variety of health,wellness and Male health performance products.which has include protein,male health performance and weight Loss management supplements.This product is really made to help improve your health, whether you are at the beginning of your fitness. Healthy GNC, gnc,weightloss, bodybuilding,vitamins, energy,fitness,strength,healthfulness, stamina, Wellness.
    For more info - http://www.healthygnc.com/

  53. Bitcoin is a digital payment currency that utilizes Canada Bitcoin Profit cryptocurrency (Web Bitcoin Club a digital medium of exchange) and peer-to-peer (P2P) technology to create and manage monetary transactions as opposed to a central authority. The Crypto Profit open source Canada Bitcoin P2P network creates the bitcoins and manages all the bitcoin transactions.


  54. This blog is full of interesting stuff and i really feel great to read this. Thanks.
    Class 2 Digital Signature certificate in noida

  55. You put really very helpful information.Thank you for sharing with us.

    Renew digital signature in Ghaziabad

  56. This was actually what I was looking for and I am glad to come here! Thanks.

    Renew digital signature certificate in Delhi

  57. Happy to look at your blog as it's miles simply what I’ve looking for. I'm looking forward to some other brilliant article from you.

    Digital signature Provider in Delhi

  58. Balanced Body Keto is an effective weight reducing supplement. It helps you to burn your body’s fat in a natural way. This helps you to expel your all additional fats from the body. In this way, you also get reduced weight. Get slim body with the support of this natural supplement.Balanced Body Keto Shark Tank helps you to get ketosis state of your body. Ketosis state helps you to burn fats as well as calories. This will help you to get slim shape of the body and better health as well.
    Visit On http://www.theapexhealth.com/balanced-body-keto-advanced-blend-dietary-weight-loss-supplement/

  59. Thank you for providing such a notable blog and it's far a very beneficial blog for others to study.

    digital signature certificate provider in Delhi.

  60. Ultra Fast Keto Boost For Weight Loss This formulation is created of natural ingredients, so that square measure the foremost crucial compounds. That ease to offer the organic compound within the body, thereby increasing the quantity of BHB. By the regular use of this supplement, the human body is performed within the acetonemia technique. It can help to rework undesirable carbohydrates into energy. With this supplement, you will have the ability to burn fat faster than ever before. Visit On http://www.rushyourtrial.com/coupon/ultra-fast-keto-boost-advanced-weight-loss-ketosis-support/

  61. Thanks for posting such an informative article. We are a big provider of Digital signature certificates

  62. Nice Blog. We are authorised providers of Digital Signature Certificates, partnered with some of the prominent and licensed Certifying Authorities in India. To have a digital signature click here: Online Digital Signature Certificate

  63. Fantastic blog! Very Nicely Explained, waiting for another one from you. We are also a big provider of digital signature certificate in Ghaziabad and all over India.

  64. This is a great inspiring blog. I am pretty much pleased with your good work. You put really very helpful information.

    Best Digital signature Agency in Delhi

  65. Control X Keto is a unique and organic product in the natural weight loss category that you never noticed before. This Item can enable you to shed additional weight organically and productively. This innovative ketogenic weight reduction supplement is free of any life-threatening compound. This nutritional supplement differs from others as it’s 100% Organic. If you’re seriously interested in losing weight, then this superb and functioning formulation is most appropriate for you. VISIT on http://www.choosetolose.net/control-x-keto-reviews-diet-pills-trial-use-control-x-keto-buy-now/

  66. Thanks for sharing this. Very useful blog. we are the top digital signature provider in Gurgaon.

  67. Valuable and helpful information and i am waiting for another one from you.

    DSC Certificate in India

  68. Ketoconazole soap which is used for fungal infections. Fungal Infection may cause heavy skin diseases. Using Anti Fungal Soap May helps to free from Skin diseases.

  69. Thanks for sharing the relevant information with us. We are the top digital signature provider in India

  70. This is a popular health resort for you. Relates to more than millions of products in the market. But we have suggestions for the most effective and healthy product and can facilitate health and fitness and most of you desire to understand it. You can feel free to ask data about the side effects and benefits of health and wellness items through our site.


  71. Hellio gomovies It is a great job, I love your posts and wish you all the very best. And I hope you continue doing this job well.

  72. Hi

    If you want a lifestyle change to change your diet to eat healthy and nutritious food. And do regular exercise if we cannot

    take care of our mind and body, then we will not be able to take care of others as well, so we need to keep ourselves well.


  73. I feel there is a need to provide some more information about the importance and aspects of SQL and SOAP API.

    SQL Server Load Soap API

  74. Thanks for this useful article. keep it up. we are dealing in Digital Signature Software at minimum prices if anyone wants pls contact.

    Bulk PDF Signer
    PDF Signer
    Digital Signature Software


Post a Comment

Popular posts from this blog

OPA for HTTP Authorization

How to Write a Custom User Store Manager - WSO2 Identity Server 4.5.0