[jboss-jira] [JBoss JIRA] Commented: (JBAS-3012) MemoryLeak in JaasSecurityManager::DomainInfo

joshmoore (JIRA) jira-events at lists.jboss.org
Fri Oct 26 04:25:01 EDT 2007 

    [ http://jira.jboss.com/jira/browse/JBAS-3012?page=comments#action_12384499 ] 
            
joshmoore commented on JBAS-3012:
---------------------------------

Scott, could you clarify what you think the cause is here? We are running into this as well. A long running server had over 100K login modules plus 400K SimplePrincipals and 100K SecurityAssociationHandlers, SimpleGroups, etc. which eventually brought it to its knees. I've posted a screen shot from jprofiler at https://trac.openmicroscopy.org.uk/omero/ticket/818 , and confirmed that calling DynamicLoginConfig's flushAuthenticationCaches does free almost everything up. Not, however, the SecurityAssociation$SubjectContext instances. I'm still looking into that.

My planned work-around is to periodically call flushAuthenticationCaches. Any thoughts?

Many thanks,
Josh Moore
Glencoe Software, Inc.
The Open Microscopy Environment


From: jboss-service.xml

   <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
      name="omero:service=LoginConfig">
      <attribute name="AuthConfig">META-INF/jboss-login.xml</attribute>
      <depends optional-attribute-name="LoginConfigService">
         jboss.security:service=XMLLoginConfig
      </depends>
      <depends optional-attribute-name="SecurityManagerService">
         jboss.security:service=JaasSecurityManager
      </depends>
   </mbean>

From: jboss-login.xml

 <policy>
   <application-policy name="OmeroSecurity">
      <authentication>
          <login-module code = "ome.security.JBossLoginModule" flag = "required">
            <module-option name = "unauthenticatedIdentity">guest</module-option>
            <module-option name = "dsJndiName">java:/omeroDS</module-option>
            <module-option name = "hashAlgorithm">MD5</module-option>


> MemoryLeak in JaasSecurityManager::DomainInfo
> ---------------------------------------------
>
>                 Key: JBAS-3012
>                 URL: http://jira.jboss.com/jira/browse/JBAS-3012
>             Project: JBoss Application Server
>          Issue Type: Sub-task
>      Security Level: Public(Everyone can see) 
>          Components: Security
>            Reporter: Adrian Brock
>         Assigned To: Scott M Stark
>             Fix For: No Release
>
>
> There is a memory leak caused by the JaasSecurityManager::DomainInfo
> holding a reference to the LoginContext.
> Internally, this holds a reference to the context classloader.
> If this information is cached and then the classloader undeployed,
> the classloader and all associated classes/proxies/static data
> don't get garbage collected until this information is flushed.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list