]
Darran Lofthouse resolved WFLY-1371.
------------------------------------
Assignee: Darran Lofthouse
Resolution: Won't Fix
Marking as 'Won't Fix' as this is in relation to PicketBox which is
deprecated.
AuthorizationModule.destroy is never called
-------------------------------------------
Key: WFLY-1371
URL:
https://issues.jboss.org/browse/WFLY-1371
Project: WildFly
Issue Type: Bug
Components: Security
Affects Versions: 8.0.0.Alpha1
Reporter: Vlad Arkhipov
Assignee: Darran Lofthouse
Priority: Major
If you define a custom authorization module in configuration XML, it's
org.jboss.security.authorization.AuthorizationModule.destroy() is never called. So if you
have some stuff in it's sharedState field, it leads to a memory leak. I'm not
quite sure which project is responsible for the calling of this method PicketBox of
WildFly.
As a workaround I currently clear sharedState field in abort() and commit() methods.