11:35 a.m.
OutOfMemory exception due to TimedCachePolicy in JAAS
-----------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
Priority: Critical
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:40 a.m.
New subject: [JBoss JIRA] Commented: (JBAS-3986) OutOfMemory exception due to TimedCachePolicy in JAAS
[ http://jira.jboss.com/jira/browse/JBAS-3986?page=comments#action_12370647 ]
Anil Saldhana commented on JBAS-3986:
-------------------------------------
Are your users doing a web login? If yes, are they logging out? When they log out, are you
invalidating the session? A session invalidation routine does flush the security cache. So
if 1 user is logging in, on log out, the entry is removed. If not, the entry exists until
the cache times out.
If not, set your cache time outs to a lower value. In a high volume system, system
resources are precious (Http Sessions, cache objects). You have to set the time outs to a
manageable setting.
OutOfMemory exception due to TimedCachePolicy in JAAS
-----------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
Priority: Critical
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:12 a.m.
New subject: [JBoss JIRA] Commented: (JBAS-3986) OutOfMemory exception due to TimedCachePolicy in JAAS
[ http://jira.jboss.com/jira/browse/JBAS-3986?page=comments#action_12370651 ]
Ramil Israfilov commented on JBAS-3986:
---------------------------------------
During tests we did correct login and logout and memory was growing. Problem is that
TimedCachePolicy as described in javadoc: "This is a lazy cache policy in that
objects are not checked for expiration until they are accessed."
So it means if user A login and logout it will still remain in cache until next login.
and another problem is that TimedCachePolicy is used by default: inside
JaasSecurityManagerService.java there is a DefaultCacheObjectFactory class which
instantiate TimedCachePolicy
So for a moment in our production environment we are using my proposition by extending
TimedCachePolicy's run() method.
It is up to you to make your product better !
OutOfMemory exception due to TimedCachePolicy in JAAS
-----------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
Priority: Critical
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:27 p.m.
New subject: [JBoss JIRA] Updated: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[ http://jira.jboss.com/jira/browse/JBAS-3986?page=all ]
Anil Saldhana updated JBAS-3986:
--------------------------------
Summary: Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
(was: OutOfMemory exception due to TimedCachePolicy in JAAS)
Fix Version/s: JBossAS-4.2.2.GA
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
Fix For: JBossAS-4.2.2.GA
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:27 p.m.
New subject: [JBoss JIRA] Updated: (JBAS-3986) OutOfMemory exception due to TimedCachePolicy in JAAS
[ http://jira.jboss.com/jira/browse/JBAS-3986?page=all ]
Anil Saldhana updated JBAS-3986:
--------------------------------
Priority: Major (was: Critical)
OutOfMemory exception due to TimedCachePolicy in JAAS
-----------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
Fix For: JBossAS-4.2.2.GA
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:29 p.m.
New subject: [JBoss JIRA] Commented: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[ http://jira.jboss.com/jira/browse/JBAS-3986?page=comments#action_12410339 ]
Niklas Hellberg commented on JBAS-3986:
---------------------------------------
Same issue with JBossAS-4.2.2.GA
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: http://jira.jboss.com/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assigned To: Scott M Stark
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:03 p.m.
New subject: [JBoss JIRA] Assigned: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[
https://jira.jboss.org/jira/browse/JBAS-3986?page=com.atlassian.jira.plug...
]
Marcus Moyses reassigned JBAS-3986:
-----------------------------------
Assignee: Marcus Moyses (was: Scott M Stark)
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: https://jira.jboss.org/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.4.GA, JBossAS-4.0.5.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assignee: Marcus Moyses
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:50 p.m.
New subject: [JBoss JIRA] Resolved: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[
https://jira.jboss.org/jira/browse/JBAS-3986?page=com.atlassian.jira.plug...
]
Marcus Moyses resolved JBAS-3986.
---------------------------------
Fix Version/s: JBossAS-5.2.0.Beta1
JBossAS-6.0.0.Alpha1
Resolution: Done
Created AuthenticationCacheFlushThread to actively scan all the caches and flush expired
entries.
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: https://jira.jboss.org/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.4.GA, JBossAS-4.0.5.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assignee: Marcus Moyses
Fix For: JBossAS-5.2.0.Beta1, JBossAS-6.0.0.Alpha1
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:21 p.m.
New subject: [JBoss JIRA] Commented: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[
https://jira.jboss.org/jira/browse/JBAS-3986?page=com.atlassian.jira.plug...
]
Marcus Moyses commented on JBAS-3986:
-------------------------------------
The period of this thread is 1 hour (3600 seconds) and it can be modified by the
DefaultCacheFlushPeriod attribute of the JaasSecurityManagerService mbean. A value of 0
means that the thread will not be created.
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: https://jira.jboss.org/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.4.GA, JBossAS-4.0.5.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assignee: Marcus Moyses
Fix For: JBossAS-5.2.0.Beta1, JBossAS-6.0.0.Alpha1
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:56 a.m.
New subject: [JBoss JIRA] Reopened: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[
https://jira.jboss.org/jira/browse/JBAS-3986?page=com.atlassian.jira.plug...
]
Brian Stansberry reopened JBAS-3986:
------------------------------------
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: https://jira.jboss.org/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.4.GA, JBossAS-4.0.5.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assignee: Marcus Moyses
Fix For: JBossAS-6.0.0.M1
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:56 a.m.
New subject: [JBoss JIRA] Resolved: (JBAS-3986) Active Flushing: OutOfMemory exception due to TimedCachePolicy in JAAS
[
https://jira.jboss.org/jira/browse/JBAS-3986?page=com.atlassian.jira.plug...
]
Brian Stansberry resolved JBAS-3986.
------------------------------------
Fix Version/s: (was: JBossAS-6.0.0.M3)
Resolution: Done
Active Flushing: OutOfMemory exception due to TimedCachePolicy in
JAAS
----------------------------------------------------------------------
Key: JBAS-3986
URL: https://jira.jboss.org/jira/browse/JBAS-3986
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-4.0.4.GA, JBossAS-4.0.5.GA
Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
Reporter: Ramil Israfilov
Assignee: Marcus Moyses
Fix For: JBossAS-6.0.0.M1
We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory.
We are using <attribute
name="DefaultCacheTimeout">120</attribute> and <attribute
name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication
failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:
public void run() {
super.run();
synchronized (entryMap) {
Iterator iter = entryMap.entrySet().iterator();
List<Object> removeentries = new ArrayList<Object>();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
TimedEntry value = (TimedEntry) entry.getValue();
if (value.isCurrent(now) == false) {
if(log.isDebugEnabled()){
log.debug("destroying object:"+value);
}
value.destroy();
removeentries.add(entry.getKey());
}
}
for (Object object : removeentries) {
if(log.isDebugEnabled()){
log.debug("removing object from Map:"+object);
}
entryMap.remove(object);
}
}
}
Is not it will be much better to do it on original TimedCachePolicy class ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5182
days inactive
6304
days old
10 comments
6 participants
participants (6)
-
Anil Saldhana (JIRA) -
Brian Stansberry (JIRA)
-
Marcus Moyses (JIRA)
-
Niklas Hellberg (JIRA)
-
Ramil Israfilov (JIRA) -
Ramil Israfilov (JIRA)