[
http://jira.jboss.com/jira/browse/JBAS-3012?page=comments#action_12384499 ]
joshmoore commented on JBAS-3012:
---------------------------------
Scott, could you clarify what you think the cause is here? We are running into this as
well. A long running server had over 100K login modules plus 400K SimplePrincipals and
100K SecurityAssociationHandlers, SimpleGroups, etc. which eventually brought it to its
knees. I've posted a screen shot from jprofiler at
https://trac.openmicroscopy.org.uk/omero/ticket/818 , and confirmed that calling
DynamicLoginConfig's flushAuthenticationCaches does free almost everything up. Not,
however, the SecurityAssociation$SubjectContext instances. I'm still looking into
that.
My planned work-around is to periodically call flushAuthenticationCaches. Any thoughts?
Many thanks,
Josh Moore
Glencoe Software, Inc.
The Open Microscopy Environment
From: jboss-service.xml
<mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
name="omero:service=LoginConfig">
<attribute
name="AuthConfig">META-INF/jboss-login.xml</attribute>
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig
</depends>
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager
</depends>
</mbean>
From: jboss-login.xml
<policy>
<application-policy name="OmeroSecurity">
<authentication>
<login-module code = "ome.security.JBossLoginModule" flag =
"required">
<module-option name =
"unauthenticatedIdentity">guest</module-option>
<module-option name =
"dsJndiName">java:/omeroDS</module-option>
<module-option name =
"hashAlgorithm">MD5</module-option>
MemoryLeak in JaasSecurityManager::DomainInfo
---------------------------------------------
Key: JBAS-3012
URL:
http://jira.jboss.com/jira/browse/JBAS-3012
Project: JBoss Application Server
Issue Type: Sub-task
Security Level: Public(Everyone can see)
Components: Security
Reporter: Adrian Brock
Assigned To: Scott M Stark
Fix For: No Release
There is a memory leak caused by the JaasSecurityManager::DomainInfo
holding a reference to the LoginContext.
Internally, this holds a reference to the context classloader.
If this information is cached and then the classloader undeployed,
the classloader and all associated classes/proxies/static data
don't get garbage collected until this information is flushed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira