[jboss-jira] [JBoss JIRA] Created: (JBAS-3986) OutOfMemory exception due to TimedCachePolicy in JAAS

Ramil Israfilov (JIRA) jira-events at jboss.com
Mon Jan 15 05:35:53 EST 2007 

OutOfMemory exception due to TimedCachePolicy in JAAS
-----------------------------------------------------

                 Key: JBAS-3986
                 URL: http://jira.jboss.com/jira/browse/JBAS-3986
             Project: JBoss Application Server
          Issue Type: Bug
      Security Level: Public (Everyone can see)
          Components: Security
    Affects Versions: JBossAS-4.0.5.GA, JBossAS-4.0.4.GA
         Environment: JDK1.5, solarisx86, JBoss-4.0.4.GA
            Reporter: Ramil Israfilov
         Assigned To: Scott M Stark
            Priority: Critical


We have a big amount of users who perform logon to jboss.
After 15 000 user logins we have an OutOfMemory exception.
During profiling we see that JAASSecurityManager$DomainInfo takes almost all memory. 
We are using       <attribute name="DefaultCacheTimeout">120</attribute> and       <attribute name="DefaultCacheResolution">60</attribute>
But memory is only growing. So no objects are removed from authentication cache.
We tried to disable caching but in that case we had from time to time Authentication failure exception then did logon from multiple clients.
After digging into source code we saw that object never removed from cache !
Only then user do re-logon it is checked that principa is expired and removed.
But it means that If user logged on once it will be always (!!) in cache.
And it leads to OutOfMemory.
We had to extend a run() method of TimedCachePolicy to do remove expired objects:

public void run() {
		super.run();
		synchronized (entryMap) {
			Iterator iter = entryMap.entrySet().iterator();
			List<Object> removeentries = new ArrayList<Object>();
			while (iter.hasNext()) {
				Map.Entry entry = (Map.Entry) iter.next();
				TimedEntry value = (TimedEntry) entry.getValue();

				if (value.isCurrent(now) == false) {
					if(log.isDebugEnabled()){
						log.debug("destroying object:"+value);
					}
						
					value.destroy();
					removeentries.add(entry.getKey());
				}

			}
			for (Object object : removeentries) {
				if(log.isDebugEnabled()){
					log.debug("removing object from Map:"+object);
				}

				entryMap.remove(object);
			}
		}

	}

Is not it will be much better to do it on original TimedCachePolicy class ? 





-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list