[jboss-jira] [JBoss JIRA] (SECURITY-845) Classloader leak in JBossCachedAuthenticationManager
Peter Skopek (JIRA)
issues at jboss.org
Tue Sep 9 09:28:03 EDT 2014
[ https://issues.jboss.org/browse/SECURITY-845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Skopek resolved SECURITY-845.
-----------------------------------
Fix Version/s: PicketBox_4_0_21.Beta4
Resolution: Done
> Classloader leak in JBossCachedAuthenticationManager
> ----------------------------------------------------
>
> Key: SECURITY-845
> URL: https://issues.jboss.org/browse/SECURITY-845
> Project: PicketBox
> Issue Type: Bug
> Components: PicketBox
> Affects Versions: PicketBox_4_0_21.Beta2
> Reporter: Emmanuel Hugonnet
> Assignee: Emmanuel Hugonnet
> Fix For: PicketBox_4_0_21.Beta4
>
>
> The problematic piece of code is the domainCache member variable which in the DomainInfo value holds a LoginContext instance. This LoginContext has member contextClassLoader which causes the leak. (It points to the ModuleClassLoader of the deployment).
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list