You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/06/20 09:06:27 UTC

DO NOT REPLY [Bug 10040] New: - SingleSignOn valve unbounded memory use

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10040>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10040

SingleSignOn valve unbounded memory use

           Summary: SingleSignOn valve unbounded memory use
           Product: Tomcat 4
           Version: 4.0.3 Final
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jyri@eng.sun.com


SingleSignOn entries are not necessarily associated with sessions. A new
SingleSignOnEntry is created whenever a new authenticated user is registered
(AuthenticatorBase.register() -> SingleSignOn.register()) and this object is
placed in the SingleSignOn.cache hashmap. These entries are never removed and
this hashmap will continue to grow until all memory is exhausted.

This can most easily be observed by placing a load generator with cookie 
support disabled to generate requests.

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>