You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@drill.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/02/04 22:48:40 UTC

[jira] [Commented] (DRILL-4353) Expired sessions in web server are not cleaning up resources, leading to resource leak

    [ https://issues.apache.org/jira/browse/DRILL-4353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15133106#comment-15133106 ] 

ASF GitHub Bot commented on DRILL-4353:
---------------------------------------

GitHub user vkorukanti opened a pull request:

    https://github.com/apache/drill/pull/359

    DRILL-4353: Add HttpSessionListener to release resources of expired/invalidated sessions

    Testing:
    
    Send a curl request (5 secs apart) in a loop for about an hour and session timeout set to 30secs. Observed the openfiles in Drill. Openfile counts stabilizes after first few minutes (as the sessions expire for every 5 seconds after first 30secs and new session created every 5seconds)
    
    @jaltekruse Could you please run the regression suites and review?

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/vkorukanti/drill DRILL-4353

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/drill/pull/359.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #359
    
----
commit af18fa8c5d0b52a15c2686fe6ed6ba34956ff351
Author: vkorukanti <ve...@gmail.com>
Date:   2016-02-04T21:06:54Z

    DRILL-4353: Add HttpSessionListener to release resources of expired/invalidated sessions

----


> Expired sessions in web server are not cleaning up resources, leading to resource leak
> --------------------------------------------------------------------------------------
>
>                 Key: DRILL-4353
>                 URL: https://issues.apache.org/jira/browse/DRILL-4353
>             Project: Apache Drill
>          Issue Type: Bug
>          Components: Client - HTTP, Web Server
>    Affects Versions: 1.5.0
>            Reporter: Venki Korukanti
>            Assignee: Venki Korukanti
>            Priority: Blocker
>             Fix For: 1.5.0
>
>
> Currently we store the session resources (including DrillClient) in attribute {{SessionAuthentication}} object which implements {{HttpSessionBindingListener}}. Whenever a session is invalidated, all attributes are removed and if an attribute class implements {{HttpSessionBindingListener}}, listener is informed. {{SessionAuthentication}} implementation of {{HttpSessionBindingListener}} logs out the user which includes cleaning up the resources as well, but {{SessionAuthentication}} relies on ServletContext stored in thread local variable (see [here|https://github.com/eclipse/jetty.project/blob/jetty-9.1.5.v20140505/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java#L88]). In case of thread that cleans up the expired sessions there is no {{ServletContext}} in thread local variable, leading to not logging out the user properly and resource leak.
> Fix: Add {{HttpSessionEventListener}} to cleanup the {{SessionAuthentication}} and resources every time a HttpSession is expired or invalidated.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)