cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <>
Subject [jira] [Resolved] (CXF-5442) CXFAuthenticator causes classloader leaks
Date Fri, 17 Jan 2014 21:58:21 GMT


Daniel Kulp resolved CXF-5442.

       Resolution: Fixed
    Fix Version/s: 2.7.9
         Assignee: Daniel Kulp

Little more reflection magic and I think this is now resolved.  Confirmation would be great.

> CXFAuthenticator causes classloader leaks
> -----------------------------------------
>                 Key: CXF-5442
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>    Affects Versions: 2.6.10
>            Reporter: Mattias Jiderhamn
>            Assignee: Daniel Kulp
>             Fix For: 2.6.12, 2.7.9
>         Attachments: cxf.jpg
> org.apache.cxf.transport.http.CXFAuthenticator will cause classloader leaks.
> When CXFAuthenticator.addAuthenticator() is called, org.apache.cxf.transport.http.ReferencingAuthenticator
is instantiated in a custom "dummy" URLClassLoader, and then wraps any pre-existing default
Authenticator + weak references the CXFAuthenticator.
> In theory, this means that the classloader loading the CXFAuthenticator can be garbage
collected, and then ReferencingAuthenticator.auth is cleared since CXFAuthenticator.instance
is not strongly reachable from GC root.
> I won't say my conclusions are final, but this is how I think it happens: When the dummy
URLClassLoader is instantiated, it inherits the ProtectionDomain that references the current
classloader, which is the one that loaded CXFAuthenticator and thus there is a path to GC
root (see screenshot) and the web app classloader is never garbage collected.

This message was sent by Atlassian JIRA

View raw message