openwebbeans-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sebastian Gebhardt <sebastian.gebha...@bfeater.de>
Subject Memleak when using owb with tomcat 7 and container managed security?
Date Fri, 06 Mar 2015 11:54:40 GMT
Hello!

My application uses owb and runs in a tomcat 7. The user are 
authenticated by the container.
During the authentication the session id changes (to prevent session 
fixation attacks). This leads to a second call to 
SessionContextManager.addNewSessionContext(). But the SessionContext 
created in the first call is never destroyed/removed. So the 
SessionContextManager's map of session contexts grows. Finally this 
leads to an OutOfMemoryException.
Is there something I have misconfigured?


Thanks!

Mime
View raw message