tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yuval Perlov <>
Subject ssl.SessionId Cache keeps growing
Date Mon, 21 Jan 2008 15:26:25 GMT
This is a tricky one so bare with me...

We are using Tomcat 5.5 on windows running Java SSL. There are MANY  
concurrent clients using SSL.

After investigating what seemed to be a memory leak and taking a  
memory dump we realized that the memory is not leaking but rather  
growing with a SoftReference cache (it took some courage to wait and  
see that the memory stops growing about 100mb from the end).

jhat tells us our top instances are:

635474 instances of class [B
635260 instances of SoftReference
633929 instances of CacheEntry
617521 instances of

This block takes about 850MB! It gets there after a few days.
(do not confuse with an HttpSession problem - the sessions are  
invalidated immediately but do not affect the ssl.sessionid cache).

While it doesn't create an OutOfMemoryException (since its a  
SoftReference structure) it seriously affects gc performance.

I'd be really interested to know if:
1. Any one has ever met this problem?
2. Is there anyway to access the ssl.SessionId object and invalidate  
it during the HttpServletRequest life cycle?
3. Anyway to limit or even disable SSL SessionId for a particular  
connector (or, as a last resort to all connectors).
4. Does anyone know of a mechanism to flush all SoftReference or  
limit their number?
5. Can you think of any other way to tackle this?
6. What were the guys in Sun thinking???

Yuval Perlov

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message