Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle leak in WindowsAuthProviderImpl? #355

Closed
afirmage opened this issue May 6, 2016 · 2 comments
Closed

Handle leak in WindowsAuthProviderImpl? #355

afirmage opened this issue May 6, 2016 · 2 comments
Labels
bug?

Comments

@afirmage
Copy link
Contributor

afirmage commented May 6, 2016
edited
Loading

I'm using waffle 1.8 with Tomcat 8 for Windows authentication in front of an OpenRDF Sesame 2.7.15 web app and found that every request that comes in leaks an OS Token handle (via using sysinternals handle.exe etc.). This is becoming a big problem on busy systems as the handle count goes in to the 100,000s over a week or so.

It looks like this could possibly come from the handle in the WindowsCredentialsHandleImpl initialized here into the serverCredential var. This is passed in, and held by, the WindowsSecurityContextImpl sc var, and this is disposed in every case, except when a successful negotiation completes, in which case it is returned to the caller here into the securityContext var.

It looks like the securityContext var needs to be disposed before returning from this method, perhaps in the finally block at the end.
@dblock
Copy link
Collaborator

dblock commented May 6, 2016

This looks legit, please PR?

@dblock dblock added the bug? label May 6, 2016
@afirmage afirmage mentioned this issue May 10, 2016
Merged
@afirmage
Copy link
Contributor Author

PR #357

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug?
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dblock @afirmage