Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5119

Winstone: Memory leak due to default session timeout of -1

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • core
    • None
    • Hudson 1.337 (Winstone), Solaris 10 SPARC, Sun JDK 1.6.0_16

      We are running Hudson with its embedded Winstone servlet engine. User authentication within Hudson is done via Hudsons LDAP security realm using our corporate ActiveDirectory via LDAP.

      After running Hudson a few weeks we're running into OutOfMemory exceptions. Here the culprit is a single winstone.WebAppConfiguration instance holding a lot of winstone.WinStoneSession instances each holding an Acegi RememberMeAuthenticationToken instance with 36k data from the authenticated users AD record.

      It seems that Hudson isn't setting Winstones session timeout. Without specifying a session timeout winstone.WebAppConfiguration.makeNewSession() is using a session timeout of -1.

          [JENKINS-5119] Winstone: Memory leak due to default session timeout of -1

          tjuerge created issue -
          tjuerge made changes -
          Description Original: We are running Hudson with its embedded Winstone servlet engine. User authentication within Hudson is done via Hudsons LDAP security realm using our corporate ActiveDirectory via LDAP.

          After running Hudson a few weeks we're running into OutOfMemory exceptions. Here the culprit is a single {{winstone.WebAppConfiguration}} instance holding a lot of {{winstone.WinStoneSession}} instances each holding an Acegi {{RememberMeAuthenticationToken}} instance with 36k data from the authenticated users AD record.

          It seems that Hudson isn't setting Winstones session timeout. Without specifying a session timeout {{winstone.WebAppConfiguration.makeNewSession()}} is using a session timeout of -1 via {{ws.setMaxInactiveInterval(-1)}}.

          Btw. who is responsible for calling {{winstone.WebAppConfiguration.invalidateExpiredSessions()}}?
          New: We are running Hudson with its embedded Winstone servlet engine. User authentication within Hudson is done via Hudsons LDAP security realm using our corporate ActiveDirectory via LDAP.

          After running Hudson a few weeks we're running into OutOfMemory exceptions. Here the culprit is a single {{winstone.WebAppConfiguration}} instance holding a lot of {{winstone.WinStoneSession}} instances each holding an Acegi {{RememberMeAuthenticationToken}} instance with 36k data from the authenticated users AD record.

          It seems that Hudson isn't setting Winstones session timeout. Without specifying a session timeout {{winstone.WebAppConfiguration.makeNewSession()}} is using a session timeout of -1.
          StevenTheAmusing made changes -
          Attachment New: VisualVM 1.2.2 4192010 12616 PM.jpg [ 19349 ]
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Andrew Bayer made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]
          kutzi made changes -
          Link New: This issue is related to JENKINS-4512 [ JENKINS-4512 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 135203 ] New: JNJira + In-Review [ 203329 ]

            Unassigned Unassigned
            tjuerge tjuerge
            Votes:
            5 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: