Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1622

Remote Session validation can lead to heap accumulation

    XMLWordPrintable

    Details

    • Rank:
      1|hzngif:
    • Sprint 3

      Description

      When one OpenAM server creates and validates a SSOToken where the session resides on another server, the underlying Session object is held in the cache. When the cache ttl (3 mins) expires then the OpenAM server will go back to the session owning server. The cached Session object will then be updated based on the response from the remote server.

      The cached Session object will reside in memory until the maximum session time is reached. If the maximum session time is set very long (months) then the number of Session objects on the heap can rise very high

        Attachments

          Issue Links

            Activity

              People

              Mark Mark Craig
              steve Steve Ferris
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: