-
Notifications
You must be signed in to change notification settings - Fork 186
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle leak in WindowsAuthProviderImpl? #355
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm using waffle 1.8 with Tomcat 8 for Windows authentication in front of an OpenRDF Sesame 2.7.15 web app and found that every request that comes in leaks an OS Token handle (via using sysinternals handle.exe etc.). This is becoming a big problem on busy systems as the handle count goes in to the 100,000s over a week or so.
It looks like this could possibly come from the handle in the WindowsCredentialsHandleImpl initialized here into the serverCredential var. This is passed in, and held by, the WindowsSecurityContextImpl sc var, and this is disposed in every case, except when a successful negotiation completes, in which case it is returned to the caller here into the securityContext var.
It looks like the securityContext var needs to be disposed before returning from this method, perhaps in the finally block at the end.
The text was updated successfully, but these errors were encountered: