[
https://issues.apache.org/jira/browse/QPID-7082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Rudyy updated QPID-7082:
-----------------------------
Description:
The code within {code}SecurityManager.getSystemTaskControllerContext(String
taskName, Principal principal){code} creates a context which inherits from the
current thread AcessControllerContext. This current context may contain
references to the current user / connection / session. On queue creation an
instance of AcessControllerContext created with
}SecurityManager.getSystemTaskControllerContext is referenced from
Queue#_immediateDeliveryContext. If queue is created via messaging layer, the
existing AccessControlContext can hold references to ConnectionPrincipal and
SessionPrincipal and their connection and session object accordingly. As
result, Queue#_immediateDeliveryContext can refer ConnectionPrincipal and
SessionPrincipa preventing garbage collection of corresponding AMQPConnection
and AMQSessionModel objects for the duration of the queue life. With lots of
long lived queues that were created by lots of different connections the broker
memory consumption might grow in time and eventially Broker can run OOM if not
bounced.
The AccessContollerContext created by the method should not inherit and
context, and thus no references to users/connection/sessions etc. will be
retained.
was:
The code within {code}SecurityManager.getSystemTaskControllerContext(String
taskName, Principal principal){code} creates a context which inherits from the
current thread AcessControllerContext. This context may contain references to
the current user / connection / session.
One instance of this issue is the AccessControlContext referenced from
Queue#_immediateDeliveryContext. If queue is created via messaging layer, the
existing AccessControlContext can hold references to ConnectionPrincipal and
SessionPrincipal and their connection and session object accordingly. As
result, Queue#_immediateDeliveryContext can refer ConnectionPrincipal and
SessionPrincipa prebeting garbage collection of corresponding AMQPConnection
and AMQSessionModel objects for the duration of the queue life. With lots of
long lived queues that were created by lots of different connections the broker
memory consumption might grow in time and eventially Broker can run OOM if not
bounced.
The AccessContollerContext created by the method should not inherit and
context, and thus no references to users/connection/sessions etc. will be
retained.
> [Java Broker] Created AccessControllerContext for SystemTasks should not
> reference current context
> --------------------------------------------------------------------------------------------------
>
> Key: QPID-7082
> URL: https://issues.apache.org/jira/browse/QPID-7082
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: qpid-java-6.0, qpid-java-6.0.1
> Reporter: Alex Rudyy
>
> The code within {code}SecurityManager.getSystemTaskControllerContext(String
> taskName, Principal principal){code} creates a context which inherits from
> the current thread AcessControllerContext. This current context may contain
> references to the current user / connection / session. On queue creation an
> instance of AcessControllerContext created with
> }SecurityManager.getSystemTaskControllerContext is referenced from
> Queue#_immediateDeliveryContext. If queue is created via messaging layer, the
> existing AccessControlContext can hold references to ConnectionPrincipal and
> SessionPrincipal and their connection and session object accordingly. As
> result, Queue#_immediateDeliveryContext can refer ConnectionPrincipal and
> SessionPrincipa preventing garbage collection of corresponding AMQPConnection
> and AMQSessionModel objects for the duration of the queue life. With lots of
> long lived queues that were created by lots of different connections the
> broker memory consumption might grow in time and eventially Broker can run
> OOM if not bounced.
> The AccessContollerContext created by the method should not inherit and
> context, and thus no references to users/connection/sessions etc. will be
> retained.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
