[
https://issues.apache.org/jira/browse/WSS-614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16143728#comment-16143728
]
Colm O hEigeartaigh commented on WSS-614:
-----------------------------------------
WSS4J has to add some security providers to work properly. There is no
automatic way of removing these providers hence the leak. If the application is
redeployed then the old providers will be removed before being re-installed. I
have added a convenience WSSConfig.cleanUp() method in the latest code that you
can call in your application code to cleanup the jce providers.
> org.apache.ws.security.transform.STRTransformProvider leak
> ----------------------------------------------------------
>
> Key: WSS-614
> URL: https://issues.apache.org/jira/browse/WSS-614
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.6.19, 2.0.10, 2.1.10
> Environment: Java 1.8.0_131
> JBoss EAP 6.4.1
> Reporter: Leandro Quiroga
> Assignee: Colm O hEigeartaigh
> Labels: leak
> Attachments: STRTransformProvider leak.jpg
>
>
> A memory leak occur when undeploying a web application that uses WSS4J.
> The org.apache.ws.security.transform.STRTransformProvider is appended to
> java.security.Security at initialization in
> org.apache.ws.security.WSSConfig.init() but never removed.
> I've tested in wss4j-1.6.17 but I think it is the same in 1.6.19, 2.0.10 and
> 2.1.10.
> I've attached a screenshot of Eclipse MAT showing the leak.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
