Github user bbende commented on the issue: https://github.com/apache/nifi-registry/pull/29 @kevdoran I looked into the issue with the app not shutting down cleanly... taking a thread dump showed: ``` " (ldap-user-group-provider) - background sync thread" #28 prio=5 os_prio=31 tid=0x00007f86f06f2000 nid=0x140b waiting on condition [0x0000700002cf5000] java.lang.Thread.State: TIMED_WAITING (parking) at sun.misc.Unsafe.park(Native Method) - parking to wait for <0x00000007a1560750> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject) at java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215) at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078) at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093) at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809) at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1074) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) ``` Digging in further, I realized we don't have a concept of shutting down extensions, even though the authorizer, user/group provider, and policy providers do have a preDestruction method which would have shutdown that thread if we called it. Tested a change where I made AuthorizerFactory extend DisposableBean and added: ``` @Override public void destroy() throws Exception { if (authorizers != null) { authorizers.entrySet().stream().forEach(e -> e.getValue().preDestruction()); } if (accessPolicyProviders != null) { accessPolicyProviders.entrySet().stream().forEach(e -> e.getValue().preDestruction()); } if (userGroupProviders != null) { userGroupProviders.entrySet().stream().forEach(e -> e.getValue().preDestruction()); } } ``` This appears to work, so if you can add that for AuthorizerFactory and LoginIdentityProviderFactory then we should be good for that one.
---