Hi, I'm using the secure conversation sample to encrypt my webservice messages. I did some load tests of an axis2 service on versions 1.3 and 1.4.1 and recognized a gain in heap after some time. When analysing the heap dump I found about 4.500 entries in the org.apache.rahas.SimpleTokenStore. Basically for every request that has been sent to the service an entry is stored in the SimpleTokenStore (implementation of TokenStorage). I think about 99% of the tokens are in state EXPIRED but never cleaned up, why is that? After some thousands requests to the service it is only a matter of time until it runs in an java OutOfMemory Exception. I figured to somehow clean up the TokenStore manually but it seems there is no method to do so. Am I doing something wrong? Actually I found that in rampart 1.5 there is the possibility to use your own TokenStorage (rampart config "tokenStoreClass") but that would mean to update the application which I really want to avoid. Thanks for any help!
Brgds Jens
