From 41f418c11df9bb13256f947b2b5add4988c5e125 Mon Sep 17 00:00:00 2001 From: markt Date: Mon, 23 Aug 2010 20:35:03 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49669 Another Java class triggering a memory leak. This time javax.security.auth.Policy git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@988296 13f79535-47bb-0310-9956-ffa450edef68 --- .../core/JreMemoryLeakPreventionListener.java | 28 ++++++++++++++++++++++ webapps/docs/config/listeners.xml | 10 ++++++++ 2 files changed, 38 insertions(+) diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java index e3619cded..79a7f410b 100644 --- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java +++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java @@ -23,6 +23,7 @@ import java.lang.reflect.Method; import java.net.MalformedURLException; import java.net.URL; import java.net.URLConnection; +import java.security.Policy; import javax.imageio.ImageIO; import javax.xml.parsers.DocumentBuilderFactory; @@ -93,6 +94,20 @@ public class JreMemoryLeakPreventionListener implements LifecycleListener { this.keepAliveProtection = keepAliveProtection; } + /** + * Protect against the memory leak caused when the first call to + * javax.security.auth.Policy is triggered by a web + * application. This first call populate a static variable with a reference + * to the context class loader. Defaults to true. + */ + private boolean securityPolicyProtection = true; + public boolean iSsecurityPolicyProtection() { + return securityPolicyProtection; + } + public void setSecurityPolicyProtection(boolean securityPolicyProtection) { + this.securityPolicyProtection = securityPolicyProtection; + } + /** * Protect against the memory leak, when the initialization of the * Java Cryptography Architecture is triggered by initializing @@ -212,6 +227,19 @@ public class JreMemoryLeakPreventionListener implements LifecycleListener { } /* + * Calling getPolicy retains a static reference to the context class + * loader. + */ + if (securityPolicyProtection) { + try { + Policy.getPolicy(); + } catch(SecurityException e) { + // Ignore. Don't need call to getPolicy() to be successful, + // just need to trigger static initializer. + } + } + + /* * Creating a MessageDigest during web application startup * initializes the Java Cryptography Architecture. Under certain * conditions this starts a Token poller thread with TCCL equal diff --git a/webapps/docs/config/listeners.xml b/webapps/docs/config/listeners.xml index c15c03f98..289091946 100644 --- a/webapps/docs/config/listeners.xml +++ b/webapps/docs/config/listeners.xml @@ -270,6 +270,16 @@ service:jmx:rmi://<hostname>:10002/jndi/rmi://<hostname>:10001/jmxrm trigger a memory leak on reload. Defaults to true.

+ +

Enables protection so that usage of + javax.security.auth.Policy by a web application does not + result in a memory leak. The first access of this class will trigger the + static initializer that will retain a static reference to the context + class loader. The protection calls the getPolicy() method + of this class to ensure that the static initializer is not triggered by + a web application. Defaults to true.

+ +

Enables protection so that any token poller thread initialized by sun.security.pkcs11.SunPKCS11.initToken() does not -- 2.11.0