Fix bug introduced with previous fix

Fix memory leak caused by chaining metadata provider incorrectly keeping references to old metadata (and thus not allowing it to be garbage collected)

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2779 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/doc/README.txt b/doc/README.txt
index ecd43e5..5a232bb 100644 (file)
--- a/doc/README.txt
+++ b/doc/README.txt
@@ -18,18 +18,6 @@ http://shibboleth.internet2.edu/downloads
 Bug Tracker:
 https://bugs.internet2.edu/jira
 
-
-Known Issues
-====================
-There is an issue that is causing old metadata to be kept in memory (i.e. a memory leak).  This is being 
-looked in to, but while present, no site has yet reported this to be a cause of an error (i.e out of 
-memory exceptions).  Therefore, given the need to release a fix in order to address the security
-vulnerability found in 2.0.0 it was decided to make this release even with this known bug.  Sites can 
-mitigate this by using Entity Role White List metadata filter to ensure that at least the IdP isn't caching 
-information (IdP entity descriptors) that it doesn't need.  And, while less than optimal, this can be 
-addressed by periodic restarts of the IdP.
-
-
 Upgrading 
 ====================
 

diff --git a/src/installer/resources/conf-tmpl/relying-party.xml b/src/installer/resources/conf-tmpl/relying-party.xml
index 565bacf..9203865 100644 (file)
--- a/src/installer/resources/conf-tmpl/relying-party.xml
+++ b/src/installer/resources/conf-tmpl/relying-party.xml
@@ -96,7 +96,7 @@
         <!--
         <MetadataProvider id="URLMD" xsi:type="FileBackedHTTPMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata" 
                           metadataURL="http://example.org/metadata.xml"
-                          backingFile="/tmp/idp-metadata.xml">
+                          backingFile="$IDP_HOME$/metadata/some-metadata.xml">
             <MetadataFilter xsi:type="ChainingFilter" xmlns="urn:mace:shibboleth:2.0:metadata">
                 <MetadataFilter xsi:type="SignatureValidation" xmlns="urn:mace:shibboleth:2.0:metadata"
                                 trustEngineRef="shibboleth.MetadataTrustEngine"

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/ProfileHandlerGroupBeanDefinitionParser.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/ProfileHandlerGroupBeanDefinitionParser.java
index 605b540..8bf74e2 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/ProfileHandlerGroupBeanDefinitionParser.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/ProfileHandlerGroupBeanDefinitionParser.java
@@ -47,15 +47,15 @@ public class ProfileHandlerGroupBeanDefinitionParser implements BeanDefinitionPa
 
         children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "ErrorHandler"));
         log.debug("{} error handler definitions found", children.size());
-        SpringConfigurationUtils.parseCustomElement(children.get(0), context);
+        SpringConfigurationUtils.parseInnerCustomElement(children.get(0), context);
 
         children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "ProfileHandler"));
         log.debug("{} profile handler definitions found", children.size());
-        SpringConfigurationUtils.parseCustomElements(children, context);
+        SpringConfigurationUtils.parseInnerCustomElements(children, context);
 
         children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "LoginHandler"));
         log.debug("{} login handler definitions found", children.size());
-        SpringConfigurationUtils.parseCustomElements(children, context);
+        SpringConfigurationUtils.parseInnerCustomElements(children, context);
 
         return null;
     }