Fix memory leak caused by chaining metadata provider incorrectly keeping references to old metadata (and thus not allowing it to be garbage collected)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2779
ab3bd59b-922f-494d-bb5f-
6f0a3c29deca
Bug Tracker:
https://bugs.internet2.edu/jira
-
-Known Issues
-====================
-There is an issue that is causing old metadata to be kept in memory (i.e. a memory leak). This is being
-looked in to, but while present, no site has yet reported this to be a cause of an error (i.e out of
-memory exceptions). Therefore, given the need to release a fix in order to address the security
-vulnerability found in 2.0.0 it was decided to make this release even with this known bug. Sites can
-mitigate this by using Entity Role White List metadata filter to ensure that at least the IdP isn't caching
-information (IdP entity descriptors) that it doesn't need. And, while less than optimal, this can be
-addressed by periodic restarts of the IdP.
-
-
Upgrading
====================
<!--
<MetadataProvider id="URLMD" xsi:type="FileBackedHTTPMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
metadataURL="http://example.org/metadata.xml"
- backingFile="/tmp/idp-metadata.xml">
+ backingFile="$IDP_HOME$/metadata/some-metadata.xml">
<MetadataFilter xsi:type="ChainingFilter" xmlns="urn:mace:shibboleth:2.0:metadata">
<MetadataFilter xsi:type="SignatureValidation" xmlns="urn:mace:shibboleth:2.0:metadata"
trustEngineRef="shibboleth.MetadataTrustEngine"
children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "ErrorHandler"));
log.debug("{} error handler definitions found", children.size());
- SpringConfigurationUtils.parseCustomElement(children.get(0), context);
+ SpringConfigurationUtils.parseInnerCustomElement(children.get(0), context);
children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "ProfileHandler"));
log.debug("{} profile handler definitions found", children.size());
- SpringConfigurationUtils.parseCustomElements(children, context);
+ SpringConfigurationUtils.parseInnerCustomElements(children, context);
children = configChildren.get(new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "LoginHandler"));
log.debug("{} login handler definitions found", children.size());
- SpringConfigurationUtils.parseCustomElements(children, context);
+ SpringConfigurationUtils.parseInnerCustomElements(children, context);
return null;
}