-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.5.2, 1.6.2, 1.7.2, 1.8.0
-
Component/s: LNI (Obsolete)
-
Labels:None
-
Attachments:
-
Comments:2
-
Documentation Status:Needed
When using basic authentication, the DAVServlet leaks a connection each time a session is authenticated.
The authenticate method constructs a Context (which in turn allocates a DB connection), but the Context is not closed or returned from the method in the case where a "WWW-Authenticate" header is sent back.
Also, if an error occurs in the processing of the authentication, the context is also not closed.
I have attached patches for versions 1.5.2, 1.6.2, 1.7.2 and 1.8.0.