[DS-1074] DB connection leak in DAVServlet - LYRASIS JIRA

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 1.5.2, 1.6.2, 1.7.2, 1.8.0
Fix Version/s: 1.8.1, 3.0
Component/s: LNI (Obsolete)
Labels:
None

Attachments:
4
Comments:
2
Documentation Status:
Needed

Description

When using basic authentication, the DAVServlet leaks a connection each time a session is authenticated.
The authenticate method constructs a Context (which in turn allocates a DB connection), but the Context is not closed or returned from the method in the case where a "WWW-Authenticate" header is sent back.

Also, if an error occurs in the processing of the authentication, the context is also not closed.

I have attached patches for versions 1.5.2, 1.6.2, 1.7.2 and 1.8.0.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

dspace-1.5.2_connection_fix.diff
7 kB
17/Nov/11 7:09 AM
dspace-1.6.2_connection_fix.diff
7 kB
17/Nov/11 7:09 AM
dspace-1.7.2_connection_fix.diff
7 kB
17/Nov/11 7:09 AM
dspace-1.8.0_connection_fix.diff
7 kB
17/Nov/11 7:09 AM

Activity

People

Assignee:: Robin Taylor

Reporter:: Bo Gundersen

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 17/Nov/11 7:09 AM

Updated:: 08/Jan/13 10:10 PM

Resolved:: 28/Nov/11 10:37 AM