[
https://issues.apache.org/jira/browse/SLING-7591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16441265#comment-16441265
]
Csaba Varga commented on SLING-7591:
------------------------------------
I'll try to create a pull request with a unit test demonstration and a proposed
fix. This is my first time working on this code base, so I'm not sure when I
can complete it.
> Session leak when a ResourceResolver is created from a Session then gets
> cloned
> -------------------------------------------------------------------------------
>
> Key: SLING-7591
> URL: https://issues.apache.org/jira/browse/SLING-7591
> Project: Sling
> Issue Type: Bug
> Components: JCR, ResourceResolver
> Affects Versions: JCR Resource 3.0.8
> Reporter: Csaba Varga
> Priority: Major
>
> The following steps will cause a new JCR session to be opened then leaked:
> # Create a ResourceResolver out of an existing JCR session (usingĀ
> AUTHENTICATION_INFO_SESSION)
> # Call clone() on the ResourceResolver created in step 1, passing theĀ
> ResourceResolverFactory.USER_IMPERSONATION key with a username to impersonate
> # Close the ResourceResolver created in step 2.
> The expected behavior is that since step 2 opened a new JCR Session in the
> background, step 3 should close it. The actual behavior is that the JCR
> session stays open without an obvious way to close it, and these leaked
> sessions can pile up if this sequence is executed often.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
