[
https://issues.apache.org/jira/browse/LOG4J2-3423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17500558#comment-17500558
]
Piotr P. Karwasz commented on LOG4J2-3423:
------------------------------------------
This seems like a bug in the {{{}JarURLConnection{}}}. What version of Java are
you using?
> JAR file containing Log4j configuration isn't closed
> ----------------------------------------------------
>
> Key: LOG4J2-3423
> URL: https://issues.apache.org/jira/browse/LOG4J2-3423
> Project: Log4j 2
> Issue Type: Bug
> Components: Core
> Affects Versions: 2.14.0
> Environment: Windows
> Reporter: Radim Tlusty
> Priority: Major
>
> If the Log4j configuration file is inside of a JAR file, then the JAR file
> (which is backed by the {{JarURLConnection}} retrieved from
> {{{}URL.openConnection{}}}) isn't closed.
> This causes problems on Tomcat running on Windows during undeploying of an
> application, because the opened JAR file can't be deleted.
> The problem was introduced during implementation of LOG4J2-2901 (version
> 2.14.0), where the {{URL.openStream}} was replaced by {{URL.openConnection}}
> in the class {{{}org.apache.logging.log4j.core.config.ConfigurationSource{}}}.
> The proposed solution (https://github.com/apache/logging-log4j2/pull/780) is
> to use the {{URL.openConnection}} only when needed (~ configuration URL has
> HTTPS protocol), otherwise similar code as in previous versions (<= 2.13.3)
> would be used.
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
