[
https://issues.apache.org/jira/browse/OAK-7822?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16646413#comment-16646413
]
Alex Deparvu commented on OAK-7822:
-----------------------------------
The AbstractLoginModule only really needs the callbackHandler to reconstruct
the needed dependencies, anything else can be nullified (well except and
options and sharedState).
None of existing variables are actually for the logout call, so we could be
even more aggressive, but to be on the safe side I'll leave some state as is.
> More aggressive internal state cleanup of login modules
> -------------------------------------------------------
>
> Key: OAK-7822
> URL: https://issues.apache.org/jira/browse/OAK-7822
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security-spi
> Reporter: Alex Deparvu
> Assignee: Alex Deparvu
> Priority: Trivial
>
> Login modules seem to live until the current session is logged out so that
> they get the logout callback. This means some state will be kept around even
> if not used anymore, I've found some (more) cases/variables that could be set
> to null.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
