Hi, I'm currently having memory problems with a stateless web service running in Geronimo 2.2.1. The problem is that after running for a while the server starts consuming more and more memory, some kind of leak or accumulation of unwanted objects occur. After analyzing the heap dumps in mat I can clearly see that the accumulation happens inside the org.apache.geronimo.security.ContextManagers's subjectContexts IdentityHashMap. The login happens via http basic and a custom LoginModule looking up users in the database. The login module is based on the GenericSecurityRealm and SQLLoginModule. The service is a standard web servlet running on jetty. The service is called typically many hundred times a second by the client with stand http basic auth urls, so there is actually no need for sessions at all. It seems like when users log on to the service the credentials/siubject gets stuck in the subjectContexts hashmap even though the session timeout is set for 1 sec in the web.xml file.
I've disabled session cookies by using information found here: http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_cookies_in_jetty/ I assume this is some kind of misconfiguration on our side and not the stand. behavior with Geronimo, anyone who can help us point out the direction for solving this would be greatly appreciated. Regards, Netroms Nacoma
