Description of problem: JBossWeb memory leak when using SSL + Java security manager How reproducible: Could not reproduce
Tomcat fix: https://issues.apache.org/bugzilla/show_bug.cgi?id=47744
Fix committed here: https://svn.jboss.org/repos/jbossweb/branches/7.3.x https://svn.jboss.org/repos/jbossweb/branches/7.4.x
r2298 and r2297.
This change got in EAP 6.2.1+ and introduced bz1103018
From the comments this seems done, setting to ON_QA with a made up milestone of ER6 (although from the dates it seems like it should have made it in a long time before)
Verified in 6.3.0.ER8. Please note that the BZ was switched to ON_QA after ER8. Similarly to Derek, could not reproduce, yet the heap dumps after using the reproducer from [1] show only a few SSLSession instances held from session after 250000 calls, all referred from WeakHashMap. It was also verified that the code from the Tomcat fix [1] and bz 1103018 (comment 4) are applied. [1] https://issues.apache.org/bugzilla/show_bug.cgi?id=47744