Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-1074

DB connection leak in DAVServlet

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.2, 1.6.2, 1.7.2, 1.8.0
    • Fix Version/s: 1.8.1, 3.0
    • Component/s: LNI (Obsolete)
    • Labels:
      None
    • Attachments:
      4
    • Comments:
      2
    • Documentation Status:
      Needed

      Description

      When using basic authentication, the DAVServlet leaks a connection each time a session is authenticated.
      The authenticate method constructs a Context (which in turn allocates a DB connection), but the Context is not closed or returned from the method in the case where a "WWW-Authenticate" header is sent back.

      Also, if an error occurs in the processing of the authentication, the context is also not closed.

      I have attached patches for versions 1.5.2, 1.6.2, 1.7.2 and 1.8.0.

        Attachments

        1. dspace-1.5.2_connection_fix.diff
          7 kB
          Bo Gundersen
        2. dspace-1.6.2_connection_fix.diff
          7 kB
          Bo Gundersen
        3. dspace-1.7.2_connection_fix.diff
          7 kB
          Bo Gundersen
        4. dspace-1.8.0_connection_fix.diff
          7 kB
          Bo Gundersen

          Activity

            People

            • Assignee:
              robintaylor Robin Taylor
              Reporter:
              bogundersen Bo Gundersen
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: