PQ62260: OUT OF MEMORY CONDITION WHEN WEBSPHERE APPLICATION SERVER R4.0.3IS UNDER HEAVY LOAD WITH SECURITY ENABLED

APAR status
Closed as program error.

Error description
Customer using a CustomRegistry and running a load test with 10
stress clients that do the following:
- authenticate using a Trust Association & the custom registry
- fetch a single JSP page
- pause 10 seconds
- leave the site. NO LOGOUT
- repeat
The clients use userids out of a possible population of about
10,000 userids. Thus, over a reasonable period of time, the
Application Server will see 10,000 unique userids.
The admin server, over a long period of time, logs out of memory
errors.  In this case, it took 4 hours.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 have enabled security using LTPA             *
*                 authentication.                              *
****************************************************************
* PROBLEM DESCRIPTION: Slow performance and high CPU usage     *
*                      during security cache cleaning cycles   *
*                      and possible OutOfMemoryExceptions.     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Slow performance and high CPU usage during security cache
cleaning cycles and possible OutOfMemoryExceptions.  These
issues are seen on servers with a large number of different
users (12000 on the reported system) accessing the system
within the security cache timeout period.  The performance
problem was a result of the cache cleaning algorithm which
evaluated each cache entry as to whether or not it needed to
remain in the cache.  The out of memory condition was a
result of the algorithms failure to remove cache entries.
Problem conclusion
The cache cleaning algorithm was changed to evaluate all cache
entries inserted into the cache within a similar time period
(one half the security cache timeout) at the same time.  The
new algorithm guarantees that the vast majority of entries
will stay in the cache for the minimum of the security cache
time out.  There is now the potential for a small number of
cache entries to be flushed from the cache early or for a
cache miss to occur when there should have been a hit.  This
is negligible in comparison to the amount of time saved in
cache cleaning, however.
Temporary fix Comments
APAR information
APAR number PQ62260
Reported component name WEBSPHERE AE SO
Reported component ID 5630A2202
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-06-13
Closed date 2002-06-28
Last modified date 2003-04-30

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PQ38019

Modules/Macros
SECURITY          

Fix information
Fixed component name WEBSPHERE AE SO
Fixed component ID 5630A2202

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ62260
IBM Group: Software Group
Modified date: Apr 30, 2003