RSA Access Manger SQL connection leak when deleting users in a batch.
RSA Access Manager eserver.out standard output log in DDEBUG mode shows the following error:
09:32:49:683 [*] [APIClientProxy-0] - Thread requesting stream.
sirrus.da.exception.DataStoreException
at sirrus.da.util.ConnectionManager.getConnectionObject(ConnectionManager.java:759)
at sirrus.da.util.ConnectionManager.getConnectionObject(ConnectionManager.java:655)
at sirrus.da.sql.util.SQLConnectionManager.getConnection(SQLConnectionManager.java:89)
at sirrus.da.sql.util.SQLConnectionImpl.<init>(SQLConnectionImpl.java:112)
at sirrus.da.sql.admin.factory.SQLFactory.getSQLConnection(SQLFactory.java:152)
at sirrus.da.sql.admin.SQLUser.removeFromStore(SQLUser.java:653)
at sirrus.da.sql.admin.SQLUser.delete(SQLUser.java:627)
at sirrus.api.command.write.DeleteEntityCmd.execute(DeleteEntityCmd.java:113)
at sirrus.api.command.APICmdStrategy.executeCmd(APICmdStrategy.java:221)
at sirrus.api.command.APICmdStrategy.executeOn(APICmdStrategy.java:101)
at sirrus.util.strategy.StrategyManager.executeStrategyFor(StrategyManager.java:141)
at sirrus.api.server.APIClientProxy.executeCmd(APIClientProxy.java:1005)
at sirrus.api.server.APIClientProxy.run(APIClientProxy.java:742)
09:32:49:684 [*] [APIClientProxy-0] - Error during APICommand Execution. Return Code: 5; Msg: null
09:32:49:684 [*] [APIClientProxy-0] - Return code is 5 msg is Transport error (RC_TRANSPORT_ERROR): null
This error occurs when cleartrust.eserver.log.verbose: true, and an attempt is made to delete a large number of users. The SQL query that looks up the information for verbose logging fails to close the result set immediately which may result in a large number of open SQL connections when doing large delete runs.
This issue has been fixed in hotfix 6.1.4.18 for RSA Access Manager 6.1.4 (SP4). Contact RSA Customer Support and request this hotfix or the latest cumulative hotfix for your version.
