← Back to VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

V-241646

CAT II (Medium)

tc Server CaSa must be configured with memory leak protection.

Rule ID

SV-241646r879587_rule

STIG

VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000381

Discussion

The Java Runtime environment can cause a memory leak or lock files under certain conditions. Without memory leak protection, tc Server HORIZON can continue to consume system resources which will lead to OutOfMemoryErrors when re-loading web applications. Memory leaks occur when JRE code uses the context class loader to load a singleton as this will cause a memory leak if a web application class loader happens to be the context class loader at the time. The JreMemoryLeakPreventionListener class is designed to initialize these singletons when Tomcat's common class loader is the context class loader. Proper use of JRE memory leak protection will ensure that the hosted application does not consume system resources and cause an unstable environment.

Check Content

At the command prompt, execute the following command: 

grep JreMemoryLeakPreventionListener /usr/lib/vmware-casa/casa-webapp/conf/server.xml

If the JreMemoryLeakPreventionListener <Listener> node is not listed, this is a finding.

Fix Text

Navigate to and open /usr/lib/vmware-casa/casa-webapp/conf/server.xml.

Navigate to the <Server> node.

Add '<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>' to the <Server> node.