Federated Identity Management Module 4.1
It was reported that there was a memory leak associated with FIMs use of log4j. This was caused by stranded references in hash table from improper use of NDC (Nested Diagnostic Classes) log4j class.
The org.apache.log4j.NDC logging.apache.org/log4j/1.2/apidocs/org/apache/log4j/NDC.html) class is holding references to a lot of dead threads in Hashtable. NDC uses the current thread as key in this hashtable and a Stack as value. Elements are only removed from this hashtable trough the public call remove()
NDC use can lead to memory leaks if you do not periodically call the NDC.remove() method. The current NDC implementation maintains a static hard link to the thread for which it is storing context. So, when the thread is released by its creator, the NDC maintains the link and the thread (and its related memory) is not released and garbage collected like one might expect. NDC.remove() fixes this by periodically checking the threads referenced by NDC and releasing the references of "dead" threads.
This problem has been resolved in hotfix 4.1.0.21 for FIM 4.1 Please contact RSA Customer Support and request this hotfix. These hotfixes are cumulative.
Related Articles
Enterprise Manager Log settings: EM.log - log4j.xml Number of Views The audit.log is not logging to the proper location defined in the log4j.xml Number of Views How to turn off log4j errors at Thor Xellerate server startup Number of Views Old connector Log4j files not removed in RSA Governance & Lifecycle Number of Views RSA-2024-08: RSA Governance and Lifecycle Critical Security Update for Unauthenticated JMX Agent and Older Version of Log4… Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Deploying RSA Authenticator 6.2.2 for Windows Using DISM RSA MFA Agent 2.4 for Microsoft Windows Installation and Administration Guide
