Bug ID 1022973: Sessiondb entries related to Oauth module not cleaned up in certain conditions

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,, 16.1.4,,,

Opened: Jun 03, 2021

Severity: 4-Minor


When an OAuth AS is configured with a refresh lifetime of '0', this implies that the refresh token lifetime is infinite. This leads to all sessiondb entries related to this refresh token (including associated access token entries in sessiondb) to have infinite lifetime.


User will see consistent and persistent increase in memory consumption by TMM, potentially leading to out-of-memory situation.


Refresh token lifetime is set to '0'.


Do not set refresh token lifetime to '0'.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips