First you'll need some background on the application. ASP.net application using .net framework 3.5. Security to the application is controlled with impersonation, using a role manager connecting to an azman store which uses Active Directory groups for security. As demoed in the following msdn link ...
50 or so users access the application throughout the day, eventually the application stops responding or users start to experience images not displaying etc and the application pool has to be recycled (typical symptoms of the server running out of memory). Looking at the application memory usage and available memory on the server this does not appear to be the issue, investigations so far have lead me to think this is to do with Security Token Handles.
I've used process explorer to monitor the asp.net application and handles for the application steadily increase with every page that is accessed and eventually hit 38,000 this is when the application dies. I've read various links saying that applications should use between 2,000-10,000 handles and any number near 40,000 makes the application unusable (this is the exact behaviour we are experiencing). Using process explorer and handle.exe from the windows sysinternals site I
View Complete Post