Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
- regression_test_only

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

8.1.0.GA
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

The computeIfAbsent method is documented as throwing a ConcurrentModificationException if the mapping function modifies the underlying collection:

https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashMap.html#computeIfAbsent(K,java.util.function.Function)

However for the HashMap overall:

Note that this implementation is not synchronized. If multiple threads access a hash map concurrently, and at least one of the threads modifies the map structurally, it must be synchronized externally. (A structural modification is any operation that adds or deletes one or more mappings; merely changing the value associated with a key that an instance already contains is not a structural modification.) This is typically accomplished by synchronizing on some object that naturally encapsulates the map. If no such object exists, the map should be "wrapped" using the Collections.synchronizedMap method. This is best done at creation time, to prevent accidental unsynchronized access to the map:

Errors are reported like:

13:14:57,292 ERROR [io.undertow.request] (default task-3) UT005023: Exception handling request to /omsService/stack/stackrun/byNameAndStatus: java.util.ConcurrentModificationException
	at java.base/java.util.HashMap.computeIfAbsent(HashMap.java:1221)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.authz.Attributes$4.get(Attributes.java:658)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.authz.RoleDecoder.lambda$simple$1(RoleDecoder.java:70)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.auth.server.SecurityDomain.mapRoles(SecurityDomain.java:702)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.auth.server.SecurityIdentity.getRoles(SecurityIdentity.java:559)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.auth.server.SecurityDomain.mapPermissions(SecurityDomain.java:724)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.auth.server.SecurityIdentity.<init>(SecurityIdentity.java:98)
	at org.wildfly.security.elytron-private@1.15.23.Final-redhat-00001//org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:2053)

In this case the CachingSecurityRealm was in use increasing the chances of concurrent access.

duplicates

JBEAP-30379 [GSS](8.1.z) ELY-2917 - Concurrent access to read only Attributes results in ConcurrentModificationException

Verified

Assignee:: Ilia Vassilev

Reporter:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2025/08/08 6:55 PM

Updated:: 2025/08/09 5:55 PM

Resolved:: 2025/08/09 5:55 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide