RFR: 8232853: AuthenticationFilter.Cache::remove may throw ConcurrentModificationException

Julia Boes julia.boes at oracle.com
Fri Nov 1 16:48:14 UTC 2019


Hi,

This fix addresses an issue in AuthenticationFilter.Cache::remove that 
can lead to a ConcurrentModificationException. The cache is implemented 
as LinkedList, the method iterates over the list and potentially removes 
items without using an iterator.

To reproduce the bug, multiple requests are sent asynchronously so that 
successful response headers might arrive concurrently and compete in 
updating the cache. This increases the chances to trigger the removal of 
a previously cached credential while storing the credentials of the next 
response. Under these circumstances, ConcurrentModificationException is 
thrown with very high frequency (if not always).

The proposed fix replaces LinkedList with CopyOnWriteArrayList to 
preclude the exception.

Bug: https://bugs.openjdk.java.net/browse/JDK-8232853

Webrev: 
http://cr.openjdk.java.net/~jboes/webrevs/8232853/webrev.01/index.html

The test fails reliably without the fix, and passes with it (jdk_net 
tests run 50 times).


Regards,

Julia




More information about the net-dev mailing list