ConcurrentModificationException in Spring Security call

Description

On one of our internal servers, Spring Security auth is throwing a ConcurrentModificationException during heavy load on the REST interface:

This is caused by our code modifying the authorities inside an OnmsUser object while that authority list is being used to auth to the REST interface. We need to copy the data completely before passing it to Spring Security so that no ConcurrentModificationException can be thrown.

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Seth Leger November 9, 2015 at 4:09 PM

Jesse fixed this when he refactored the OnmsUser so that it did not depend on the Spring Security API during development for 16.0.0. The SpringSecurityUser class assigns references to the collections directly instead of modifying a final collection. Marking as fixed.

commit 72440985303661274381f31757850e771d26bc5b