You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alex Rudyy (Jira)" <ji...@apache.org> on 2021/08/22 18:54:00 UTC
[jira] [Commented] (QPID-8554) [Broker-J] Infinite loop in
CachingSecurityToken class
[ https://issues.apache.org/jira/browse/QPID-8554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17402861#comment-17402861 ]
Alex Rudyy commented on QPID-8554:
----------------------------------
Hi [~lacam],
Could you please provide more details on conditions when the reported issue manifest?
IMHO, the loop should eventually ends after the updating the CACHE_UPDATE.
> [Broker-J] Infinite loop in CachingSecurityToken class
> ------------------------------------------------------
>
> Key: QPID-8554
> URL: https://issues.apache.org/jira/browse/QPID-8554
> Project: Qpid
> Issue Type: Bug
> Components: Broker-J
> Reporter: Marek Laca
> Priority: Minor
> Labels: Broker, Java, thread-safe
>
> The CachingSecurityToken class is caching the authorization results. It can be utilized by multiple threads at the same time. Hence, it has to be multi-thread safe. The CachingSecurityToken::authorise could get stuck in an infinite loop when multiple threads try to update the local cache simultaneously.
> Two threads can be in permanent conflict when each thread is trying to override changes of another thread.
> {code:java}
> AccessControlCache cache;
> while((cache = CACHE_UPDATE.get(this)).getAccessControl() != ruleBasedAccessControl)
> {
> CACHE_UPDATE.compareAndSet(this, cache, new AccessControlCache(ruleBasedAccessControl));
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org