I came across some occurances of Collections.synchronizedMap( new HashMap()) in Geronimo source code, and think it might be better to use ConcurrentHashMap instead, especially in the case of hot classes like ContextManager. I did a full search and found the below matches. If no objections I'll create a patch to replace them.
-Jack ./plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java: private Map<String, String> sessionMap = Collections.synchronizedMap(new HashMap<String, String>()); ./framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/EncryptionManager.java: private static final Map<String, Encryption> ENCRYPTORS = Collections.synchronizedMap(new HashMap<String, Encryption>()); ./framework/modules/geronimo-plugin/src/main/java/org/apache/geronimo/system/plugin/PluginInstallerGBean.java: asyncKeys = Collections.synchronizedMap(new HashMap<Object, DownloadResults>()); ./framework/modules/geronimo-plugin/src/main/java/org/apache/geronimo/system/plugin/PluginInstallerGBean.java: asyncKeys = Collections.synchronizedMap(new HashMap<Object, DownloadResults>()); ./framework/modules/geronimo-plugin/src/main/java/org/apache/geronimo/system/plugin/PluginInstallerGBean.java: asyncKeys = Collections.synchronizedMap(new HashMap<Object, DownloadResults>()); ./framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java: private Map<String, LoginContext> contextMap = Collections.synchronizedMap(new HashMap<String, LoginContext>()); ./framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java: private static Map<SubjectId, Subject> subjectIds = Collections.synchronizedMap(new HashMap<SubjectId, Subject>());
