[jira] [Created] (RANGER-5115) Potential ConcurrentModificationException error during policy evaluation

Sat, 25 Jan 2025 16:57:43 -0800 

Madhan Neethiraj created RANGER-5115:
----------------------------------------

             Summary: Potential ConcurrentModificationException error during 
policy evaluation
                 Key: RANGER-5115
                 URL: https://issues.apache.org/jira/browse/RANGER-5115
             Project: Ranger
          Issue Type: Bug
          Components: plugins
    Affects Versions: 2.5.0
            Reporter: Madhan Neethiraj
            Assignee: Madhan Neethiraj


Initialization of
RangerAbstractPolicyItemEvaluator.withImpliedGrants should be synchronized to 
avoid ConcurrentModificationException while evaluating policies, as shown in 
the following stack trace:
 
{noformat}
java.util.ConcurrentModificationException
        at 
java.base/java.util.ArrayList$Itr.checkForComodification(ArrayList.java:1042)
        at java.base/java.util.ArrayList$Itr.next(ArrayList.java:996)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getAccess(RangerDefaultPolicyEvaluator.java:1213)
        at 
org.apache.ranger.plugin.policyevaluator.RangerAbstractPolicyItemEvaluator.computeWithImpliedGrants(RangerAbstractPolicyItemEvaluator.java:138)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyItemEvaluator.isMatch(RangerDefaultPolicyItemEvaluator.java:96)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1413)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItemForAccessPolicyForSpecificAccess(RangerDefaultPolicyEvaluator.java:1392)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1370)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluatePolicyItems(RangerDefaultPolicyEvaluator.java:860)
        at 
org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluate(RangerDefaultPolicyEvaluator.java:256)
        at 
org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesForOneAccessTypeNoAudit(RangerPolicyEngineImpl.java:778)
        at 
org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesNoAudit(RangerPolicyEngineImpl.java:704)
        at 
org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.zoneAwareAccessEvaluationWithNoAudit(RangerPolicyEngineImpl.java:628)
        at 
org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePolicies(RangerPolicyEngineImpl.java:136)
        at 
org.apache.ranger.plugin.service.RangerBasePlugin.isAccessAllowed(RangerBasePlugin.java:513)
{noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to