ijuma commented on a change in pull request #9517: URL: https://github.com/apache/kafka/pull/9517#discussion_r539415671
########## File path: clients/src/main/java/org/apache/kafka/common/security/authenticator/SaslClientAuthenticator.java ########## @@ -612,6 +612,9 @@ private void handleSaslHandshakeResponse(SaslHandshakeResponse response) { */ public static String firstPrincipal(Subject subject) { Set<Principal> principals = subject.getPrincipals(); + // getPrincipals() returns a SynchronizedSet and iteration over SynchronizedSet is not thread safe. + // Hence, we have to add synchronization on local variable "principals". + // see https://github.com/apache/kafka/pull/3208#discussion_r120130706 for discussion. Review comment: Instead of referencing an older discussion, I would make sure the comment is self contained. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org