The static method Init.init() is synchronized and therefore protected against calling it by more than one thread at a time. It is also protected against accidentally calling it more than once. But it is not protected against an incomplete initialization: Imagine the two threads T1 and T2. Inside Init.init() the line "_alreadyInitialized = true;" is at the beginning of the method, when only some variables have been set, but the initialization process is not fully completed. If T1 successfully entered Init.init() but is suspended by the scheduler just after processing the line "_alreadyInitialized = true;" this will cause concurrency problems for T2. Because T1 already set "_alreadyInitialized" to "true", T2 can use the unsynchronized method Init.isInitialized() to check if an initialization is needed. Unfortunately T2 will get the result "true" and therefore skips the call to Init.init() and directly goes to check a signature via XMLSginature.checkSignatureValue(X509Certificate). Because of the incomplete initialization this will lead to some very strange exceptions. In our case the exception misses some entries of the ResourceBundle... To fix this issue, the line "_alreadyInitialized = true;" should be the last line of Init.init().
Fixed on trunk: Author: coheigea Date: Thu Nov 11 10:27:32 2010 New Revision: 1033870 URL: http://svn.apache.org/viewvc?rev=1033870&view=rev Log: [50248] - Concurrency problem on incomplete Init.init() calls. and on J_1_4_4 tag: Author: coheigea Date: Thu Nov 11 10:35:37 2010 New Revision: 1033875 URL: http://svn.apache.org/viewvc?rev=1033875&view=rev Log: [50248] - Concurrency problem on incomplete Init.init() calls. Colm.