From 4f565d2f49030146c650238a9e9d28e22f961a47 Mon Sep 17 00:00:00 2001
From: tanchen <tanchen@bytedance.com>
Date: Sat, 20 Jan 2024 21:45:57 +0800
Subject: [PATCH] Fix concurrent issue in doFilter method

---
 .../apereo/cas/client/session/SingleSignOutFilter.java   | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/cas-client-core/src/main/java/org/apereo/cas/client/session/SingleSignOutFilter.java b/cas-client-core/src/main/java/org/apereo/cas/client/session/SingleSignOutFilter.java
index dc5d47710..b3f7ee1f1 100644
--- a/cas-client-core/src/main/java/org/apereo/cas/client/session/SingleSignOutFilter.java
+++ b/cas-client-core/src/main/java/org/apereo/cas/client/session/SingleSignOutFilter.java
@@ -94,8 +94,13 @@ public void doFilter(final ServletRequest servletRequest, final ServletResponse
          * <p>Workaround for now for the fact that Spring Security will fail since it doesn't call {@link #init(javax.servlet.FilterConfig)}.</p>
          * <p>Ultimately we need to allow deployers to actually inject their fully-initialized {@link SingleSignOutHandler}.</p>
          */
-        if (!this.handlerInitialized.getAndSet(true)) {
-            HANDLER.init();
+        if (!this.handlerInitialized.get()) {
+            synchronized (this) {
+                if (!this.handlerInitialized.get()) {
+                    HANDLER.init();
+                    this.handlerInitialized.set(true);
+                }
+            }
         }
 
         if (HANDLER.process(request, response)) {