[2.x] Avoid ConcurrentModificationException for User class fields

[shikharj05]

Description

[Describe what this change achieves]

• Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation) Bug fix
• Why these changes are required?
  Fix Once in a while receiving Unexpected exception java.util.ConcurrentModificationException when using REST API #4441
• What is the old behavior before changes and new behavior after changes?
  Previously, since the fields were Collections.synchronizedSet() /Collections.synchronizedMap() - explicit synchronization is required (see [BUG] java.util.ConcurrentModificationException in org.opensearch.security.securityconf.ConfigModelV7$RoleMappingHolder.map #4642 (comment))

By switching to CopyOnWriteArraySet and ConcurrentHashMap, we get lock-free reads, safe iteration without explicit synchronization.

However, CopyOnWriteArraySet can lead to memory overhead - should be minimal as updates/writes are expected to be lower compared to reads.

Issues Resolved

[List any issues this PR will resolve]
#4441

Is this a backport? If so, please add backport PR # and/or commits #, and remove backport-failed label from the original PR.

Do these changes introduce new permission(s) to be displayed in the static dropdown on the front-end? If so, please open a draft PR in the security dashboards plugin and link the draft PR here

Testing

[Please provide details of testing done: unit testing, integration testing and manual testing]

tested locally.

Check List

• New functionality includes testing
• [NA] New functionality has been documented
• [NA] New Roles/Permissions have a corresponding security dashboards plugin PR
• [NA] API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.11%. Comparing base (f088dd4) to head (7980c01).
Report is 3 commits behind head on 2.x.

Additional details and impacted files

@@            Coverage Diff             @@
##              2.x    #5084      +/-   ##
==========================================
- Coverage   68.14%   68.11%   -0.03%     
==========================================
  Files         347      347              
  Lines       24552    24555       +3     
  Branches     4070     4070              
==========================================
- Hits        16731    16726       -5     
- Misses       5898     5903       +5     
- Partials     1923     1926       +3     

Files with missing lines	Coverage Δ
...pensearch/security/securityconf/ConfigModelV7.java	68.10% <100.00%> (+0.18%)	⬆️

... and 6 files with indirect coverage changes