I have started looking into this, but I would be suprised if the SimplePrincipal which is being looked for in the cache by JBossCachedAuthenticationManager, isn't found because it's a new instance. I would expect the SimplePrincipal to have a proper equals() implementation and from my initial look, it does.