Elytron caching-realm backed by ldap-realm should evict or update the cache when a related role changes in LDAP --------------------------------------------------------------------------------------------------------------- Key: ELY-1087 URL: https://issues.jboss.org/browse/ELY-1087 Project: WildFly Elytron Issue Type: Bug Components: Realms Affects Versions: 1.1.0.Beta37 Environment: LDAP: ApacheDS Reporter: Jan Kalina Assignee: Jan Kalina Priority: Blocker Labels: caching, eap71_beta, ldap, ldap-realm, security-realm Elytron {{caching-realm}} backed by {{ldap-realm}} does not evict or update a cached identity when a role related to the identity is changed in LDAP, see steps to reproduce. This is against the following hard requirement of EAP7-542: _"Ability to listen for events fired by a modifiable realm in order to evict or update the cache accordingly."_ The ability is available but not used in this case. Hence the priority is set to {{Blocker}}. The issue blocks the RFE to be verified. The issue does not block test development for the RFE. The issue has been revealed by fixing JBEAP-8679. The eviction/updating works when user password is changed in LDAP.