Ricardo Martin Camarero created WFLY-12968: ---------------------------------------------- Summary: SecurityDomainContextRealm is not caching passwords correctly Key: WFLY-12968 URL: https://issues.redhat.com/browse/WFLY-12968 Project: WildFly Issue Type: Bug Components: Security Affects Versions: 18.0.1.Final Reporter: Ricardo Martin Camarero Assignee: Ricardo Martin Camarero The [SecurityDomainContextRealm|https://github.com/wildfly/wildfly/blob/18.0.1...] realm used in elytron mixed scenarios is not taken advantage of the cache if the underlying security-domain is configured with default cache ({{cache-type="default"}}). The problem is similar to what is commented in the [JAASIdentityManagerImpl|https://github.com/wildfly/wildfly/blob/18.0.1.Fi...], the evidence reset the password and then the cache is useless. The solution can also be cloning the password char[] before, this way the cache is OK and the array can be compared correctly. -- This message was sent by Atlassian Jira (v7.13.8#713008)