[jboss-jira] [JBoss JIRA] (WFLY-12968) SecurityDomainContextRealm is not caching passwords correctly

[Ricardo Martin Camarero (Jira)]

Ricardo Martin Camarero created WFLY-12968:
----------------------------------------------

             Summary: SecurityDomainContextRealm is not caching passwords correctly
                 Key: WFLY-12968
                 URL: https://issues.redhat.com/browse/WFLY-12968
             Project: WildFly
          Issue Type: Bug
          Components: Security
    Affects Versions: 18.0.1.Final
            Reporter: Ricardo Martin Camarero
            Assignee: Ricardo Martin Camarero


The [SecurityDomainContextRealm|https://github.com/wildfly/wildfly/blob/18.0.1.Final/security/subsystem/src/main/java/org/jboss/as/security/elytron/SecurityDomainContextRealm.java#L172] realm used in elytron mixed scenarios is not taken advantage of the cache if the underlying security-domain is configured with default cache ({{cache-type="default"}}). The problem is similar to what is commented in the [JAASIdentityManagerImpl|https://github.com/wildfly/wildfly/blob/18.0.1.Final/undertow/src/main/java/org/wildfly/extension/undertow/security/JAASIdentityManagerImpl.java#L92], the evidence reset the password and then the cache is useless. The solution can also be cloning the password char[] before, this way the cache is OK and the array can be compared correctly.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)