git location: https://code.engineering.redhat.com/gerrit/gitweb?p=picketlink-picketlink-idm.git;a=shortlog;h=refs%2Fheads%2F1.4.1.Final-redhat-1-BZ1018683
Created attachment 812306 [details] picketlink-idm-cache-1.4.1.Final-redhat-1.jar
Created attachment 812307 [details] picketlink-idm-core-1.4.1.Final-redhat-1.jar
Created attachment 812308 [details] picketlink-idm-hibernate-1.4.1.Final-redhat-1.jar
Created attachment 812309 [details] picketlink-idm-ldap-1.4.1.Final-redhat-1.jar
Here is how I tested the patch: To install the patch, please copy the files in the place of the original ones: cp picketlink-idm-cache-1.4.1.Final-redhat-1.jar ./modules/org/gatein/lib/main/picketlink-idm-cache-1.4.1.Final-redhat-1.jar cp picketlink-idm-core-1.4.1.Final-redhat-1.jar ./modules/org/gatein/lib/main/picketlink-idm-core-1.4.1.Final-redhat-1.jar cp picketlink-idm-hibernate-1.4.1.Final-redhat-1.jar ./modules/org/gatein/lib/main/picketlink-idm-hibernate-1.4.1.Final-redhat-1.jar cp picketlink-idm-ldap-1.4.1.Final-redhat-1.jar ./modules/org/gatein/lib/main/picketlink-idm-ldap-1.4.1.Final-redhat-1.jar Here is how I verified the patch: - run JPP 6.0.0 without the patch, run a JConsole and connect to JBoss process, go to MBeans tab, find exo -> portal(the 2nd one from the top) -> PicketLinkIDMCacheService -> plidmcache -> Operations -> and now you can do printCaches, to see that root user is cached. When you invoke a invalidate with parameter: idm_realm_portal/USERS/root, and rerun printCaches, nothing happens. When you apply the patch, and run invalidate on this method, you will see that the user is properly invalidated.
I was able to reproduce the test suggested by Adam Kovari, so this patch fixes the issue. MD5 sums of the JAR files a5ea3eaee46a4b012b3556434102eb8d picketlink-idm-cache-1.4.1.Final-redhat-1.jar 7f2ad34fbe427cec563cf2c360e50351 picketlink-idm-core-1.4.1.Final-redhat-1.jar 41c27a700c6b73aa3a936758b95fdc08 picketlink-idm-hibernate-1.4.1.Final-redhat-1.jar a132c7519a02e09b7d2e38e67caf5087 picketlink-idm-ldap-1.4.1.Final-redhat-1.jar
https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=25503&product=jbportal&version=6.0.0&downloadType=patches