org.wildfly.security.auth.client.AuthenticationContext includes method AuthenticationContext with(AuthenticationContext other) which creates new AuthenticationContext which includes rules and configuration and SSL context of given AuthenticationContext other.
However, in case when with method is used with index and another AuthenticationContext, then it includes only rules and configuration (SSL context is not used). There is also method withSsl which includes rules and SSL context, but no configuration.
I see three problems here:
- there is different behavior between with(AuthenticationContext other) and with(int idx, AuthenticationContext other) - first includes also SSL context
- javadoc for with(AuthenticationContext other) does not describe that SSL context from given AuthenticationContext other is also used.
- there is not able to include both configuration and SSL context into any AuthenticationContext on some position based on index
I report this as critical because it is part of public API - it should stay backward compatible once it will be released.