A relatively harmless looking commit which adds logging to the AggregateRealm changes the way the aggregaterealm is operating, which causes to fail login in some cases in our application

https://github.com/wildfly-security/wildfly-elytron/commit/11765aff2d546770bd57ec495493961248501334

This causes the authorization step to be called too early in the process where not all data might be available. 

For example when using the JdbcSecurityRealm as an authorization provider, the authorization (fetching of roles) is done before any authentication is done. Due to new call to exists() the jdbsecuritycrealm tries to fetch the roles and then caches the result/identity due to the "loaded" flag. At this point the roles might not be populated or outdated since the authentication did not yet happen. So when the the authentication is finally done and the real authorization is about to happen, an outdated result is used since the jdbcsecurityrealm then does just return the cached results

This causes issues if the data for the authorization realm is not available before/changes during the authentication step.

In our app we have a custom authentication realm which populates/updates the roles in a database when a user logs in and is verified. We then use the jdbsecurityrealm to fetch the roles for authorization. Currently due to the early "exists" call we get outdated/empty results

Our aggregate-realm configuration looks like this:
 

<aggregate-realm name="contentlogin-aggregate-sync-realm" authentication-realm="contentlogin-sync-realm" authorization-realm="contentlogin-jdbc-authorization-realm"/> 
<custom-realm name="contentlogin-sync-realm" module="some.custom.module" class-name="some.custom.module.SyncRealm"/>
<jdbc-realm name="contentlogin-jdbc-authorization-realm">
    <principal-query sql="select role from userroles where username= ?" data-source="ContentDS">
       <attribute-mapping>
          <attribute to="roles" index="1"/>
       </attribute-mapping>
    </principal-query>
</jdbc-realm>