The trace level logging in the org.jboss.security.plugins.JaasSecurityManager does not give enough information with regard as to why cache validation fails. It needs to at least given an indication of credential type mismatch.