setAuth gets ignored in subsequent socket set-ups during the same session #426
Description
It is important to make clear that both dispose() and destroy() do NOT remove a host from the cache of known connections. This can cause attempted subsequent connections to ignore certain parts of your configuration if not handled correctly. You must handle this by using the options available in the OptionBuilder during the first creation of the instance.
FYI setAuth gets ignored too for subsequent socket set-ups.
I would not have expected the need for calling enableForceNew for an explicit param setting to be considered. If I'm explicitly setting setAuth it should be considered.
I'm working on a chat. I was handling the scenario in which a user who was connected to a chat logs out, and then a new user logs in. As I'm doing token authentication I disposed the old socket and created a new one. It took me hours to understand the new token I was passing to setAuth was being ignored. In this case the messages were being sent as the user that logged out initially, as it saved its token. This pattern is quite error prone and even could have security issues in case that token is kept around through different user sessions which seems to be the case.
What do you think?