There is a bug in JAAS that caused users group membership not dynamically loading at runtime. Specifically, when I used the org.apache.activemq.jaas.PropertiesLoginModule with reload=true, changes in user name and password were reflected in connections after the changes, but changes in group membership was not reloaded/picked up by new connections.
The configuration of my broker xml and users.properties, groups.properties, as well as the login.config files are attached.
The problem was repeatable always.
The cause of the problem was identified as the groups membership was cached and the cache was not cleared (reloaded) after the groups.properties file change.
The fix is to add one line of code in the org.apache.activemq.jaas.ReloadableProperties.java class.
The src code with the fix for org.apache.activemq.jaas.ReloadableProperties.java is attached in the ticket as well.
Please verify the fix and merge this one line of code change in org.apache.activemq.jaas.ReloadableProperties.java class in src branches for 5.13.0 as I tested the problem with 5.13.0 only. The fix should be carried forward and retroactively merged into previous versions as well.
There is no negative impact on software or any noticeable impact on server performance.