I filed this ticket last week:
Currently, the Java client ignores auth failures which is extremely problematic
for the deployment I am preparing. I have written a patch to correct the
problem by adding an AuthFailed KeeperState and checking the auth responses for
the AUTHFAILED error code (patch is now attached to the ticket). I checked the
flow vs the c client and it seems to basically match. Is there anything I
should be aware of beyond this simple fix? All the testing I've done seems fine.