Opened bucket with right password ignores wrong password if used again

I could see that if we open a bucket with right password once using :
openBucket(bucketName, password, timeout, TimeUnit.SECONDS);
Then again if I pass the SAME bucket name but a wrong password, I could still see that its opening the bucket.
It should fail with wrong password. isn’t it ?
Am I missing something here ?

Did you close the Bucket before reopening it? In one of the 2.2.x versions of the SDK, a cache was added to the Cluster so that subsequent calls to openBucket("name") would return the same instance rather than a new one, as long as the originally opened Bucket was not closed.

Yes, I could figure out that. Client SDK is 2.1.5, and I had to implement the same in my layer on top of it, to reject any call which has wrong password. But this approach is wrong, the whole meaning of bucket with password is lost.