this.callbackHandler = callbackHandler;
}
private void getTGT() throws WSSecurityException {
try {
KerberosContextAndServiceNameCallback contextAndServiceNameCallback = new KerberosContextAndServiceNameCallback();
callbackHandler.handle(new Callback[]{contextAndServiceNameCallback});
if (contextAndServiceNameCallback.getContextName() == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "kerberosCallbackContextNameNotSupplied");
}
if (contextAndServiceNameCallback.getServiceName() == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "kerberosCallbackServiceNameNotSupplied");
}
LoginContext loginContext = new LoginContext(contextAndServiceNameCallback.getContextName(), callbackHandler);
loginContext.login();
Subject clientSubject = loginContext.getSubject();
Set<Principal> clientPrincipals = clientSubject.getPrincipals();
if (clientPrincipals.isEmpty()) {
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE,
"kerberosLoginError", "No Client principals found after login"
);
}
// Store the TGT
KerberosTicket tgt = getKerberosTicket(clientSubject, null);
// Get the service ticket
KerberosClientAction action =
new KerberosClientAction(
clientPrincipals.iterator().next(), contextAndServiceNameCallback.getServiceName()
);
byte[] ticket = Subject.doAs(clientSubject, action);
if (ticket == null) {
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE, "kerberosServiceTicketError"