LOG.debug(ex.getMessage(), ex);
}
}
// Get a TGT from the KDC using JAAS
LoginContext loginContext = null;
try {
if (callbackHandler != null) {
loginContext = new LoginContext(getContextName(), callbackHandler);
} else if (data.getCallbackHandler() != null) {
loginContext = new LoginContext(getContextName(), data.getCallbackHandler());
} else {
loginContext = new LoginContext(getContextName());
}
loginContext.login();
} catch (LoginException ex) {
if (LOG.isDebugEnabled()) {
LOG.debug(ex.getMessage(), ex);
}
throw new WSSecurityException(
WSSecurityException.ErrorCode.FAILURE,
"kerberosLoginError",
ex,
ex.getMessage());
}
if (LOG.isDebugEnabled()) {
LOG.debug("Successfully authenticated to the TGT");
}
byte[] token = binarySecurity.getToken();
// Get the service name to use - fall back on the principal
Subject subject = loginContext.getSubject();
String service = serviceName;
if (service == null) {
Set<Principal> principals = subject.getPrincipals();
if (principals.isEmpty()) {
throw new WSSecurityException(