service = principals.iterator().next().getName();
}
// Validate the ticket
KerberosServiceExceptionAction action = new KerberosServiceExceptionAction(token, service, isUsernameServiceNameForm());
KerberosServiceContext krbServiceCtx = null;
try {
krbServiceCtx = (KerberosServiceContext)Subject.doAs(subject, action);
} catch (PrivilegedActionException e) {
Throwable cause = e.getCause();
if (cause instanceof WSSecurityException) {
throw (WSSecurityException) cause;
} else {
throw new WSSecurityException(
WSSecurityException.FAILURE, "kerberosTicketValidationError", new Object[] {}, cause
);
}
}
credential.setPrincipal(krbServiceCtx.getPrincipal());
if (credential.getPrincipal() == null) {
throw new WSSecurityException(
WSSecurityException.FAILURE, "kerberosTicketValidationError"
);
}
// Check to see if the session key is available in KerberosServiceContext
log.debug("Trying to obtain the Session Key from the KerberosServiceContext.");
Key sessionKey = krbServiceCtx.getSessionKey();
if (null != sessionKey) {
log.debug("Found session key in the KerberosServiceContext.");
credential.setSecretKey(sessionKey.getEncoded());
} else {
log.debug("Session key is not found in the KerberosServiceContext.");