sun.security.krb5.PrincipalName Java Examples

The following examples show how to use sun.security.krb5.PrincipalName. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: KeyTabIndex.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    KeyTab kt = KeyTab.create("ktab");
    // Two entries with very different length, so that it's easy to
    // observice the abnormal change of "index" field.
    kt.addEntry(new PrincipalName(
            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@A"),
            "x".toCharArray(), 1, true);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    Runnable t = new Runnable() {
        @Override
        public void run() {
            KeyTab.getInstance("ktab").getClass();
        }
    };
    for (int i=0; i<10; i++) {
        new Thread(t).start();
    }
}
 
Example #2
Source File: KeyTabIndex.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    KeyTab kt = KeyTab.create("ktab");
    // Two entries with very different length, so that it's easy to
    // observice the abnormal change of "index" field.
    kt.addEntry(new PrincipalName(
            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@A"),
            "x".toCharArray(), 1, true);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    Runnable t = new Runnable() {
        @Override
        public void run() {
            KeyTab.getInstance("ktab").getClass();
        }
    };
    for (int i=0; i<10; i++) {
        new Thread(t).start();
    }
}
 
Example #3
Source File: Krb5ProxyImpl.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
@Override
public String getPrincipalHostName(Principal principal) {
    if (principal == null) {
       return null;
    }
    String hostName = null;
    try {
        PrincipalName princName =
            new PrincipalName(principal.getName(),
                    PrincipalName.KRB_NT_SRV_HST);
        String[] nameParts = princName.getNameStrings();
        if (nameParts.length >= 2) {
            hostName = nameParts[1];
        }
    } catch (Exception e) {
        // ignore
    }
    return hostName;
}
 
Example #4
Source File: KeyTabIndex.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    KeyTab kt = KeyTab.create("ktab");
    // Two entries with very different length, so that it's easy to
    // observice the abnormal change of "index" field.
    kt.addEntry(new PrincipalName(
            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@A"),
            "x".toCharArray(), 1, true);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    Runnable t = new Runnable() {
        @Override
        public void run() {
            KeyTab.getInstance("ktab").getClass();
        }
    };
    for (int i=0; i<10; i++) {
        new Thread(t).start();
    }
}
 
Example #5
Source File: Krb5ProxyImpl.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
public String getPrincipalHostName(Principal principal) {
    if (principal == null) {
       return null;
    }
    String hostName = null;
    try {
        PrincipalName princName =
            new PrincipalName(principal.getName(),
                    PrincipalName.KRB_NT_SRV_HST);
        String[] nameParts = princName.getNameStrings();
        if (nameParts.length >= 2) {
            hostName = nameParts[1];
        }
    } catch (Exception e) {
        // ignore
    }
    return hostName;
}
 
Example #6
Source File: KeyTabIndex.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    KeyTab kt = KeyTab.create("ktab");
    // Two entries with very different length, so that it's easy to
    // observice the abnormal change of "index" field.
    kt.addEntry(new PrincipalName(
            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@A"),
            "x".toCharArray(), 1, true);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    Runnable t = new Runnable() {
        @Override
        public void run() {
            KeyTab.getInstance("ktab").getClass();
        }
    };
    for (int i=0; i<10; i++) {
        new Thread(t).start();
    }
}
 
Example #7
Source File: PrincipalNameEquals.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        OneKDC kdc = new OneKDC(null);
        kdc.writeJAASConf();
        kdc.setOption(KDC.Option.RESP_NT, PrincipalName.KRB_NT_PRINCIPAL);

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);

        Context.handshake(c, s);

        Context.transmit("i say high --", c, s);
        Context.transmit("   you say low", s, c);

        s.dispose();
        c.dispose();
    }
 
Example #8
Source File: HostAddresses.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public HostAddresses(PrincipalName serverPrincipal)
    throws UnknownHostException, KrbException {

    String[] components = serverPrincipal.getNameStrings();

    if (serverPrincipal.getNameType() != PrincipalName.KRB_NT_SRV_HST ||
        components.length < 2)
        throw new KrbException(Krb5.KRB_ERR_GENERIC, "Bad name");

    String host = components[1];
    InetAddress addr[] = InetAddress.getAllByName(host);
    HostAddress hAddrs[] = new HostAddress[addr.length];

    for (int i = 0; i < addr.length; i++) {
        hAddrs[i] = new HostAddress(addr[i]);
    }

    addresses = hAddrs;
}
 
Example #9
Source File: FileKeyTab.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    String name = "ktab";
    KeyTab kt = KeyTab.create(name);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    check(name);
    check("FILE:" + name);

    name = new File(name).getAbsolutePath().toString();

    check(name);
    check("FILE:" + name);

    // The bug reporter uses this style, should only work for
    // absolute path
    check("FILE:/" + name);
}
 
Example #10
Source File: KerberosPrincipal.java    From JDKSourceCode1.8 with MIT License 6 votes vote down vote up
/**
 * Reads this object from a stream (i.e., deserializes it)
 */
private void readObject(ObjectInputStream ois)
        throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte [])ois.readObject();
    byte[] encRealm = (byte [])ois.readObject();
    try {
       Realm realmObject = new Realm(new DerValue(encRealm));
       PrincipalName krb5Principal = new PrincipalName(
               new DerValue(asn1EncPrincipal), realmObject);
       realm = realmObject.toString();
       fullName = krb5Principal.toString();
       nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}
 
Example #11
Source File: Krb5ProxyImpl.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
@Override
public String getPrincipalHostName(Principal principal) {
    if (principal == null) {
       return null;
    }
    String hostName = null;
    try {
        PrincipalName princName =
            new PrincipalName(principal.getName(),
                    PrincipalName.KRB_NT_SRV_HST);
        String[] nameParts = princName.getNameStrings();
        if (nameParts.length >= 2) {
            hostName = nameParts[1];
        }
    } catch (Exception e) {
        // ignore
    }
    return hostName;
}
 
Example #12
Source File: HostAddresses.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
public HostAddresses(PrincipalName serverPrincipal)
    throws UnknownHostException, KrbException {

    String[] components = serverPrincipal.getNameStrings();

    if (serverPrincipal.getNameType() != PrincipalName.KRB_NT_SRV_HST ||
        components.length < 2)
        throw new KrbException(Krb5.KRB_ERR_GENERIC, "Bad name");

    String host = components[1];
    InetAddress addr[] = InetAddress.getAllByName(host);
    HostAddress hAddrs[] = new HostAddress[addr.length];

    for (int i = 0; i < addr.length; i++) {
        hAddrs[i] = new HostAddress(addr[i]);
    }

    addresses = hAddrs;
}
 
Example #13
Source File: KerberosPrincipal.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Reads this object from a stream (i.e., deserializes it)
 */
private void readObject(ObjectInputStream ois)
        throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte [])ois.readObject();
    byte[] encRealm = (byte [])ois.readObject();
    try {
       Realm realmObject = new Realm(new DerValue(encRealm));
       PrincipalName krb5Principal = new PrincipalName(
               new DerValue(asn1EncPrincipal), realmObject);
       realm = realmObject.toString();
       fullName = krb5Principal.toString();
       nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}
 
Example #14
Source File: HostAddresses.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public HostAddresses(PrincipalName serverPrincipal)
    throws UnknownHostException, KrbException {

    String[] components = serverPrincipal.getNameStrings();

    if (serverPrincipal.getNameType() != PrincipalName.KRB_NT_SRV_HST ||
        components.length < 2)
        throw new KrbException(Krb5.KRB_ERR_GENERIC, "Bad name");

    String host = components[1];
    InetAddress addr[] = InetAddress.getAllByName(host);
    HostAddress hAddrs[] = new HostAddress[addr.length];

    for (int i = 0; i < addr.length; i++) {
        hAddrs[i] = new HostAddress(addr[i]);
    }

    addresses = hAddrs;
}
 
Example #15
Source File: KerberosPrincipal.java    From Java8CN with Apache License 2.0 6 votes vote down vote up
/**
 * Reads this object from a stream (i.e., deserializes it)
 */
private void readObject(ObjectInputStream ois)
        throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte [])ois.readObject();
    byte[] encRealm = (byte [])ois.readObject();
    try {
       Realm realmObject = new Realm(new DerValue(encRealm));
       PrincipalName krb5Principal = new PrincipalName(
               new DerValue(asn1EncPrincipal), realmObject);
       realm = realmObject.toString();
       fullName = krb5Principal.toString();
       nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}
 
Example #16
Source File: KerberosPrincipal.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Reads this object from a stream (i.e., deserializes it)
 */
private void readObject(ObjectInputStream ois)
        throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte [])ois.readObject();
    byte[] encRealm = (byte [])ois.readObject();
    try {
       Realm realmObject = new Realm(new DerValue(encRealm));
       PrincipalName krb5Principal = new PrincipalName(
               new DerValue(asn1EncPrincipal), realmObject);
       realm = realmObject.toString();
       fullName = krb5Principal.toString();
       nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}
 
Example #17
Source File: KeyTabIndex.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    KeyTab kt = KeyTab.create("ktab");
    // Two entries with very different length, so that it's easy to
    // observice the abnormal change of "index" field.
    kt.addEntry(new PrincipalName(
            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@A"),
            "x".toCharArray(), 1, true);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    Runnable t = new Runnable() {
        @Override
        public void run() {
            KeyTab.getInstance("ktab").getClass();
        }
    };
    for (int i=0; i<10; i++) {
        new Thread(t).start();
    }
}
 
Example #18
Source File: FileKeyTab.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    String name = "ktab";
    KeyTab kt = KeyTab.create(name);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    check(name);
    check("FILE:" + name);

    name = new File(name).getAbsolutePath().toString();

    check(name);
    check("FILE:" + name);

    // The bug reporter uses this style, should only work for
    // absolute path
    check("FILE:/" + name);
}
 
Example #19
Source File: Krb5KeyExchangeService.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
@Override
public String getServiceHostName(Principal principal) {
    if (principal == null) {
        return null;
    }
    String hostName = null;
    try {
        PrincipalName princName =
                new PrincipalName(principal.getName(),
                        PrincipalName.KRB_NT_SRV_HST);
        String[] nameParts = princName.getNameStrings();
        if (nameParts.length >= 2) {
            hostName = nameParts[1];
        }
    } catch (Exception e) {
        // ignore
    }
    return hostName;
}
 
Example #20
Source File: PrincipalNameEquals.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        OneKDC kdc = new OneKDC(null);
        kdc.writeJAASConf();
        kdc.setOption(KDC.Option.RESP_NT, PrincipalName.KRB_NT_PRINCIPAL);

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);

        Context.handshake(c, s);

        Context.transmit("i say high --", c, s);
        Context.transmit("   you say low", s, c);

        s.dispose();
        c.dispose();
    }
 
Example #21
Source File: FileKeyTab.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    String name = "ktab";
    KeyTab kt = KeyTab.create(name);
    kt.addEntry(new PrincipalName("a@A"), "x".toCharArray(), 1, true);
    kt.save();
    check(name);
    check("FILE:" + name);

    name = new File(name).getAbsolutePath().toString();

    check(name);
    check("FILE:" + name);

    // The bug reporter uses this style, should only work for
    // absolute path
    check("FILE:/" + name);
}
 
Example #22
Source File: TGSRep.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
public TGSRep(
              PAData[] new_pAData,
              PrincipalName new_cname,
              Ticket new_ticket,
              EncryptedData new_encPart
                  ) throws IOException {
    super(new_pAData, new_cname, new_ticket,
          new_encPart, Krb5.KRB_TGS_REP);
}
 
Example #23
Source File: KRBError.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public KRBError(
                APOptions new_apOptions,
                KerberosTime new_cTime,
                Integer new_cuSec,
                KerberosTime new_sTime,
                Integer new_suSec,
                int new_errorCode,
                PrincipalName new_cname,
                PrincipalName new_sname,
                String new_eText,
                byte[] new_eData
                    ) throws IOException, Asn1Exception {
    pvno = Krb5.PVNO;
    msgType = Krb5.KRB_ERROR;
    cTime = new_cTime;
    cuSec = new_cuSec;
    sTime = new_sTime;
    suSec = new_suSec;
    errorCode = new_errorCode;
    crealm = new_cname != null ? new_cname.getRealm() : null;
    cname = new_cname;
    sname = new_sname;
    eText = new_eText;
    eData = new_eData;

    parseEData(eData);
}
 
Example #24
Source File: W83.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {

        W83 x = new W83();

        // Cannot use OneKDC. kinit command cannot resolve
        // hostname kdc.rabbit.hole
        KDC kdc = new KDC(OneKDC.REALM, "127.0.0.1", 0, true);
        kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
        kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
        KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
        System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
        Config.refresh();

        kdc.writeKtab(OneKDC.KTAB);

        KeyTab ktab = KeyTab.getInstance(OneKDC.KTAB);
        for (int etype: EType.getBuiltInDefaults()) {
            if (etype != EncryptedData.ETYPE_ARCFOUR_HMAC) {
                ktab.deleteEntries(new PrincipalName(OneKDC.USER), etype, -1);
            }
        }
        ktab.save();

        if (System.getProperty("6932525") != null) {
            // For 6932525 and 6951366, make sure the etypes sent in 2nd AS-REQ
            // is not restricted to that of preauth
            kdc.setOption(KDC.Option.ONLY_RC4_TGT, true);
        }
        if (System.getProperty("6959292") != null) {
            // For 6959292, make sure that when etype for enc-part in 2nd AS-REQ
            // is different from that of preauth, client can still decrypt it
            kdc.setOption(KDC.Option.RC4_FIRST_PREAUTH, true);
        }
        x.go();
    }
 
Example #25
Source File: Ticket.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public Ticket(
              PrincipalName new_sname,
              EncryptedData new_encPart
                  ) {
    tkt_vno = Krb5.TICKET_VNO;
    sname = new_sname;
    encPart = new_encPart;
}
 
Example #26
Source File: EmptyCC.java    From jdk8u60 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    final PrincipalName pn = new PrincipalName("dummy@FOO.COM");
    final String ccache = args[0];

    if (args.length == 1) {
        // Main process, write the ccache and launch sub process
        CredentialsCache cache = CredentialsCache.create(pn, ccache);
        cache.save();
        Proc p = Proc.create("EmptyCC").args(ccache, "readcc")
                .env("KRB5CCNAME", ccache).start();
        p.waitFor();
    } else {
        // Sub process, read the ccache
        String cc = System.getenv("KRB5CCNAME");
        if (!cc.equals(ccache)) {
            throw new Exception("env not set correctly");
        }
        // 8001208: Fix for KRB5CCNAME not complete
        // Make sure the ccache is created with bare file name
        if (CredentialsCache.getInstance() == null) {
            throw new Exception("Cache not instantiated");
        }
        if (!new File("tmpcc").exists()) {
            throw new Exception("File not found");
        }
        Credentials.acquireTGTFromCache(pn, null);
    }
}
 
Example #27
Source File: Ticket.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
public Ticket(
              PrincipalName new_sname,
              EncryptedData new_encPart
                  ) {
    tkt_vno = Krb5.TICKET_VNO;
    sname = new_sname;
    encPart = new_encPart;
}
 
Example #28
Source File: KRBError.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
public KRBError(
                APOptions new_apOptions,
                KerberosTime new_cTime,
                Integer new_cuSec,
                KerberosTime new_sTime,
                Integer new_suSec,
                int new_errorCode,
                PrincipalName new_cname,
                PrincipalName new_sname,
                String new_eText,
                byte[] new_eData,
                Checksum new_eCksum
                    ) throws IOException, Asn1Exception {
    pvno = Krb5.PVNO;
    msgType = Krb5.KRB_ERROR;
    cTime = new_cTime;
    cuSec = new_cuSec;
    sTime = new_sTime;
    suSec = new_suSec;
    errorCode = new_errorCode;
    cname = new_cname;
    sname = new_sname;
    eText = new_eText;
    eData = new_eData;
    eCksum = new_eCksum;

    parseEData(eData);
}
 
Example #29
Source File: MoreKvno.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args)
        throws Exception {

    OneKDC kdc = new OneKDC(null);
    kdc.writeJAASConf();

    // Rewrite keytab, 3 set of keys with different kvno
    KeyTab ktab = KeyTab.create(OneKDC.KTAB);
    p = new PrincipalName(
        OneKDC.SERVER+"@"+OneKDC.REALM, PrincipalName.KRB_NT_SRV_HST);
    ktab.addEntry(p, "pass1".toCharArray(), 1, true);
    ktab.addEntry(p, "pass3".toCharArray(), 3, true);
    ktab.addEntry(p, "pass2".toCharArray(), 2, true);
    ktab.save();

    char[] pass = "pass2".toCharArray();
    kdc.addPrincipal(OneKDC.SERVER, pass);
    go(OneKDC.SERVER, "com.sun.security.jgss.krb5.accept", pass);

    pass = "pass3".toCharArray();
    kdc.addPrincipal(OneKDC.SERVER, pass);
    // "server" initiate also, check pass2 is used at authentication
    go(OneKDC.SERVER, "server", pass);

    try {
        pass = "pass4".toCharArray();
        kdc.addPrincipal(OneKDC.SERVER, pass);
        go(OneKDC.SERVER, "com.sun.security.jgss.krb5.accept", pass);
        throw new Exception("This test should fail");
    } catch (GSSException gsse) {
        // Since 7197159, different kvno is accepted, this return code
        // will never be thrown out again.
        //KrbException ke = (KrbException)gsse.getCause();
        //if (ke.returnCode() != Krb5.KRB_AP_ERR_BADKEYVER) {
        //    throw new Exception("Not expected failure code: " +
        //            ke.returnCode());
        //}
    }
}
 
Example #30
Source File: MoreKvno.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args)
        throws Exception {

    OneKDC kdc = new OneKDC(null);
    kdc.writeJAASConf();

    // Rewrite keytab, 3 set of keys with different kvno
    KeyTab ktab = KeyTab.create(OneKDC.KTAB);
    p = new PrincipalName(
        OneKDC.SERVER+"@"+OneKDC.REALM, PrincipalName.KRB_NT_SRV_HST);
    ktab.addEntry(p, "pass1".toCharArray(), 1, true);
    ktab.addEntry(p, "pass3".toCharArray(), 3, true);
    ktab.addEntry(p, "pass2".toCharArray(), 2, true);
    ktab.save();

    char[] pass = "pass2".toCharArray();
    kdc.addPrincipal(OneKDC.SERVER, pass);
    go(OneKDC.SERVER, "com.sun.security.jgss.krb5.accept", pass);

    pass = "pass3".toCharArray();
    kdc.addPrincipal(OneKDC.SERVER, pass);
    // "server" initiate also, check pass2 is used at authentication
    go(OneKDC.SERVER, "server", pass);

    try {
        pass = "pass4".toCharArray();
        kdc.addPrincipal(OneKDC.SERVER, pass);
        go(OneKDC.SERVER, "com.sun.security.jgss.krb5.accept", pass);
        throw new Exception("This test should fail");
    } catch (GSSException gsse) {
        // Since 7197159, different kvno is accepted, this return code
        // will never be thrown out again.
        //KrbException ke = (KrbException)gsse.getCause();
        //if (ke.returnCode() != Krb5.KRB_AP_ERR_BADKEYVER) {
        //    throw new Exception("Not expected failure code: " +
        //            ke.returnCode());
        //}
    }
}