Here you can find the source of getTicketGrantingTicket(Subject subject)
static KerberosTicket getTicketGrantingTicket(Subject subject)
//package com.java2s; /*/*from www. j a va 2s . c om*/ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import javax.security.auth.Subject; import javax.security.auth.kerberos.KerberosPrincipal; import javax.security.auth.kerberos.KerberosTicket; import java.util.Set; public class Main { static KerberosTicket getTicketGrantingTicket(Subject subject) { Set<KerberosTicket> tickets = subject.getPrivateCredentials(KerberosTicket.class); for (KerberosTicket ticket : tickets) { if (isOriginalTicketGrantingTicket(ticket)) { return ticket; } } throw new IllegalArgumentException("kerberos ticket not found in " + subject); } /** * Check whether the server principal is the TGS's principal * * @param ticket the original TGT (the ticket that is obtained when a * kinit is done) * @return true or false */ static boolean isOriginalTicketGrantingTicket(KerberosTicket ticket) { return isTicketGrantingServerPrincipal(ticket.getServer()); } /** * TGS must have the server principal of the form "krbtgt/FOO@FOO". * * @return true or false */ private static boolean isTicketGrantingServerPrincipal(KerberosPrincipal principal) { if (principal == null) { return false; } if (principal.getName().equals("krbtgt/" + principal.getRealm() + "@" + principal.getRealm())) { return true; } return false; } }