MS Windows introduced the Credential Guard feature which does not allow to export of the session keys for Ticket-Granting Tickets (TGTs). As a result, any authentication attempts on the system with Credential Guard enabled always fails with LoginException.

According to Oracle guidelines, this issue can be workarounded by disabling such guard (enable allowtgtsessionkey in the registry) [1]. However, this affects the whole platform.

In some cases, when the native/custom Krb5 provider is used, Krb5LoginModule is not required at all. However, some applications or 3rd party libraries still call LoginContext::login method explicitly, which causes failure because of unnecessary LoginException on the Krb5LoginModule::login method.

LoginModule is not controlled by the provider so I would suggest introducing new System Property which allows to:
- disable the whole login method OR
- try to execute the login method but hide LoginException

By default login method is enabled, so it does not affect current behavior. The changes apply if the new System Property is applied only.

[1] - https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/tutorials/Troubleshooting.html