When GSSContext is established with Krb5LoginModule, the kerberos service ticket is added to current subject's private credential set. But with Windows Native GSS, subject's private credentials are not populated.

    System.setProperty("java.security.krb5.conf","<path to the Kerberos config file>");
    System.setProperty("sun.security.jgss.native", "true");
    System.setProperty("sun.security.jgss.lib", "sspi_bridge.dll");
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
   
   Subject krbSubject = new Subject()
   Subject.doAs(krbSubject, new PrivilegedExceptionAction() {
 
          @Override
          public Object run() throws Exception {
             // Code to establish GSSContext With Database Service here..
 
              // Accessing Kerberos Service Ticket through Subject’s private credentials after
              // establishing the context
              krbSubject.getPrivateCredentials()
          }
  }
 
In the above sudo code, after establishing GSSContext with the service,
Subject’s private credentials contains the Kerberos Service Ticket when using Krb5LoginModule but with
Windows Native Implementation Subject’s private credentials is empty and is not populated with Service Ticket.