Here you can find the source of getServerPrivateKey(Subject subject, int keyType)
public static EncryptionKey getServerPrivateKey(Subject subject, int keyType)
//package com.java2s; //License from project: Apache License import java.util.Iterator; import java.util.Set; import javax.security.auth.Subject; import javax.security.auth.kerberos.KerberosKey; import javax.security.auth.kerberos.KerberosPrincipal; import javax.security.auth.kerberos.KerberosTicket; import javax.security.auth.kerberos.KeyTab; import sun.security.jgss.krb5.Krb5Util; import sun.security.krb5.EncryptionKey; import sun.security.krb5.PrincipalName; import sun.security.krb5.RealmException; public class Main { public static EncryptionKey getServerPrivateKey(Subject subject, int keyType) { Set<Object> serverCredentials = subject .getPrivateCredentials(Object.class); KerberosPrincipal serverPrincipal = null; KeyTab serverKeyTab = null; for (Iterator<Object> i = serverCredentials.iterator(); i.hasNext();) { Object cred = i.next(); if (cred instanceof KerberosKey) { KerberosKey key = (KerberosKey) cred; if (key.getKeyType() == keyType) { KerberosKey krbKey = (KerberosKey) cred; return new EncryptionKey(krbKey.getEncoded(), krbKey.getKeyType(), keyType); }//from w w w . j av a 2 s .com } if (cred instanceof KeyTab) { serverKeyTab = (KeyTab) cred; continue; } if (cred instanceof KerberosTicket) { KerberosTicket serverKerbTicket = (KerberosTicket) cred; serverPrincipal = serverKerbTicket.getClient(); continue; } } try { PrincipalName princName = new PrincipalName( serverPrincipal.getName(), serverPrincipal.getRealm()); EncryptionKey[] encKeyArray = Krb5Util.keysFromJavaxKeyTab( serverKeyTab, princName); for (EncryptionKey encKey : encKeyArray) { if (encKey.getEType() == keyType) { return encKey; } } } catch (RealmException e) { e.printStackTrace(); return null; } return null; } }