Can 2 Java threads authenticate as two different Kerberos users (in the same process)?

Question

How can 2 Java threads (of the same process, same machine) each create their own Kerberos ticket?

My concern is that usually, once a Kerberos ticket is created on a machine, it will be used by all other processes on the machine.

I am planning to use Java's default Kerberos libraries, but I haven't started yet so I am open to any suggestion (must be open-source).

A small hello world that connects to http://server via Kerberos as thread1-user1-password1 and thread2-user2-password2 would be awesome!

---

Context: I want to write a load-testing tool:

• My tool launches 100 threads,
• Each thread logs in as a different Kerberos user,
• Once logged, each thread starts sending requests.

Doing the load-test as several users is important, as each user has its own cache etc.
Kerberos can not be disabled/circumvented, because the purpose is also to test Kerberos.

Answer 1

The authentication belongs to the GSS context, not the JVM. You can have as many contexts as you like, ergo as many tickets and authentications as you like.