import javax.security.auth.login.LoginContext
import javax.security.auth.login.Configuration
import javax.security.auth.callback.*
import com.sun.security.auth.callback.TextCallbackHandler

class PasswordCallbackHandler implements CallbackHandler {
    private String username
    private String password

    PasswordCallbackHandler(String username, String password) {
        this.username = username
        this.password = password
    }

    void handle(Callback[] callbacks) {
        callbacks.each { callback ->
            if (callback instanceof NameCallback) {
                callback.setName(username)
            } else if (callback instanceof PasswordCallback) {
                callback.setPassword(password.toCharArray())
            } else {
                throw new UnsupportedCallbackException(callback, "Unsupported callback")
            }
        }
    }
}

// Set system properties for Kerberos config
System.setProperty("java.security.krb5.conf", "/etc/krb5.conf") // adjust for your OS
System.setProperty("java.security.auth.login.config", "login.conf")
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false")

def username = "HTTP/service.domain.com@YOUR.REALM"
def password = "yourSPNPassword"

try {
    def loginContext = new LoginContext("KrbLogin", new PasswordCallbackHandler(username, password))
    loginContext.login()
    println "✅ Authentication successful"
} catch (Exception e) {
    println "❌ Authentication failed: ${e.message}"
}