When using Kerberos authentication and credentials are stored in Subject.
Monitor thread is not able to authenticate as while creating
Thread monitorThread = new Thread( monitor, "cluster-" + serverId.getClusterId() + "-" + serverId.getAddress() );
Old AccessControlContext (which contains Kerberos credentials) is not inherited.

So the only workaround is to set javax.security.auth.useSubjectCredsOnly=false and use system ticket (But this is not working in case of using different clusters with different principals at the same time).

The simplest fix is just wrap ServerMonitorRunnable() with AccessController.doPrivileged().