Summary

Cache Kerberos tickets so that they can be re-used for multiple authentication requests. This cache will take two forms:

• By default, the cache will be per-MongoClient, such that all authentication requests for a single MongoClient will share a ticket cache
• With additional configuration, the cache can span MongoClient instances, so that multiple MongoClient instances will share a single ticket cache

User-Facing Syntax

For per-MongoClient ticket caching, no additional configuration is required.

For per-process ticket caching using the default login context:

MongoCredential.createGSSAPICredential(<user name>)
                   .withMechanismProperty(JAVA_SUBJECT_PROVIDER,
                                 new KerberosSubjectProvider())

Note that the KerberosSubjectProvider class will be provided by the driver.  If the KerberosSubjectProvider instance is shared with only a single MongoClient, this is effectively the same as the new default ticket caching behavior.  Using the same instance with multiple MongoClients allows caching that spans the entire process. 

For ticket caching using a different login context, simply pass the login context name to the KerberosSubjectProvider constructor:

MongoCredential.createGSSAPICredential(<user name>)
                   .withMechanismProperty(JAVA_SUBJECT_PROVIDER,
                                  new KerberosSubjectProvider("MyContext"))