Is there any Java API available for kerberos impersonation/constrained delegation. Basically my requirement is as follows :
User(U) access a service (S1) which in turn accesses service (S2) impersonating the user (U). My service S1 is a Java based web application which want to access another kerberised service on behalf of user.
I want some Java API on Service S1 which can interact with KDC to obtain kerberos service ticket for S2 for the user U.