From be196723f3f896639ca8bdfb96b8858f867bf552 Mon Sep 17 00:00:00 2001
From: Martin Goldhahn <mgoldhahn@gmail.com>
Date: Wed, 27 Jun 2018 13:25:45 +0200
Subject: [PATCH] Kerberos Login Module doesn't get the keytab configuration
 option if the cache is used.

---
 .../security/kerberos/client/config/SunJaasKrb5LoginConfig.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spring-security-kerberos-client/src/main/java/org/springframework/security/kerberos/client/config/SunJaasKrb5LoginConfig.java b/spring-security-kerberos-client/src/main/java/org/springframework/security/kerberos/client/config/SunJaasKrb5LoginConfig.java
index 45472cc6..005245c0 100644
--- a/spring-security-kerberos-client/src/main/java/org/springframework/security/kerberos/client/config/SunJaasKrb5LoginConfig.java
+++ b/spring-security-kerberos-client/src/main/java/org/springframework/security/kerberos/client/config/SunJaasKrb5LoginConfig.java
@@ -74,7 +74,7 @@ public void afterPropertiesSet() throws Exception {
 			LOG.warn("Your keytab is in the classpath. This file needs special protection and shouldn't be in the classpath. JAAS may also not be able to load this file from classpath.");
 		}
 
-		if (!useTicketCache) {
+		if (!useTicketCache || keyTabLocation != null) {
 			Assert.notNull(keyTabLocation, "keyTabLocation must be specified when useTicketCache is false");
 			keyTabLocationAsString = keyTabLocation.getURL().toExternalForm();
 			if (keyTabLocationAsString.startsWith("file:")) {