In Sasl.createSaslServer() method, the serverName argument is documented as "[t]he non-null fully qualified host name of the server". This means a SASL service must specify the exact hostname it is serving at (say, my.host.com). This is not true any more in today's virtualized world in which a service might be serving clients from different networks by exposing different service names.
Update: the main bug will cover the SASL API change and trivial changes to mechanisms. Further enhancement for the GSSAPI/krb5 mech will be addressed in a sub task.