Submitter has an OSB Proxy secured using the OWSM policy
"oracle/wss11_kerberos_token_with_message_protection_basic128_service_policy".
 Accessing the Proxy works fine under 
JDK 1.7.0_21 but under JDK 1.7.0_80 it raises a NullPointerException:

java.lang.NullPointerException
at oracle.wsm.security.policy.scenario.processor.KerberosAuthenticator.<init>(Ker👓 berosAuthenticator.java:83)
at oracle.wsm.security.policy.scenario.processor.KerberosTokenProcessor.verify(Ke👓 rberosTokenProcessor.java:402)
at oracle.wsm.security.policy.scenario.executor.KerberosSecurityScenarioExecutor$1.run(KerberosSecurityScenarioExecutor.java:346)
at oracle.wsm.security.policy.scenario.executor.KerberosSecurityScenarioExecutor$1.run(KerberosSecurityScenarioExecutor.java:344)
at java.security.AccessController.doPrivileged(Native Method)

Submitter feels that this is related to a change made for JDK-8004488. This removes the following code lines from the commit method of the
Krb5LoginModule.

Krb5LoginModule.java (JDK 1.7.0_21)

1061:  // Compatibility; also add keys to privCredSet
1062:  for (KerberosKey key: ktab.getKeys(kerbClientPrinc)) {
1063:    privCredSet.add(new Krb5Util.KeysFromKeyTab(key));
1064:  }