com.twitter.finagle.http.SpnegoAuthenticator.Credentials
Oid for the KRB5 mechanism These come from https://www.oid-info.com/get/1.2.840.113554.1.2.2
The amount of time before the TGT in a LoginContext expires in which the user should begin to renew the TGT.
Oid for the Spnego mechanism These come from https://www.oid-info.com/get/1.3.6.1.5.5.2
JAAS implementation of credential fetching/validation (via the configuration section named by loginContext). If a principal or OID is provided, it is used to override the settings in the JAAS configuration file.
Since the authentication operations may block when i.e. talking to a KDC, these potentially blocking calls are wrapped in a FuturePool.