Note to myself, and maybe useful for others too.

Since I request my kerberos tickets with proxyiable flag, all my JAAS / GSS (Kerberos) stuff is now working (almost) perfectly. I need to do extrat test in a web context, but it should be ok I think. Moreover, I need to understand good the interface used in doAs (a JAAS method). I hope have enough time to write few documentations about this all stuff.

Notes :

[libdefaults]
   default_realm = FIMASYS.FR
   forwardable = true
   proxiable = true
   default_tkt_enctypes = des-cbc-md5
   default_tgs_enctypes = des-cbc-md5

[realms]
FIMASYS.FR = {
   kdc = srvfms-5.fimasys.fr
   admin_server = srvfms-5.fimasys.fr
}

Beware to enctypes, MIT default enctypes are not supported by the JVM