This patch exposes the certificate chain to the jboss
AuthenticationManager. This enables authentication of
certificate based users via a JAAS login module (via
Unfortunately because of the way jbossSX/JAAS works,
AFAICS there is no way to get the authenticated
username out of the JAAS login module without resorting
to non-standard hacks and breaking the authentication
caching. So instead, this patch sets the authenticated
principal to a SimplePrincipal with a name made up of
the certificate serialnumber and issuer before invoking
the isValid() method.
P.S. there is no category for Tomcat integration, so
I've set it to jbosssx. Sorry if this causes confusion.