When you configure you web application with client certificate authentication.
The jbossweb/catalina valve is receiving the client certificate by:
org.apache.catalina.authenticator.SSLAuthenticator#authenticate(Request, HttpServletResponse, LoginConfig)
org.apache.catalina.connector.Request#getCertificateChain()
org.apache.catalina.CERTIFICATES_ATTR
Reference from JBoss EAP 6.4 and http://maven.repository.redhat.com/techpreview/all/org/jboss/web/jbossweb/7.5.7.Final-redhat-1/jbossweb-7.5.7.Final-redhat-1-sources.jar.
The jbossweb/catalina valve is receiving the client certificate by:
org.apache.catalina.authenticator.SSLAuthenticator#authenticate(Request, HttpServletResponse, LoginConfig)
org.apache.catalina.connector.Request#getCertificateChain()
org.apache.catalina.CERTIFICATES_ATTR
Reference from JBoss EAP 6.4 and http://maven.repository.redhat.com/techpreview/all/org/jboss/web/jbossweb/7.5.7.Final-redhat-1/jbossweb-7.5.7.Final-redhat-1-sources.jar.