...
Note: Tested with Tomcat 5.5.17, 5.5.20 and 5.5.2025
SSL Client Authentication (sometimes also known as "Client Certificate" authentication) uses the SSL protocol to authenticate clients based on a X509 Certificate. Normally this is accomlished by configuring SSL in Tomcat, and then configuring the Web Application's security descriptor to use "CLIENT-CERT" as the auth-method in the login-config section.
...
The code is tested with Tomcat 5.5.17, 5.5.20 and 5.5.2025. It will probably work with only minor modifications for other Tomcat 5.5 versions. It has been tested using Java 1.5.
...