// authentication (already done by this point) it can choose
// to adjust the groups or principal name or other variables
// of the security context. Of course, bug 4646134 needs to be
// kept in mind at all times.
Realm realm = Realm.getInstance(CertificateRealm.AUTH_TYPE);
if (realm instanceof CertificateRealm) { // should always be true
CertificateRealm certRealm = (CertificateRealm)realm;
String jaasCtx = certRealm.getJAASContext();
if (jaasCtx != null) {
// The subject has the Cretificate Credential.
LoginContext lg = new LoginContext(jaasCtx, s, new ServerLoginCallbackHandler(user, null, appModuleID));
lg.login();
}
certRealm.authenticate(s, x500name);
realm_name = CertificateRealm.AUTH_TYPE;
if(getAuditManager().isAuditOn()){
getAuditManager().authentication(user, realm_name, true);
}
} else {
_logger.warning(SecurityLoggerInfo.certLoginBadRealmError);
realm_name = realm.getName();
setSecurityContext(user, s, realm_name);
}
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("X.500 name login succeeded for : " + user);