Use ServletHeaderLoginModule to extract information from an HttpServletRequest which is sent to the login module as part of the SagCredentials. The login module extracts the X.509 certificate chain or SAML artifacts, which are received as a result of an HTTPS with ClientAuthentication against a web server. The login module enters this information into the SagCredentials and makes it available to other login modules used in the login context of a JAAS configuration file. Optionally, the login module can extract more information, such as user names and passwords.

The following table outlines the parameters of ServletHeaderLoginModule.

The following sample outlines ServletHeaderLoginModule and the corresponding configuration that is included in a login context of a JAAS configuration file.