To allow use of the client cert for authentcation at the component level we need the ability to track the SSLSession associated with a connection. Maintaining a map of the session id to SSLSession using the javax.net.ssl.HandshakeCompletedListener needs to be added. The SSLSocketsUnitTestCase illustrates using this to base authentication/authorization on the connection client cert.