I'm trying to migrate my web application's client certificate authentication to EE Security, and I cannot get Wildfly 17 to pass any contextual information (including the principal) to my custom HttpAuthenticationMechanism. Additionally, X509 certificates are not contained in the http request attributes passed to my HttpAuthenticationMechanism, but they are available in Filters and the ExternalContext. My X500 principal is currently being logged to the server.log, and the audit.log has no errors. I've read every howto and guide that I can find. What am I missing?