Guessing that you use Apache httpd as a frontend to Jboss, there isn't any logic to allow this to work.
In the mod_ssl configuration change to SSLVerifyClient to:
The client certificate will ask when starting the SSL connection.
no, unfortunatelly I can't set the SSLVerifyClient to "require", because it must be optional. We allow two sorts of authentication: 1) by username/password and 2) by certificate. If a customer doesn't have a certificate he must still be able to login.