You can certainly configure Catalina to require client authentication. You just set the 'clientAuth' attribute for SSLServerSocketFactory to 'true' in the server.xml file. I'm not sure if this will work with the JBoss-integrated version though.
Could anyone point to how this works in the JBoss-integrated version?
I'd like to update this request for more info on Client Certificate authentication. I am specifically interested in authenticating using a PKCS#12 certificate which would be propogated by the client browser.
Any information or example would be much appreciated.