I've got two classes KISCLoginModule which is custom LoginModule and LoginValve which extens ValveBase. How can I get the value of ClientNameCN in my KISCLoginModule's method login()?

KISCLoginModule:

Code:
....
....
public class KISCLoginModule implements LoginModule {
....
public boolean login() throws LoginException {
        // prompt for a user name and password
	if (callbackHandler == null)
	    throw new LoginException("Error: no CallbackHandler available " +
			"to garner authentication information from the user");

        Callback[] callbacks = new Callback[2];
        callbacks[0] = new NameCallback("user name: ");
        callbacks[1] = new PasswordCallback("password: ", false);
        
        try {
            callbackHandler.handle(callbacks);
            username = ((NameCallback)callbacks[0]).getName();
            char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
            if (tmpPassword == null) {
            // treat a NULL password as an empty password
            tmpPassword = new char[0];
            }
            password = new char[tmpPassword.length];
            System.arraycopy(tmpPassword, 0,
                password, 0, tmpPassword.length);
            ((PasswordCallback)callbacks[1]).clearPassword();
        } catch (java.io.IOException ioe) {
            throw new LoginException(ioe.toString());
        } catch (UnsupportedCallbackException uce) {
            throw new LoginException("Error: " + uce.getCallback().toString() +
            " not available to garner authentication information " +
            "from the user");
        }
        
        // verify the username/password	
        if (defineUserAndRoles()) {
            succeeded = true;
	    return true;
        } else {
            succeeded = false;
	    username = null;
	    for (int i = 0; i < password.length; i++)
		password[i] = ' ';
	    password = null;
            throw new FailedLoginException("User Name or Password Incorrect");
        }
    }

....
....

LoginValve:


Code:
....
....
public class LoginValve extends ValveBase {

    @Override
    public void invoke(Request arg0, Response arg1) throws IOException, ServletException {
        X509Certificate[] certs = (X509Certificate[]) arg0
                        .getAttribute("javax.servlet.request.X509Certificate");

        if (!"https".equals(arg0.getScheme())) {
//            returnError(arg1, "РРѕСЃССѓРї РїРѕ РїСЂРѕСРѕРєРѕРСѓ " + arg0.getScheme() + "  РРРїСЂРСРРЅ.");
            getNext().invoke(arg0, arg1);
            return;
        }

        if (certs != null) {
            //getNext().invoke(arg0, arg1);
            if (certs[0] != null) {
                HttpSession session = arg0.getSession();

                if (session == null) {
                    //Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Ошибка! Сессия не найдена");
                    Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Error! The session is not found");
                    //if (!verifyCertificate(certs[0])) returnError(arg1, "Доступ запрещён. Сессия не найдена");
                    if (!verifyCertificate(certs[0])) returnError(arg1, "Access denied. The session is not found");
                    else getNext().invoke(arg0, arg1);
                } else {
                    String ClientNameCN = certs[0].getSubjectDN().getName();
                    ClientNameCN = ClientNameCN.substring(ClientNameCN.indexOf("CN=") + 3);
                    ClientNameCN = ClientNameCN.substring(0, ClientNameCN.indexOf(","));
                    session.setAttribute("ClientNameCN", ClientNameCN);
                    //Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Внимание2!!!!!" + ClientNameCN);
                    Object obj = session.getAttribute("isVerifyCertificate");
                    if (obj != null) {
                        String str = (String)obj;
                        if (str.equals("true")) {
                            getNext().invoke(arg0, arg1);
                            return;
                        }
                    }

                    if (!verifyCertificate(certs[0])) {
                        //Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Ошибка! Неверный сертификат");
                        Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Error! Invalid certificate");
                        session.setAttribute("isVerifyCertificate", "false");
                        //returnError(arg1, "Доступ запрещён. Неверный сертификат");
                        returnError(arg1, "Access denied. Invalid certificate");
                    } else {
                        session.setAttribute("isVerifyCertificate", "true");
                        getNext().invoke(arg0, arg1);
                    }
                }
            }
            else {
                //Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Ошибка! Сертификат не получен");
                Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Error! The certificate has not been obtained");
                //returnError(arg1, "Доступ запрещён. Сертификат не получен");
                returnError(arg1, "Access denied. The certificate has not been obtained");
            }
        } else {
            //Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Ошибка! Сертификат не получен");
            Logger.getLogger(LoginValve.class.getName()).log(Level.SEVERE, "Error! The certificate has not been obtained");
            //returnError(arg1, "Доступ запрещён. Сертификат не получен");
            returnError(arg1, "Access denied. The certificate has not been obtained");
        }
    }
....
....