Error 401--Unauthorized

Hi,

I try to implement perimeter authentication.
I manage to establish a two ssl connection.
I use the DefaultAuthenticator and DefaultIdentityAsserter
Supported token types are:
AuthenticatedUser
X.509
The User Name Mapper Class is a custom class.

This is the implementation :

--begin code--
public java.lang.String mapCertificateToUserName(
java.security.cert.X509Certificate[] certs,
boolean ssl) {


log("DTUserNameMapper.mapCertificateToUserName: mutuallyAuthenticated = " + ssl);


if (certs.length > 0 ) {
log("Certificate contents follow: ");


log("\t" + certs[0].toString());

Principal pr =certs[0].getSubjectDN();
userName = pr.getName();
int i1 = userName.indexOf("CN=") + 3;
int i2 = userName.indexOf(")") + 1;

userName = userName.substring(i1, i2);
log("mapping certificate to user = " + userName);
}

return userName;
}

--end code--

output to stdout :
-SSl = true (mutually authenticated)
-tostring of certificate
-name of getSubjectDN.

the string returned buy this method corresponds to the CN
attribute of the DN of a user entry in the LDAP server.

All this works fine but appliaction keeps throwing error 401 - unauthorized.

Is there an implementation for the mapping between the certificate and the username that has to be done, and if so : how?

How come there is no documentation available for this?