Using the SiteMinder Programming Guide and SDK Java Docs, I have created a Java-based custom authentication scheme and configured the F5 to pass the client certificate to IIS in the request header but have a couple of follow-up questions: 1. Which class/method from the SDK can we use to read the HTTP request headers? 2. Once we have the certificate, do we need to perform all of the certificate validation or can we provide the cert info (User CN, Issuer CN, etc.) and utilize the X509 authentication mapping configured within the policy server?