https://issues.apache.org/jira/browse/AMQ-6029 - make certs available to tunnle servlet - HttpsNeedClientAuthSendAndReceiveTest regression, add javax.security so login exceptions can propogate over http - https://issues.apache.org/jira/browse/AMQ-6013

activemq-client/src/main/java/org/apache/activemq/util/ClassLoadingAwareObjectInputStream.java

@@ -40,7 +40,7 @@ public class ClassLoadingAwareObjectInputStream extends ObjectInputStream {
 
     static {
         serializablePackages = System.getProperty("org.apache.activemq.SERIALIZABLE_PACKAGES",
-                    "java.lang,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper").split(",");
+                    "java.lang,javax.security,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper").split(",");
     }
 
     public ClassLoadingAwareObjectInputStream(InputStream in) throws IOException {

activemq-http/src/main/java/org/apache/activemq/transport/http/HttpTunnelServlet.java

@@ -34,6 +34,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.activemq.Service;
 import org.apache.activemq.command.Command;
+import org.apache.activemq.command.ConnectionInfo;
 import org.apache.activemq.command.WireFormatInfo;
 import org.apache.activemq.transport.Transport;
 import org.apache.activemq.transport.TransportAcceptListener;
@@ -140,6 +141,9 @@ public class HttpTunnelServlet extends HttpServlet {
                 return;
             }
 
+            if (command instanceof ConnectionInfo) {
+                ((ConnectionInfo) command).setTransportContext(request.getAttribute("javax.servlet.request.X509Certificate"));
+            }
             transport.doConsume(command);
         }
     }