Spring with X509 Authentication is not prompting for certificates

Question

I'm trying to upgrade our Spring-based application from JDK 8 to 17, and Spring 3 to 6

However, it has stopped requesting certificates from the client on load, and as such can't properly authenticate or fetch the username

Security context:

<http>
    <intercept-url pattern='/' access="hasRole('ROLE_USER')" />
    <intercept-url pattern='/**' access="hasRole('ROLE_USER')" />
    <intercept-url pattern='/general' access="hasRole('ROLE_USER')" />
    <custom-filter position="PRE_AUTH_FILTER" ref="ntlmFilter" />
    <x509 />
</http>

<beans:bean id="ntlmFilter" class="mil.serena.subject.web.security.SubjectPreAuthenticationFilter">
    <beans:property name="ntlmAuthentication" ref="ntlmAuthentication" />
    <beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>

<beans:bean id="ntlmAuthentication" class="mil.serena.subject.web.security.NTLMAuthentication">
    <beans:property name="principalRequestHeader" value="Authorization" /> <!-- NTLM request.getHeader("Authorization") -->
</beans:bean>

<authentication-manager alias="authenticationManager">
    <authentication-provider ref="preauthAuthProvider" />
</authentication-manager>

<beans:bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    <beans:property name="preAuthenticatedUserDetailsService">
        <beans:bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <beans:property name="userDetailsService" ref="customUserDetailsService" />
        </beans:bean>
    </beans:property>
</beans:bean>

<beans:bean id="customUserDetailsService" class="mil.serena.subject.web.security.UserDetailsServiceImpl" />

<beans:bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />

<beans:bean id="mvcHandlerMappingIntrospector" class="org.springframework.web.servlet.handler.HandlerMappingIntrospector" />

NTLMAuthentication is checking the session_user attribute if the Authorization attribute is not set and otherwise grabbing username through the request's remoteUser, and SubjectPreAuthenticationFilter is running that for the user name and setting it as an attribute to be grabbed by other parts of the program

UserDetailsServiceImpl was already implemented by the configs, but it seems to be only logging the username information before passing back a standard UserDetails object

Additionally, the web.xml is already implementing a DelegatingFilterProxy