is it possible to use Access Manager to do some kind of identity injection using a certificate to a backend webserver ?

The user would authenticates with secure name/password form to the idp and has in the eDirectory a certificate stored, that then is used to authenticate to a backend webserver. The backend webserver is not under our control, so we do not have an option to adopt the authentication methods they provide. The only one currently available is certificate based authentication. The certificates are provided by the other company. So we only could import them into edir and store it in the user object.

Is that possible with Access Manager ?

Thanks for any comment,