When using client cert auth, the server never has the private key half of the certificate, only the public key half. For your server to connect (as a client) to another server would require the private key, which you do not have. short answer - NO. Kerberos might help in this situation (but I have no experience there).
If the number of users was small and well known, you could install client certificates on your server for connecting to apache as the same user as each incoming connection (which may or may not be the exact same certificates as used to connect to glassfish). You will need to put an appropriate level of protection around the client certificates so that they cannot be obtained by any unauthorised user. We do that with Hudson to connect to SVN over https for tagging and publishing to ivy repositories.
[Message sent by forum member 'brucechapman']
http://forums.java.net/jive/thread.jspa?messageID=480261