Yes, of course you can use JAAS for enabling custom authentication of Web components including Servlets. In our book, we suggested the use of JAAS based Strategies in "Authentication Enforcer" and "Authorization Enforcer" patterns. These very well apply to "Web container" based components.
In our book, we do show how to implement a JAAS Login Module with a code example. If you would like to see..JAAS Login Module code examples for custom user/pass authentication using LDAP, JDBC, AD..there are many examples available on the net. [ January 11, 2006: Message edited by: Ramesh Nagappan ]