I do not know about ACEGI , but JAAS is
java implementation of PAM (Pluggable Authentication Module) and apart from authentication ,it has feature to Authorization too.
Other kinds of authentication (DIGEST,FORM etc) that you are talking about comes from the
servlet specification.As weblogic and websphere are application server , so they have to provide implementation of these declarative
J2EE security features aslo.
You can design a application only with the help of J2EE authentication and authorization and without going for JAAS.