Yes, but you aren't getting the same sesssion object.
You can't share session inforamtion accross webapps
SRV.7.3 Session Scope
objects must be scoped at the application (or servlet context) level.
HttpSession
The underlying mechanism, such as the cookie used to establish the session, can be the same for different contexts, but the object referenced, including the attributes in
that object, must never be shared between contexts by the container.
To illustrate this requirement with an example: if a servlet uses the
RequestDispatcher to call a servlet in another Web application, any sessions
created for and visible to the servlet being called must be different from those
visible to the calling servlet.
[ January 28, 2005: Message edited by: Ben Souther ]