If both of your web applications reside in the same server, then both of the web applications can be within the same protection domain boundary if you declare them in web.xml. For example:
Application 1 and 2 web.xml:
You can use FORM authentication, instead of BASIC authentication if you need to provide your own user interface for the login.
I'm using
Tomcat UserDatabaseRealm for the authentication user information, but you can using JdbcRealm if you need to lookup those information in a database.
If you are using other servers, i believe that they would have similar facility for this, because the concept of protection domain boundary is a standard for servlet container.
SCJP, SCWCD, SCJWS, IBM 700,IBM 701, IBM 704, IBM 705, CA Clarity Technical<br /> <br /><a href="http://eddyleesinti.blogspot.com" target="_blank" rel="nofollow">http://eddyleesinti.blogspot.com</a>