Hi!!! Thank you so much for all your answers.
I took some days off... and did not reply this thread.
I just want to share my solution.
Basic authentication is bound to the browser, and once you have done login, should should close the browser to finish the logoff... what is not so elegant.
I changed to FORM authentication, creating my form, and posting the user information to a servlet who validates the user credentials against my realm, and this servlet redirect the user to either the application or to an error page. Obviously the proper configuration ifor security-constrain in web.xml have to be done.
I am sharing my solution here:
Login page:
My validation servlet method:
And the required part of the configuration file....
I hope this can be useful for someone else.
All the best,
Alejandro.