I have the same JNDIRealm used for authentication in different webapps. I would like to be able to "persist" user login between different webapps. In other words if user logs in to one %TOMCAT_HOME%/webapps/app1 and then clicks on a link that leads to %TOMCAT_HOME%/webapps/app2 I want to make sure that user does not need to re-authenticate.

Govind Seshadri

Yes, Tomcat 4 supports Single Sign On for webapps. Within conf/server.xml, uncomment the following line within your host element:

<Valve className="org.apache.catalina.authenticator.SingleSignOn"
That's it! There's nothing else you need to do. As long as the security constraints for the discrete web applications require the same role, the container will transparently propagate the security context that was created when the user authenticated for the first web app.

Click here for details on how Single Sign On works within Tomcat.