I am writing a custom JAAS Login Module that need to know the session id from the servlet-session. Is that possible?
The only solution I found was to create a custom Authenticator that appended the sessionid to the password before it is validated and stored in the session. It is ugly, but works :)