the class "org.jboss.web.tomcat.security.login.WebAuthentication" might help: http://www.jboss.org/community/wiki/WebAuthentication
I tested it once, but had the impression that after each subsequent web page call, I had to relogin. Anyway, you could give it a try.
First, that class worked perfectly and it does keep you logged in. Thanks again for the help Wolfgang. Second, I'd just like to complain (not to you, just to the internet in general) that I've been trying to figure out how to do this on and off for about 3 months now, and all I had to do was add 2 lines of code. WTF!? Why did this not show up in any of the dozens of searches I did?
Anyway, for anyone looking for the answer, just use the WebAuthentication class that Wolfgang mentioned. There is a simple tutorial at http://roneiv.wordpress.com/2008/03/15/using-webauthentication-in-jboss/
Glad I could help. I found this class by accident, too, and would have never find it by doing a web search ;-).