How can i make the container to use JAAS to authenticate users i.e j_username and j_userpassword should be validated againt our own user database. And does servlet specification requires the container to provide a way for using JAAS for container authentication?
This problem is rather container specific. You have to tell the container to use your custom DB authentication module. How exactly depends largely on what servlet container you are using. You also have to build your own (simple) authentication module that implements a number of standard callback methods. Details depend on the servlet container. There exist a number of default implementations (I know there are default examples for Weblogic and JBoss)