J2EE/Servlets provides:
HTTP Basic Authentication
Form-based Authentication
Client-Certificate Authentication
Tomcat implements/provides these in some way...
Your application should work just fine in other Servlet containers (e.g. BEA, WebSphere, etc.).