java - Tomcat Custom LoginModule -

i have web application accesses external data source. data source has own access control decided secure web application using external data source authentication provider. created custom jaas loginmodule. authentication works great when deployed on tomcat upon successful authentication external data source, returns session key (ex. e2e9c2bf-d1ce-43f4-bc2f-37984c5b28f7) should used subsequent requests data.

my problem i'm unable find way store key in loginmodule used later. thought creating http session request , storing attribute work doesn't seem possible in loginmodule running on tomcat. have suggestions? in advance.