Hi Arjuna
Unfortunately, I don't think it is going to work. the way you want it to.
The webstart app is different to applets, applets tended to run in the browser and inherit the browser context including the page website, session details and cookie values - so although applets can still cause trouble, they can run on a browser in a SSO session context.
Protecting the webstart app
Webstart apps, after the initial install, tend to be stored in the Java deployment cache on the local machine and then run independently of the browser.
So any SSO protection of the webstart app will be difficult, you should be able to protect the initial .jnlp access via the browser, and that would ensure you have valid SMSESSION cookie - but that is only on the initial download.
Subsequent running of the webstart app usually is from the java cache rather than downloaded. Java can be set to check the server for updates, but there is no mechanism for this internal check to navigate an SSO protection scheme.
Protecting access from a webstart app
However, if you mean you are running the webstart app, and it makes calls to a remote webserver, and you want those requests protected by SSO, say for REST/SOAP calls, then that is possible but you would need to customize your java code to recognize a failure, such as a 401 and be able to popup a dialog to prompt for UN/PW to response with Basic credentials in the request.
Cheers - Mark
----
Mark O'Donohue
Snr Principal Support Engineer - Global Customer Success