Any help on the following would be greatly appreciated:

I have a Portal server instance that uses LDAP authentication and
WMM. This portal application hosts a portlet which calls into a servlet
application hosted on a separate WAS 5.1 instance using the directory
smart interface connected to the same LDAP server that portal is
directly connected to. I'm curious how to approach Single Sign On
with this scenario. If the user logs into portal I obviously don't want
to have them login to the application running on WAS 5.1 when the
portlet displays it. Is this even a valid approach? Would the portlet
need to send credential information to the WAS application first? Would
I have to use something else like SiteMinder?