The simplest way is to call /web/session/authenticate using JSON as follows:
{"jsonrpc": "2.0", "method": "call", "params": {"session_id": "SID", "context": {}, "login": "' + username + '", "password" : "' + password + '", "db" : "mydatabase"}, "id": null}
That is from a jquery function I created to handle authentication and the return value is the user ID. You'll have to retrieve the session ID from the cookie named sid to use in subsequent requests. If you use Firebug with the Net console active during a login it is very useful to see the entire process and the format of the JSON calls as well as the responses.
1) Is it required to save that file on same path in our module folder like my module custom_login and want to change "web\static\src\xml\base.xml" so i have to put my created file base.xml in directory "custom_login\static\src\xml\base.xml" 2)and also some of code in __openerp__.py same put in my module's __openerp__.py