How to proper authenticate an AngularJS client to the server
Thanks to the tip of lossleader I solved the problem. I removed the login() method, because I want the Java EE-Server to take care of authentication.
To access secured areas the AngularJS webapp has to set the HTTP-Header correctly. In my case $http.defaults.headers.common['Authorization'] = 'Basic '; where username:password has to be Base64 encoded.
After I set the headers correctly, no Password Prompt is shown and the AngularJS webapp can access the REST API.