Configure Glassfish for SSO, and add a user to the file realm from the Admin Console:
Configurations->server-config->HTTP Service: SSO: Enabled
Configurations->server-config->Security: Default Principal To Role Mapping: Enabled
Configurations->server-config->Realms->file: Add a user with username: "username" password: "password" and role of "customrole"
Deploy the attached war file. (It's inside the zip file, which contains the war and src).
If you login using the FORM login method, (The third link) you will be logged into the web application, and receive a JSESSIONSSO cookie. So going to another web application in the same realm will not prompt for credentials.
Logout / close browser, try to login using the HttpServletLogin method (The second link), something like http://localhost:8080/single-sign-on/login?u=username&p=password you will be logged in, but the JSESSIONIDSSO cookie is not sent. So going to another web application in the same realm will prompt for credentials.
The JSESSIONIDSSO cookie should be sent, and navigating to another web application in the same realm should not prompt for credentials.