Start EAP
Define security realm needed by the web application
/subsystem=security/security-domain=web-tests:add(cache-type=default)
/subsystem=security/security-domain=web-tests/authentication=classic:add(login-modules=[{"code"=>"UsersRoles", "flag"=>"required"}]) {allow-resource-service-restart=true}
Define Single Sign On ( /subsystem=undertow/server=default-server/host=default-host/setting=single-sign-on:add() )
Deploy the same web application https://github.com/kwart/secured-webapp-template/releases/download/single-jsp-app/secured-webapp.war under two names (secured-webapp.war and secured-webapp2.war)
Go to fist web app via your web browser and log in there ( http://localhost:8080/secured-webapp/user/ , credentials are user:user)
Go to second web app via your web browser ( http://localhost:8080/secured-webapp2/user/ )
You should be automatically logged thanks to enabled SSO, but you aren't and you are required to input credentials again.
Single Sign On doesn't work for two web applications with different context name.