This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I know that JBoss+Tomcat supports this. Basically, the JBoss application policy is defined as a realm backed by a JAAS LoginModule (this can be custom code, or one of the provided LoginModules) -- then you configure single-sign-on in the tomcat-service.xml. There is a thread on this subject in the JBoss forums.