Single sign on, as you would have read, is a concept suggesting that if there are related applications, every one of them do not need to authenticate the same user again and again. Any one of them can do it once and others can use the result.
For example if you login to yahoo once, you do not need to produce your credentials (user name and password) again for any of the specific applications like mail, finance, etc. Although, all these applications will ask for your credentials if you directly login to let us say yahoo mail.
The idea being that the authentication result is being sent with every session (in form of a cookie, session id or something else) and the application decides to allow the user or throw a login page accordingly.
As you would have noticed above, in order to assert whether the user is logged in or not, the application requires the authentication information, if any. This information can be sent in different formats. It can be a cookie or as part of the HTML message or as a
soap header, SAML token in case of web services, etc.
You need to decide which is the way your applications need to do this.
In a very simple way, you can store a flag in the session whether the user is authenticated or not. For every request you check whether the flag is present, if not, you can redirect to the login page, else process the request.
NOTE: JAAS does not deal with single sign on. It is a technology to club various login modules together. This essentially is not single sign on.