I have found that in some instances, if you use a fully qualified domain/server name (eg email@example.com) in the access point URL, you get SSO behaviour, but if you use the unqualified server name you have to log in again.
(In other instances it is the other way round!)
I would like to try to explain why this is happening. This issue will occur if you use an FQDN or IP that contains periods. The Web browser will consider anything that has a period in the address as being an Internet Side and will not pass your user information to the site. They is why you are required to log in. You can put the site into Trusted Sites and then it will pass the user information.