I’ve had a similar issue in the past where after the user logs in using the OpenAM login it sits redirecting to itself.
The problem was the cookie domain. When OpenAM authenticates it will set a cookie withe the session token. If tomcat is on a separate domain then it won’t be able to look up the cookie.
You might want to check your domain in OpenAM console -> configuration -> system -> platform
My app was Drupal but I think the tomcat config is:
<Context sessionCookiePath="/something" sessionCookieDomain=".domain.tld" />