Having IdP and SP configured as described at https://docs.jboss.org/author/display/PLINK/WildFly+Configuration .
Defining at web.xml security-constraint without auth-constraint to provide unlimited access to some of SP resources gives no intended result - always get redirect to IdP, be it auth constrained resource or not.
http-method-omission doesn't work too.