Hi Roo,
If I understand your use case, it's for an internal usage only. No internet publishing ? Correct ?
Regarding your fist request, APM uses kerberos or NTML authentication for that. If your laptop and you are in the domain, the APM policy will request the windows authentication to the laptop and you will be authenticate to the APM seamlessly. And you will see your application on the webtop. You can enable SSO for these apps as well (https://devcentral.f5.com/articles/apm-cookbook-single-sign-on-sso-using-kerberos).
Regarding your second request. More challenging. APM does not have any connector with your application regarding session opened. So, if the user already has a Sharepoint session opened, APM is not aware of, so APM will present the authentication (logon page, 401 ...). But if kerberos or NTLM auth is enabled on APM, it should be seamless for the user.