Enter CAS...

CAS stands for "central authentication service" and provides a cohesive set of web services offering authentication service to users and applications.

CAS is authentication-scheme independent
CAS imposes very little overhead on the client.
CAS protocol is easy to implement on the server.
Existing libraries:
JSP Tag Library
JavaBean / Servlet 2.3 Filter
Perl
PL/SQL (Oracle)
C

Additionally mod_cas allows container-based authentication with Apache servers.