[eluser]BrianDHall[/eluser]
This is much easier than you might think. Its really just the basic auth system, and you just call the same system and database with all your applications. You might check around the forums regarding how to do multiple database connections and such topics, as you might want to connect to one database for your auth and then have another database for your app.
The only sticky point you ever really run into is cookies. There are various tricks, but most of them just work with redirects - if they click 'login' they go to your shared enterprise login system, it detects the pre-existing cookie if logged in or if not it logs them in, then redirects them back to the original site with a special instruction - such as a token id - that the site uses to issue you a first-party cookie.
It really doesn't need too much special engineering.