With the popularity of the Internet, enterprises also launched web-based services one after another. Since different functions of websites requiring different level of security, each website uses different authentication mechanism, resulting in user inconvenience. In order to solve above problem, scholars have proposed the concept of single sign-on. It makes a user able to access every website after authenticated by system. The implementation requires building a website access control system to pass through authentication for user. On the technical side of authentication, this paper proposes an execution architecture that combined agent signing and authentication negotiation with extendable software architecture. It supports the most widely used token-based and challenge-response authentication, and also cope with the continuous innovation of authentication technology. Since involving in website access, this thesis uses cluster architecture with application-level load balancing. In addition to providing scalability of capacity and to avoid becoming performance bottlenecks, it also reduces the expansion costs of system capacity.