I'm administrating a company where we have a single account with a service website and we would like users to be able to access that website as if they were authenticated with the company's account. However, for obvious reasons, we don't want to give the company's account credentials to the company users. Basically, we would like to set up something similar to what many universities do to offer access to online libraries to their students. How is this usually achieved?

My first thought was to use a proxy server for this and I looked up Squid proxy authentication, but it seems that this configuration aims to ask the users for authentication before allowing them access to the Internet, which is nothing like what we want.

How can we achieve this? Please note that our OS (on all user machines and the company server) is Debian 7.0 (Wheezy).

A browser-agnostic answer is what we're hoping for, but if that's not possible, we are using Google Chrome Version 28.0.1500.52