I work in a large company where we are automating our internal IT services. We are looking for a solution that would allow a secure way to handle authentication between different systems, for example a two-factor authentication in the form of IP+user token.
What is the current best thinking in this area? Are there any recommended ways to handle this or any open source products that solve this problem? Authentication with private/public keys only is not possible since some systems only accept username / password method of authentication.