With the development of enterprise informationization, the enterprise business system continually increases. The added business systems often use different technologies and security policies, and maintain separate authentication and authorization system, thus it is easy to form "islands of information". Unified authentication based single sign on technique emerges at the right moment for eliminating such isolating access control. However, there are some disadvantages on the security, scalability and maintainability of existing single sign-on models. In this paper, based on the Security Assertion Markup Language(SAML), a unified authentication single sign-on framework with high security, interoperability, and loosely coupling is designed and implemented, which includes the identity providers filter(SSO-IDP) and service providers filter(SSO-SP) modules, single sign-on interaction protocol and security mechanisms.