Yes, this is doable, but there are many approaches and this is not a simple task.
First thing you would need to determine is how they customer will submit to you their user information. Simply passing you a SID or a domain name and user name won't be enough. You will likely run into duplicate users and SIDs change too frequently. Your best bet is to go with their email address or the GUID from Active Directory.
Second, you need to choose an SSO authentication model. You could create your own model to integrate into your application. I would suggest not doing this and research SSO design patterns. Here is one example to help you get started:
http://www.owasp.org.cn/OWASP_Conference/2011/10.pdf[
^]
Your next step would be to determine how you want to modify the existing login process so it doesn't affect your customers. I can't really help you there as I don't know how your application is built.
I hope this helps!
Submit an article or tip