advice on central authentication system

We have a handful of applications in development and would like people to use the same login/password for all of them. Since the authentication module is shared it also needs to offer a remote API for CRUD of users (basically).

The way we implement the remote calls is an important decision. I am not yet familiar with Active Resource/Simply Restful, but this looks like a paradigmatic scenario for them, right?

-- fxn