Method and system for transparently authenticating a mobile user to access web services

A system and method for authenticating a subscriber of a first network to access application services through a second network, wherein the second network is a packet data network. The system includes a mobile station connected to a cellular network and apt to generate access-request messages enclosed in data packets, the access-request messages being expressed with a syntax that complies with an application-level protocol; an allocation server apt to allocate an address in the second network to the subscriber and to provide a mapping between the subscriber's address and a first subscriber's identifier; a gateway which interfaces the first network to the second network and assigns the subscriber's address to the mobile station; a service token injector linked with the gateway and apt to intercept the data packets generated from the endpoint station and directed to the second network through the gateway and to capture in the data packet at least the subscriber's address, and an identity authority logical entity linked with the service token injector.