This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Reference
More than 30 IDM realisations in the Czech Republic and abroad
Deployment of Access Management for the City Hall Prague
Magistrát hlavního města Prahy
For our customer, the Prague City Hall (MHMP), a pilot project of open-source Access Management was implemented. The aim of the project was to verify the suitability of this platform in the environment of the Client, as an alternative to the existing technical solution.
Project goal
The aim of the project was to describe the status of the implemented Access Management solution and to propose changes to make the solution more effective. The main focus was on the sustainability of the solution development (determining the strategy in this area) and on the cost side (getting rid of redundant systems).
Project description
The output of the analysis phase was a document that described the state of Access Management (AM) from the perspective of the solution architecture and connected systems, analyzed the causes of the existing deficiencies and proposed changes to overcome them and streamline the architecture in the spirit of its sustainable development.
The information in the document was developed based on meetings with ICT representatives of the Contracting Authority and analysis sessions with responsible staff.
Based on the proposed solution, Apereo CAS was subsequently deployed in pilot operation and tested in terms of the Client’s Access Management needs.
Solution description
Three areas were analysed and needed to be addressed:
- Applications that authenticate against the current AM exhibit an unreasonably long time in the user login process.
- New applications find it difficult to connect to AM
- The AM solution is technically outdated
The conclusions of the analysis identified the common denominator of these difficulties as being the technical, architectural and human obsolescence of the current solution, which was implemented at a time when there was a different distribution of information systems in the Contracting Authority’s infrastructure.
A phased replacement of Access Manager with a new tool that meets the functionality requirements, is not tied to a specific manufacturer, is open source and has a vibrant community was proposed. A pilot project was conducted for this solution and a schedule for the transition from the existing to the new state was proposed.
Figure 1 – Target deployment of the CAS tool in the environment of the Customer
Technologies used
Central Authentication Service (CAS) is an open-source web-based Single Sign-On tool managed by the Apereo consortium. It originated in an academic environment and is widely used by universities around the world. It supports generally accepted protocols for authentication and authorization, and implements its own authentication protocol (CAS v1, CAS v2).