The project originated from the customer’s description of the current situation, where the customer’s web applications are integrated into several independent systems to provide the required security and user authentication. These systems were not connected to each other and there was no central management. The consequence of this state of affairs was that the user had to log in repeatedly when moving between applications. Splitting authentication into several independent systems brought a number of disadvantages such as costly maintenance of individual authentication systems, inability to centrally define a uniform authentication policy, inability to centrally monitor and audit, etc.

On the AMI side, the implementation of the Apereo CAS solution was designed to bring a central user authentication and single sign-on (SSO) system across web applications, unified auditing and the ability to centrally manage and change the login process.

The goal of the project was to implement a single SSO and SLO solution between systems to provide a central point of communication for users and administrators.

The systems to be connected are listed below:

• API GW – providing SSO in applications available in API GW,
• Netscaler GW – providing SSO in applications available in Netscaler GW,
• SAP Fiori – providing direct SSO functionality without the need for additional web-based GWs,
• MS AD – authentication source and source of identities of authenticated users.

The project aimed to simplify the user login flow, standardize the connection of future applications to SSO and increase security through central logging and auditing.