NEWS RELEASE

Web Single Sign-on for Any J2EE Server

San Diego, CA, October 9, 2003 - Cafésoft announced today that it is now shipping web single sign-on support for all J2EE web and application servers. The new Cams Servlet Filter web agent enables web single sign-on for J2EE servers such as BEA WebLogic, IBM WebSphere, JBoss, JRun, Oracle 9iAS, and Tomcat. Cams is a secure, flexible, and affordable web single sign-on software solution that centralizes web application security decisions, enforcement, and management.

"Web single sign-on support for any J2EE server is only available from Cafésoft," said Gary Gwin, Cafésoft president and CEO. "Cams now provides web single sign-on for the world's most popular commercial J2EE servers, such as BEA WebLogic and IBM WebSphere, and open source J2EE servers, such as Tomcat and JBoss. Using Cams enables you use the same security umbrella to protect your J2EE servers as well as web servers like Apache and IIS."

Cams makes sites more secure and manageable by centralizing application security decisions, enforcement, and management, rather than implementing security for each web and application server. This centralized approach to web security enables companies to reduce development and administration complexity and costs, while improving time-to-market, security, and user satisfaction for business enabling web projects. Cams also provides web single sign-on to eliminate the costs, risks, and pains associated with multiple user accounts and logins on the same site.

Cams service oriented architecture deploys into heterogeneous environments and scales for high-volume sites. Cams provides user directory integration with industry-standard LDAP and SQL databases, including Microsoft Active Directory and SunOne Directory Server. Primary product features include:

• Web single sign-on to web and J2EE application servers
• Access control based on roles (RBAC), date/time, location, and custom rules
• Simplified and centralized security policy administration
• Security event logging, analysis, and real-time notification
• Flexible customizations via open APIs
• Cross-platform support including Windows NT/2000/2003, Linux/UNIX, and Solaris

"We created Cams to help developers implement web application security without embedding security policy into application code," said Norbert Kuhnert, Cafésoft chief technology officer and founder. "With Cams, environments like J2EE servers and web servers share the same security environment. An open programmer's API empowers developers to use any password database for authentication, create custom access control rules that match business policy, and trigger business processes from security events."

The Cams Servlet Filter web agent is available immediately for all J2EE web and application servers that support Servlet API 2.3. A free Cams Tour download is available on Cafésoft's web site at http://www.cafesoft.com. The Cams Tour is the best way to learn about Cams terminology, architecture, and web application security. Cams software licenses are available starting at $2,995 per server. Developer licenses are free. Evaluation licenses, which include the Cams Servlet Filter web agent, are available upon request.

Cafésoft develops and markets Cams, which is a secure, flexible, and affordable web single sign-on software solution. Businesses around the world use Cams to give employees, customers, and partners secure access to protected web applications and resources. By using Cams, customers: 1) improve time-to-market; 2) reduce development, support, and training costs; 3) enable secure business relationships; 4) improve security compliance and accountability; and, 5) simplify security implementation and management. Headquartered in San Diego, California, Cafésoft is a private company founded in March of 1996. More information can be found at http://www.cafesoft.com.

- 30 -

Cafésoft is a trademark of Cafésoft, LLC. All trademarks, service marks, or registered trademarks are the property of their respective companies.