NEWS RELEASE

Cams 2.0 Web Single Sign-on
Access Management Solution Ships

San Diego, CA, April 14, 2004 - Cafésoft announced today that it is now shipping the final 2.0 release of the Cafésoft Access Management System (Cams™). This new release of Cams enables web single sign-on security across Apache, IIS, and J2EE application servers such as BEA WebLogic, IBM WebSphere, JBoss, Oracle 9iAS, and Tomcat. Cams is a secure, flexible, and affordable web single sign-on software solution that centralizes web application security control and management.

"The release of Cams 2.0 represents a significant milestone for our company and customers," said Gary Gwin, Cafésoft president and CEO. "The 2.0 release includes customer requested features such as Cams policy server clustering, failover, and support for more Cams web agents and user directories. Cams has many competitive strengths upon which these new features build. For example, by stacking Cams authentication modules, companies can easily configure authentication across multiple user directories such as Active Directory and LDAP servers."

Cams makes sites more secure and manageable by centralizing application security decisions, enforcement, and management, rather than implementing security within each web application or server. This centralized approach to web security enables companies to reduce development and administration complexity and costs, while improving time-to-market, security, and user satisfaction for business enabling web projects. Cams also provides web single sign-on to eliminate the cost, risk, and pain associated with multiple user accounts and sign-ons for the same site.

The Cams service oriented architecture deploys into heterogeneous environments with an architecture that scales for high-volume sites. Additional Cams policy server nodes can be added to a Cams policy server cluster at any time to scale with a growing load. The lightweight, Java-based Cams policy server can also be embedded into ISV application environments and requires inexpensive blade server hardware. Cams provides user directory integration with industry-standard LDAP and SQL databases, including Microsoft Active Directory and LDAP v3 compliant servers. Other product features include:

• Web single sign-on to web resources on web and J2EE application servers
• Access control based on roles (RBAC), date/time, location, and custom/business rules
• Simplified and centralized security policy administration
• Security event logging, analysis, and real-time notification
• Flexible customizations via open APIs
• Cross-platform support including Windows NT/2000/2003, Linux/UNIX, and Solaris

"We created Cams to help application developers implement fine-grained web application security without embedding authentication policy or access control business rules into application code," said Norbert Kuhnert, Cafésoft chief technology officer and founder. "With Cams, environments like Apache and the Tomcat J2EE web server can share security configurations and provide single sign-on. An open API also empowers developers to use any user/password repository for authentication, create custom access control rules that match business policy, and trigger business processes from security events."

A free Cams Tour download is available on Cafésoft's web site at http://www.cafesoft.com. The Cams Tour is the best way to learn about Cams terminology, architecture, and web application security in general. Cams software licenses are available starting at $2,995. Evaluation licenses, which include access to the production Cams policy server and Cams web agents, are available upon request.

Cafésoft develops and markets Cams, which is a secure, flexible, and affordable web single sign-on software solution. Businesses around the world use Cams to give employees, customers, and partners secure access to protected web applications and resources. By using Cams, customers: 1) improve time-to-market; 2) reduce development, support, and training costs; 3) enable secure business relationships; 4) improve security compliance and accountability; and, 5) simplify security implementation and management. Headquartered in San Diego, California, Cafésoft is a private company founded in March of 1996. More information can be found at http://www.cafesoft.com.

- 30 -

Cafésoft is a trademark of Cafésoft, LLC. All other trademarks, service marks, or registered trademarks are the property of their respective companies.