NEWS RELEASE

Cams 3.0 Web Single Sign-on Update
Offers Automatic Enterprise Sign-On

San Diego, CA, November 18, 2009 - Cafésoft announced today that it is now shipping an update to the 3.0 release of the Cafésoft Access Management System (Cams™). This new Cams release enables customers to use their Windows desktop login or virtually any other third-party or legacy authentication system to automatically logon to Cams web single sign-on and centralized access management system. With this new feature, known as Cams Automatic Enterprise Sign-on (AESO), customers achieve transparent authentication and security management to web and application servers supported by Cams such as Apache, IIS, Sun ONE, BEA WebLogic, IBM WebSphere, JBoss, Oracle and Tomcat.

"The release of Cams 3.0 with Automatic Enterprise Sign-on represents another significant company milestone," said Norbert Kuhnert, Cafésoft Partner. " Customers including NASA, the German Federal Government, Panda Restaurant Group, British Police Information Technology Organization (PITO) and the United States Department of Defense are using Cams to provide single sign-on for and protect their important web resources. Now, with Cams AESO, they can leverage existing enterprise authentications to automatically and transparently provide secure login to the wide range of web and application servers Cams protects."

Cams Automatic Enterprise Sign-On (AESO) enables transparent user authentication into Cams by trusting an enterprise user identity established outside of Cams. For example, scenarios where customers will find Cams AESO useful include:

• Windows Domain Login - Use an existing Windows Domain login to transparently authenticate desktop users into Cams by configuring the Cams IIS web agent and Cams AESO with roles and privileges assigned by the Windows Domain Active Directory.
• Kerberos Realm Login - Use the Apache web server, mod_auth_kerb with the Cams Apache web agent to use the Kerberos protocol to authenticate users to an MIT Kerberos KDC, a Heimdal Kerberos KDC, or a Windows Domain.
  
• Smart Card Login - Use smart cards, like the US military Common Access Card (CAC), by sending the cards X.509 certificate or other artifacts of an existing user login to a Cams policy server.
  
• One Time Password (OTP) Login - Use Cams AESO with RSA SecurID, DIGIPASS and other OTP devices by sending the authenticated user name and/or other artifacts of the user login to a Cams policy server.
  
• Biometric Login - Login using fingerprint readers, iris scanners and other biometric devices with Cams AESO by sending the authenticated user name and other artifacts of the user login to a Cams policy server.
• Third Party Application Login - Use other third-party web sso solutions (such as CA SiteMinder, Oracle Access Manager, IBM Tivoli Access Manager, etc.), existing web portals, or existing web applications with Cams AESO to transparently create a Cams web SSO session based on an existing application session cookie, HTTP header value, or other authenticated user artifacts.
  
• HTTP Basic or Digest Login - Use any web server with a Cams web agent and Cams AESO to transparently create a Cams session based on HTTP Basic or HTTP Digest user authentication.

In addition to Cams AESO, this Cams policy server and web agent update also includes many minor enhancement such as:

• Improved internalationalization with character encoding/decoding support
• New login modules for broader directory server integration
• Improved LDAP login module exception handling
• New map callback handler supports any callback values send with a Cams authentication request
• Linux web agent distributions available in RPM Format
• Web agent support for OpenSSL 0.9.8 and other OpenSSL enhancements
• Support for use of Cams with WebDAV
• Support for creation of secure-only cookies
• Configurable Cams session cookie domain depth

Cams makes sites more secure and manageable by centralizing web application security policy decisions and management, rather than implementing security within web applications and web servers. This centralized approach to web security enables companies to reduce development and administration time, complexity and costs, while improving time-to-market, site security and software life-cycle flexibility. Cams also provides web single sign-on to eliminate the cost, risk and pain associated with multiple user accounts and sign-ons for the same web site.

The Cams service oriented architecture provides the security middleware foundation to easily deploy customized solutions into heterogeneous environments. The lightweight, Java-based Cams policy server is easy-to-install and configure and scales to meet the requirements of large enterprise sites. Cams virtual directory facilitates integration with one more user directories, including Microsoft Active Directory, LDAP servers, SQL databases and more. Other product features include:

• Web single sign-on to web and J2EE application servers
  
• Access control based on roles (RBAC), HTTP query parameters, database values, date/time, location and custom rules
  
• Simplified and centralized security policy administration
  
• Security event logging, analysis and real-time notification
  
• Flexible customizations via open APIs
  
• Cross-platform support including Windows, Linux and Solaris

A free Cams Tour is available online at http://www.cafesoft.com. The Cams Tour is the best way to learn about Cams terminology, architecture and web application security in general. Cams software licenses are available starting at $9,995. Free evaluation licenses, which have access to the production Cams policy server and web agents, are available for download upon request .

Cafésoft develops and markets Cams, which is a secure, flexible and affordable web single sign-on and access management software solution. Organizations around the world use Cams to give employees, customers and partners secure access to protected web content and applications. By using Cams, customers: 1) simplify and accelerate web application security implementation and management; 2) reduce web application software lifecycle costs; and, 3) improve security compliance and accountability. Please see http://www.cafesoft.com for more information.

- 30 -

Cafésoft is a trademark of Cafésoft, LLC. All other trademarks, service marks, or registered trademarks are the property of their respective companies.