Abstract
This paper presents the experience of the authors with the deployment of a distributed authentication and authorization infrastructure for Web-based services. It introduces the steps in the evolution of the main characteristics of the software in which it is based (PAPI 1.2) as new functionalities were added, due both to user requests and user organization needs. There is also a discussion on how the system is evolving to incorporate a wider range of authentication procedures, to integrate a fully attribute-based approach to authorization, and to enhance personalization while preserving user privacy.
