Port of Antwerp-Bruges, one of Europe’s busiest ports, faced critical challenges with its existing Access Management (AM) solution. Their previous system, Oracle Access Manager, lacked support for modern authentication standards such as OpenID Connect (OIDC) and a choice of Multi-Factor Authentication (MFA) solutions. Additionally, it offered an unclear roadmap for future enhancements, making it incompatible with the port’s ambition to adopt Infrastructure as Code, enable federation with external identity providers, and design flexible, user-friendly authentication journeys. The port required a secure, future-proof AM platform that could deliver seamless integration, robust automation, and an improved user experience.

Download the full reference case

Download

FROM VISION TO REALITY: PROJECT IMPLEMENTATION JOURNEY

Over four years, IdentIT successfully delivered a comprehensive transformation to a modern Access Manager platform. The key objectives included seamless migration, enhanced security, legacy application integration, automation, improved monitoring, and streamlined user management, particularly during the merger with the Port of Bruges.

Seamless Migration

We carefully executed the transition from Oracle to the new platform, ensuring minimal disruption through tailored authentication journeys and a strategic “blue-green” migration approach.

This approach—keeping old and new systems running in parallel—allowed for a safe rollback option if needed, significantly reducing migration risk.

A key milestone in this process was the secure migration of user data—containing personally identifiable information (PII)—from the Oracle LDAP datastore to a new directory server, also LDAP based. Custom-developed Python scripts enabled a rapid yet reliable migration, reducing downtime to approximately twenty minutes while safeguarding data integrity and business continuity throughout the process.

Advanced Security & User Experience

Advanced security was significantly enhanced through the implementation of intelligent Multi-Factor Authentication (MFA) and OIDC protocols. IdentIT designed context-based MFA logic and utilized persistent cookies to streamline authentication processes, effectively reducing user fatigue and improving overall satisfaction and productivity.

Legacy Application Integration

IdentIT integrated legacy applications that lacked native support for modern authentication standards:

• Apache Web Agents were strategically deployed.
• Custom scripting enabled comprehensive Single Sign-On (SSO) across all applications.
• Centralizing authentication and access control into a single platform significantly improved governance, reduced complexity for end-users, and enhanced overall security.

Automation & DevOps Pipeline

Automation was critical to the project’s success, employing Infrastructure as Code (IaC) with Ansible and AWX. IdentIT’s automation was combined with Port of Antwerp-Bruges’s existing Ansible roles for server provisioning and firewall configuration, resulting in full-stack deployments that significantly accelerated setup and minimized human error.

This approach dramatically reduced AM setup times from hours to approximately twenty minutes and significantly accelerated deployment cycles. The robust DevOps pipeline allowed secure and efficient transitions from testing to production environments, minimizing risks during updates and feature releases.

“Automation, through Infrastructure as Code (IaC) with Ansible and AWX, dramatically reduced AM setup times from hours to approximately twenty minutes, significantly accelerating our deployment cycles and ensuring project success.”

Enhanced Monitoring and Logging

We improved system reliability and responsiveness through advanced monitoring and logging:

• Real-time monitoring implemented via Grafana dashboards.
• Centralized logging managed by the ELK stack.
• Real-time alerts promptly identified and addressed potential issues, such as a critical incident involving a virtual switch failure, which was quickly resolved, preventing broader system impacts.

User Integration Amidst Merger

To support the transition during the merger with the Port of Bruges, IdentIT implemented interim solutions that allowed the AM system to interact seamlessly with both directories. Once Port of Antwerp-Bruges completed the unification of their Active Directory environments, IdentIT helped streamline authentication flows and ensure continued operational continuity.

TANGIBLE OUTCOMES: EFFICIENCY, SECURITY, AND EXPERIENCE

The transformation delivered measurable outcomes, enhancing operational efficiency by significantly reducing AM deployment times, support ticket volumes related to access issues, and manual operational tasks. Security posture and user experience also notably improved.

IdentIT proactively overcame several platform limitations by implementing customized solutions for:

• Persistent cookie validation
• Cross-domain Single Sign-On (SSO)
• OAuth configuration management

NAVIGATING FORWARD: SECURING A FUTURE-PROOF AM INFRASTRUCTURE

Looking ahead, Port of Antwerp-Bruges plans to expand federated authentication with external identity providers, continuously optimize automation workflows, enhance monitoring capabilities, and proactively train internal teams. The AM infrastructure now stands robust, scalable, and ready for future challenges.