DevCentral Article on Anonymous Human Authentication
An interesting article was posted to the F5 devcentral site yesterday on using BigIPs (surprise!) as an authentication service, with the intent of validating and authorizing 'anonymous' access to humans while restricting access to our non-human friends. It's an interesting idea where requests from non-authorized users or bots never hit your app tier (or even your web tier) and your authorized users need only to authenticate once--not on every request.
I'd love to know what other folks out there are using to authenticate their own site's users, especially if it is something other than CAS. I don't really know enough about CAS to say one way or the other how great or terrible it is, so if anyone has any opinions on it they'd like to share, that would be super.