In this talk, i will deliver and share my experience as part of engineering team who build and maintain Single Sign On Services (SSO) using F/OSS. This talk is continuation from my paper on OpenSuse Asia 2017. Universitas Indonesia (UI) has been using F/OSS solution to deliver Single Sign On Infrastructure since 2011. We are using JASIG CAS (currently called Apereo CAS - https://github.com/apereo/cas - ) as our SSO engine. We use CAS to integrate multiple authentication sources to a centralized IDP from our internal apps and services from external vendor. We use CAS for our infrastructure services, network authentication, apps authentication and even Google Apps authentication. Our implementation is still based on CAS 3, and it began to slightly out of date to current auth protocol standard. In this talk, i will share our experiences on CAS update process to latest CAS 5.x to cope with current authentication standard and security enhancement.