[WEB SECURITY] Compare open source SAML solution implementation framework

Nick Owen nowen at wikidsystems.com
Thu Sep 8 16:54:02 EDT 2011

On Thu, Sep 8, 2011 at 4:25 PM, John <perl5.e6 at gmail.com> wrote:
> Hello,
> Looking to get few tips on finding open source SAML solutions to
> achieve SSO. I understand,
> http://saml.xml.org/wiki/saml-open-source-implementations is a
> plausible list. However, found that jsso is good contender. What's
> other solutions out there ? Please provide your thoughts and
> suggestions in helping picking a solution with limited constraints.

Background:  I do a lot of "how to add two-factor authentication to
your X" tutorials for our website and other sites.  I typically play
with stuff enough to get it working and document it.  So my knowledge
is cursory, but broad.

That's a pretty good list. I do not see CAS on the list.  I have
played with CAS and got it working with Radius, once, but then could
not replicate it and did not document it.  There's a lot of maven
builds that have to happen. I dropped it.  I got OpenSSO installed and
running, but frankly was so confused by the UI and terminology that I
couldn't make any headway, so I dropped that too.  Many of them are no
actively developed.   I know a couple of our customers use simpleSaml
b/c the like php.

I'm a big fan of JOSSO. (disclosure: we're partners).  I was able to
quickly create and document a working, basic solution and felt I could
easily add more complexity.  I worked with their Enterprise version,
which includes support for our Community & Enterprise version. It is
actively developed and the people are nice.  My tutorial on it is
here: http://www.howtoforge.com/adding-two-factor-authentication-to-josso



Nick Owen
WiKID Systems, Inc.
Commercial/Open Source Two-Factor Authentication

More information about the websecurity mailing list