[WEB SECURITY] Compare open source SAML solution implementation framework

The Dead th3d34d at gmail.com
Thu Sep 8 19:54:53 EDT 2011


We are working with some guys from RedHat implementing a solution
using JBOSS Picket Link.
Until now everything is going ok.



On Thu, Sep 8, 2011 at 5:54 PM, Nick Owen <nowen at wikidsystems.com> wrote:
> On Thu, Sep 8, 2011 at 4:25 PM, John <perl5.e6 at gmail.com> wrote:
>> Hello,
>> Looking to get few tips on finding open source SAML solutions to
>> achieve SSO. I understand,
>> http://saml.xml.org/wiki/saml-open-source-implementations is a
>> plausible list. However, found that jsso is good contender. What's
>> other solutions out there ? Please provide your thoughts and
>> suggestions in helping picking a solution with limited constraints.
> Background:  I do a lot of "how to add two-factor authentication to
> your X" tutorials for our website and other sites.  I typically play
> with stuff enough to get it working and document it.  So my knowledge
> is cursory, but broad.
> That's a pretty good list. I do not see CAS on the list.  I have
> played with CAS and got it working with Radius, once, but then could
> not replicate it and did not document it.  There's a lot of maven
> builds that have to happen. I dropped it.  I got OpenSSO installed and
> running, but frankly was so confused by the UI and terminology that I
> couldn't make any headway, so I dropped that too.  Many of them are no
> actively developed.   I know a couple of our customers use simpleSaml
> b/c the like php.
> I'm a big fan of JOSSO. (disclosure: we're partners).  I was able to
> quickly create and document a working, basic solution and felt I could
> easily add more complexity.  I worked with their Enterprise version,
> which includes support for our Community & Enterprise version. It is
> actively developed and the people are nice.  My tutorial on it is
> here: http://www.howtoforge.com/adding-two-factor-authentication-to-josso
> HTH,
> Nick
> --
> Nick Owen
> WiKID Systems, Inc.
> 404.962.8983
> http://www.wikidsystems.com
> Commercial/Open Source Two-Factor Authentication
> _______________________________________________
> The Web Security Mailing List
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> http://twitter.com/wascupdates
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

More information about the websecurity mailing list