[WEB SECURITY] Compare open source SAML solution implementation framework
th3d34d at gmail.com
Thu Sep 8 19:54:53 EDT 2011
We are working with some guys from RedHat implementing a solution
using JBOSS Picket Link.
Until now everything is going ok.
On Thu, Sep 8, 2011 at 5:54 PM, Nick Owen <nowen at wikidsystems.com> wrote:
> On Thu, Sep 8, 2011 at 4:25 PM, John <perl5.e6 at gmail.com> wrote:
>> Looking to get few tips on finding open source SAML solutions to
>> achieve SSO. I understand,
>> http://saml.xml.org/wiki/saml-open-source-implementations is a
>> plausible list. However, found that jsso is good contender. What's
>> other solutions out there ? Please provide your thoughts and
>> suggestions in helping picking a solution with limited constraints.
> Background: I do a lot of "how to add two-factor authentication to
> your X" tutorials for our website and other sites. I typically play
> with stuff enough to get it working and document it. So my knowledge
> is cursory, but broad.
> That's a pretty good list. I do not see CAS on the list. I have
> played with CAS and got it working with Radius, once, but then could
> not replicate it and did not document it. There's a lot of maven
> builds that have to happen. I dropped it. I got OpenSSO installed and
> running, but frankly was so confused by the UI and terminology that I
> couldn't make any headway, so I dropped that too. Many of them are no
> actively developed. I know a couple of our customers use simpleSaml
> b/c the like php.
> I'm a big fan of JOSSO. (disclosure: we're partners). I was able to
> quickly create and document a working, basic solution and felt I could
> easily add more complexity. I worked with their Enterprise version,
> which includes support for our Community & Enterprise version. It is
> actively developed and the people are nice. My tutorial on it is
> here: http://www.howtoforge.com/adding-two-factor-authentication-to-josso
> Nick Owen
> WiKID Systems, Inc.
> Commercial/Open Source Two-Factor Authentication
> The Web Security Mailing List
> WebSecurity RSS Feed
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> websecurity at lists.webappsec.org
More information about the websecurity