Hello, Looking to get few tips on finding open source SAML solutions to achieve SSO. I understand, http://saml.xml.org/wiki/saml-open-source-implementations is a plausible list. However, found that jsso is good contender. What's other solutions out there ? Please provide your thoughts and suggestions in helping picking a solution with limited constraints. Cheers, John

On Thu, Sep 8, 2011 at 4:25 PM, John <perl5.e6@gmail.com> wrote: > Hello, > Looking to get few tips on finding open source SAML solutions to > achieve SSO. I understand, > http://saml.xml.org/wiki/saml-open-source-implementations is a > plausible list. However, found that jsso is good contender. What's > other solutions out there ? Please provide your thoughts and > suggestions in helping picking a solution with limited constraints. Background: I do a lot of "how to add two-factor authentication to your X" tutorials for our website and other sites. I typically play with stuff enough to get it working and document it. So my knowledge is cursory, but broad. That's a pretty good list. I do not see CAS on the list. I have played with CAS and got it working with Radius, once, but then could not replicate it and did not document it. There's a lot of maven builds that have to happen. I dropped it. I got OpenSSO installed and running, but frankly was so confused by the UI and terminology that I couldn't make any headway, so I dropped that too. Many of them are no actively developed. I know a couple of our customers use simpleSaml b/c the like php. I'm a big fan of JOSSO. (disclosure: we're partners). I was able to quickly create and document a working, basic solution and felt I could easily add more complexity. I worked with their Enterprise version, which includes support for our Community & Enterprise version. It is actively developed and the people are nice. My tutorial on it is here: http://www.howtoforge.com/adding-two-factor-authentication-to-josso HTH, Nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication

Hello. We are working with some guys from RedHat implementing a solution using JBOSS Picket Link. Until now everything is going ok. http://www.jboss.org/picketlink TH3D34D On Thu, Sep 8, 2011 at 5:54 PM, Nick Owen <nowen@wikidsystems.com> wrote: > On Thu, Sep 8, 2011 at 4:25 PM, John <perl5.e6@gmail.com> wrote: >> Hello, >> Looking to get few tips on finding open source SAML solutions to >> achieve SSO. I understand, >> http://saml.xml.org/wiki/saml-open-source-implementations is a >> plausible list. However, found that jsso is good contender. What's >> other solutions out there ? Please provide your thoughts and >> suggestions in helping picking a solution with limited constraints. > > Background:  I do a lot of "how to add two-factor authentication to > your X" tutorials for our website and other sites.  I typically play > with stuff enough to get it working and document it.  So my knowledge > is cursory, but broad. > > That's a pretty good list. I do not see CAS on the list.  I have > played with CAS and got it working with Radius, once, but then could > not replicate it and did not document it.  There's a lot of maven > builds that have to happen. I dropped it.  I got OpenSSO installed and > running, but frankly was so confused by the UI and terminology that I > couldn't make any headway, so I dropped that too.  Many of them are no > actively developed.   I know a couple of our customers use simpleSaml > b/c the like php. > > I'm a big fan of JOSSO. (disclosure: we're partners).  I was able to > quickly create and document a working, basic solution and felt I could > easily add more complexity.  I worked with their Enterprise version, > which includes support for our Community & Enterprise version. It is > actively developed and the people are nice.  My tutorial on it is > here: http://www.howtoforge.com/adding-two-factor-authentication-to-josso > > HTH, > > Nick > > -- > Nick Owen > WiKID Systems, Inc. > 404.962.8983 > http://www.wikidsystems.com > Commercial/Open Source Two-Factor Authentication > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org >