Perimeter appliances for SAML SSO
My apologies if my question is slightly off topic but I was hoping to get
your thoughts on perimeter appliances for SAML SSO integration.
The short list I have currently is:
Conformity
Ping
Symplified
Pointers to existing published reviews and/or bake-offs would also be
appreciated.
Disclaimer: my question is discovery/research focused only to make sure I am
not missing a vendor worth consideration during due diligence. I have no
affiliation with any perimeter appliance vendor.
Thanks,
Joe
<<<>>>
Joe:
We have had one customer and one large prospect integrate with
SimpleSAML. It is an open-source php-based solution. I have not
played with it, but I intend to now. I was a bit surprised because,
well, it's php.
I have also tested against OpenSSO (which I found excessively complex)
and CAS (very .edu/web oriented). Both of those are java.
However, these are not appliances and may not meet your requirements.
HTH,
Nick
On Fri, Feb 11, 2011 at 2:02 PM, Joe White joe@cyberlocksmith.com wrote:
My apologies if my question is slightly off topic but I was hoping to get
your thoughts on perimeter appliances for SAML SSO integration.
The short list I have currently is:
Conformity
Ping
Symplified
Pointers to existing published reviews and/or bake-offs would also be
appreciated.
Disclaimer: my question is discovery/research focused only to make sure I am
not missing a vendor worth consideration during due diligence. I have no
affiliation with any perimeter appliance vendor.
Thanks,
Joe
<<<>>>
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
Yo Joe,
Keep in mind that SSO is one big Anti-Pattern, especially when
considering threats like CSRF. Consider forcing re-authentication for
high risk apps and features (like password or email edit).
-Jim Manico
http://manico.net
On Feb 12, 2011, at 4:03 AM, Nick Owen nowen@wikidsystems.com wrote:
Joe:
We have had one customer and one large prospect integrate with
SimpleSAML. It is an open-source php-based solution. I have not
played with it, but I intend to now. I was a bit surprised because,
well, it's php.
I have also tested against OpenSSO (which I found excessively complex)
and CAS (very .edu/web oriented). Both of those are java.
However, these are not appliances and may not meet your requirements.
HTH,
Nick
On Fri, Feb 11, 2011 at 2:02 PM, Joe White joe@cyberlocksmith.com wrote:
My apologies if my question is slightly off topic but I was hoping to get
your thoughts on perimeter appliances for SAML SSO integration.
The short list I have currently is:
Conformity
Ping
Symplified
Pointers to existing published reviews and/or bake-offs would also be
appreciated.
Disclaimer: my question is discovery/research focused only to make sure I am
not missing a vendor worth consideration during due diligence. I have no
affiliation with any perimeter appliance vendor.
Thanks,
Joe
<<<>>>
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org