简体繁体 English

市场上顶级的SAML 2.0身份提供商

[英]Top SAML 2.0 identity providers in the market

原文 2013-06-07 19:03:35 1 3 java/ authentication/ identity/ saml/ federated-identity

I am working on a product (service provider) which uses SAML 2.0 for authentication purpose. 我正在研究使用SAML 2.0进行身份验证的产品（服务提供商）。 Having said that I wanted to know what you all think are the top and most trusted identity providers that are in the market, that supports SAML 2.0 and if there is any data sheet available on the facts related to the top identity providers used today. 话虽这么说，我想知道大家都认为是市场上最受信任的身份提供者，它们支持SAML 2.0，以及是否有关于当今使用的顶级身份提供者的事实的数据表。

I have used Oracle's Identity Federation and IBM Tivoli. 我已经使用了Oracle的Identity Federation和IBM Tivoli。 I have also got good reviews about siteminder. 我对siteminder也有很好的评价。

thanks 谢谢
Nohsib 能西卜

3 个解决方案

I'm not aware of any statistics on usage so I can only give you a subjective view of what I've run into. 我不知道使用情况的任何统计信息，因此只能让您对所遇到的问题有一个主观的看法。 In mid-large corporations ADFS (Active Directory Federation Services) seems to be a good fit since it supports SAML 2.0 (or at least it supports it reasonably well) and many corporations already use AD, so the integration pain is pretty low. 在中型公司中，ADFS（Active Directory联合身份验证服务）似乎很合适，因为它支持SAML 2.0（或者至少它相当不错地支持它），并且许多公司已经在使用AD，因此集成痛苦非常低。

As a side note, as a Service Provider, it shouldn't really matter to you which IDP you're talking to. 附带说明一下，作为服务提供商，与您正在与哪个IDP对话并不重要。 If an IDP properly implements SAML (and that's admittedly a big if), it should just work. 如果IDP正确地实现了SAML（这无疑是很大的），那么它应该可以正常工作。 Beyond having some stock suggestions for clients when they ask about IDPs, you probably don't want to know the details. 当客户询问IDP时，除了为他们提供一些库存建议外，您可能还不想知道详细信息。 Unless you have a dedicated provisioning department with a fair bit of time on their hands, you really don't want to deal with helping clients set up their IDP. 除非您有专门的供应部门，而且他们的工作时间充裕，否则您真的不想处理帮助客户设置IDP的问题。

Refer: SAML-based products and services . 参考：基于SAML的产品和服务。

There's a whole raft of products that do this - among the ones I've use are OpenAM, shibboleth, Ping and simpleSAMLPHP. 有很多产品可以做到这一点-我使用的产品包括OpenAM，shibboleth，Ping和simpleSAMLPHP。

They all work - it depends on what language you're application is written in and how much you are prepared to pay. 它们都可以工作-这取决于您的应用程序使用哪种语言编写以及要支付多少费用。

Have a look at Gartner's Magic Quadrant reports. 看看Gartner的魔力象限报告。

SecureAuth，Ping Identity，Oracle，Shib和adfs 2.哦，天哪，今天几乎是顶级的saml idp（来源，我每天为大型组织安装idp）