RSA Security Federated Identity (B2B SSO)

[gtuberson]

Any chance that ACEGI will support RSA security federated identity management system? The RSA security federated identity management has a secure Business-to-Business Single Sing-On (B2B SSO) feature. The underlying standard for the federated identity management is based on the Security Assertion Markup Language (SAML).

The reason why I’m asking this question is because I have developed a web application using ACEGI for the security framework and one of my clients has requested this feature. It is a little to late for me to change my security framework.

See this site for more information:
http://www.rsasecurity.com/node.asp?id=1192

Thanks,
Guy

[narmer65]

You might be interested in CAS from Yale. SAML is planned to be in 3.0. More info.

There is some pretty good information on how to get CAS working with Acegi on the reference page.

[Ben Alex]

Hi Guy

There are quite a few SSO solutions out there. Acegi Security can easily support any of them, as they all work in fundamentally similar ways and the necessary levels of abstraction already exist in Acegi Security (eg AuthenticationEntryPoints, AuthenticationProcessingFilters).

If you need to support RSA federated identity, I'd recommend basing your implementation on our existing CAS code. It's not too complicated to add support for another identity management system. I could help you out or complete the work on a consulting basis if you prefer (feel free to email me off-forum if this is of any interest).

Best regards
Ben