Hi guys, I'm currently evaluating possible frameworks to use for my Single Sign On project (SSO).
ESOE [1] and OpenSSO [2] both very promising, but both have their pros and cons. I didn't have a detailed look at JOSSO [3] yet. ESOE is licensed under the Apache 2.0 license, supports Shibboleth and OpenID (don't know yet which versions) and has authentication support for LDAP, Active Directory, and many more (comming). It also has support for multi-factor authentication. The downside of ESOE is that there isn't yet any final version available. It also can't act as a OpenID identity provider (OP) and needs an Apache module or IIS filter to act as an SAML provider. OpenSSO on the other hand has full SAML 2.0 support, but lacks a bit regarding OpenID which isn't supported by default. There is an extension which allows OpenSSO to act as a OpenID 1.1 OP, but doesn't have RP support. OpenID is licensed under Sun's Common Development and Distribution License (CDDL). So the next thing I'll do is to dig into JOSSO [3]. Do you know any other framework which I should consider? Regards, Markus -- [1] http://esoeproject.org [2] http://opensso.dev.java.net [3] http://www.josso.org _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
