I’ve been working with federation technologies since the early days of SAML 1.0 (circa November 2002) and in that time I have seen a lot of changes to the support for the standards from various vendors.
Some have been quicker than others to support the various standards. As a consultant I have either used or been exposed to most of the major IAM products on the market, such as Sun, IBM, CA, Oracle etc.
However, what surprises me even now is that even after 5 years of SAML, the amount of infrastructure and configuration that is needed to setup and use federation within most of the products is still quite considerable. I would have expected federation to be more of a commodity by now in terms of setup and configuration.
The only vendor that I have come across to date who does meet this criteria is Ping Identity with Ping Federate. I have used this product for some time and found that, not only is it easy to setup but in addition, it doesn’t require a lot of infrastructure behind it to get it working.
Hopefully, it will just be a matter of time before the major vendors catch up. Not that I should be complaining, its kept me in a job 🙂