Federation shouldn’t be this hard

I’ve been working with federation technologies since the early days of SAML 1.0 (circa November 2002) and in that time I have seen a lot of changes to the support for the standards from various vendors.

Some have been quicker than others to support the various standards. As a consultant I have either used or been exposed to most of the major IAM products on the market, such as Sun, IBM, CA, Oracle etc.

However, what surprises me even now is that even after 5 years of SAML, the amount of infrastructure and configuration that is needed to setup and use federation within most of the products is still quite considerable. I would have expected federation to be more of a commodity by now in terms of setup and configuration.

The only vendor that I have come across to date who does meet this criteria is Ping Identity with Ping Federate. I have used this product for some time and found that, not only is it easy to setup but in addition, it doesn’t require a lot of infrastructure behind it to get it working.

Hopefully, it will just be a matter of time before the major vendors catch up. Not that I should be complaining, its kept me in a job 🙂

Technorati Tags: , , , ,


3 thoughts on “Federation shouldn’t be this hard

  1. Hello Paul,

    I couldn’t agree with you more. I recently moved from supporting SiteMinder (you and I struggled through some certificate issues and general federation setup headaches) at CA to Ping Identity. Drop me a line, let me know how things are going for you all.

    Mark Bostley

  2. Pingback: Identity, Security & Me » Blog Archive » More of simplicity (or lack of it) in federation

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.