Andrew Hindle from Ping Identity was so kind to drop by our office to demonstrate how PingFederate works. We are off course eager learn all there is to learn about the commercial SAML 2.0 software out there.
PingFederate seems to be easy to setup. It comes with a self-contained appserver, and runs on a small set of platforms. Included support for one year. If you for some reason wants to pay for your SAML 2.0 software, this seems to be an OK choice.
PingFederate comes with a auto configuration tool called auto-connect. Seems to be useless for us, as it requires email as NameID format. At the same time it is meant to be used in Ping-only environments.
We have some people that is testing out PingFederate, and hopefully we can publish a short guide of how to connect PingFederate as a SAML 2.0 SP to Feide, for those interested.
Ping Identity is mostly familiar with commercial deployment use-cases, and don’t have much experience in the educational sector. Educational IdM systems tends to be two steps ahead of the enterprises (if you disagree, please comment). In example, commercial vendor SAML software does not seem to have good tools for large scale metadata distribution. Ping Federate is no exception here. Although it has a programatic interface to add metadata, you have to do the dirty work yourself.
Credits to Ping Identity for involving themselves in the Dynamic SAML work.
