Federation shouldn’t be this hard
I’ve been working with federation technologies since the early days of SAML 1.0 (circa November 2002) and in that time I have seen a lot of changes to the support for the standards from various vendors.
Some have been quicker than others to support the various standards. As a consultant I have either used or been exposed to most of the major IAM products on the market, such as Sun, IBM, CA, Oracle etc.
However, what surprises me even now is that even after 5 years of SAML, the amount of infrastructure and configuration that is needed to setup and use federation within most of the products is still quite considerable. I would have expected federation to be more of a commodity by now in terms of setup and configuration.
The only vendor that I have come across to date who does meet this criteria is Ping Identity with Ping Federate. I have used this product for some time and found that, not only is it easy to setup but in addition, it doesn’t require a lot of infrastructure behind it to get it working.
Hopefully, it will just be a matter of time before the major vendors catch up. Not that I should be complaining, its kept me in a job 
Technorati Tags: federation, ping, identity, software, configuration
on April 10th, 2007 at 3:54 pm
Hello Paul,
I couldn’t agree with you more. I recently moved from supporting SiteMinder (you and I struggled through some certificate issues and general federation setup headaches) at CA to Ping Identity. Drop me a line, let me know how things are going for you all.
Mark Bostley
on April 14th, 2007 at 7:17 pm
Curious if you have seen http://duckdown.blogspot.com/2007/04/federated-identity-and-industry.html
on April 15th, 2007 at 9:09 pm
[…] Federation shouldn’t be this hard […]