I have a rails app that is currently an affiliate site with my customer's SSO Identity Provider. Currently it uses the CA SiteMinder Affiliate Agent, which is an apache module. The underlying SSO architecture is abstracted away and my Rails app only has to parse and HTTP Header to receive the values from my customer's Identity Server. I now have to convert my site away from the SiteMinder Apache Module and use SAML. Does anyone have experience with how this should be implemented? Is there an Apache Module that can continue the abstraction I'm used to now, or will my Rails application be responsible for parsing the SAML assertions?
A:
OpenSAML is a library - it's not really a replacement for Site Minder. Perhaps you're thinking of OpenSSO. It is an open source product very similar to Site Minder that supports SAML and Apache.
Andrew Strong
2009-11-04 22:35:35