Introduction

If your IdP or SP is currently using a federative authentication product without SAML2.0 support your software need to be 'upgraded' in order to connect to SURFconext. Please find below a list with pointers to options available to be SAML2.0 compliant.

A-Select

A-Select does not support SAML2.0. There has been an Open Source variant of ASelect OpenASelect which does support SAML2.0,

Since the company Alfa & Ariss was taken over by Vasco the OpenASelect.org-website went into maintenance-state . The software (and documentation) is still downloadable via the websites of Cosmanova and Magic Coice B.V.).

There has been a fork of OpenASelect which is called Asimba. (see also the Dutch Automatiserings Gids: Open source pakket A-Select start door als Asimba). Information of Asimba can also be found on the Asimba project site of SourceForge.

Upgade options:

  • Asimba; based on A-Select and should be a relative simple upgrade.
  • simplesamlphp; An Open Source SAML2.0 application written in PHP.
    • For IdPs: simplesamlphp contains a module for A-Select IdPs. This module supports the A-Select protocol, including signing of requests. Not supported is A-Select Cross.
    • For SPs: take a look at  My First SP - PHP 
  • Shibboleth 2.x; A Java Based Open Source SAML2.0 application.
  • Any other SAML2.0 compliant software

SHIB13

The End Of Life date for Shibboleth 1.3 IdP and SP software was 30th June 2010.

Different between Shibboleth 1.3 and 2.0

An example weblink from http://www.ukfederation.org.uk/content/Documents/RollingIdPUpgrade

Upgrade options

WS-FED (ADFS1)

Upgrade options

  • upgrade your servers to Windows 2008 or later. You can deploy ADFS2 on these systems, which includes support your the SAML 2.0 protocol.
  • No labels