Overview: I have worked with and evaluated a couple of Services and Federation Server products. Here is an old pot of setting up claims, at the bottom I have some thoughts on different services/server products.
Background: SAML and WS-Federation protocols are standard Single Sign-On protocols, the following version exist:
Identity Provider (IdP) Products:
- SAML 1.0, SAML 1.1, SAML 2.0
SAML enables web-based authentication scenarios including cross-domain single sign-on (SSO). SAML is a token representing a principal that normally represents a user but can represent an app.
Other terms to understand:
- Identity provider (IdP) think ADFS/Azure ACS,
- Service provider (SP) is the SAML consumer in our context this is SharePoint but this can be an MVC app.
- Microsoft ADFS
- Ping Federate
- ThinkTexture Identity Server
- IBM Tivoli (CAM)
- Oracle Access Manager
- RSA Federated Identity Manager
- Entrust GetAccess
- Azure Active Directory