Internet SSO for commercial applications PingIdentity

Companies in virtually every industry are now enhancing or expanding their product offerings via additional functionality delivered via the Internet.

These companies differ from pure on-demand (SaaS) providers in that their products are more than software. They also tend to be larger, more established companies such as Rearden Commerce or Morgan Stanley that have multiple federated identity use cases. These types of companies use PingFederate in a hybrid manner. They support both incoming Single Sign-On for their customers, as well as outgoing SSO for their employees.
PingFederate is a particularly good choice for this use case because pricing is connection-based, versus seat-based, the model most common with identity management products designed to manage employee identities.

 

SaaS and BPO providers use PingFederate both to establish SAML-based Internet SSO connections with their customers and to create services mashups.

More Here

Courtesy:http://www.pingidentity.com/tech-answers/use-cases/sso-for-customer-facing-apps.cfm

SaaS Connector PingIdentity

SaaS Connectors install within PingFederate running as an IdP to expedite and optimize creating connections to leading SaaS providers.
SaaS Connectors offer additional functionality including support for automated SaaS user account management, non-browser-based access devices, including email clients and mobile apps; support for advanced use cases, such as email links; and support for proprietary SSO APIs. Specific functionality varies depending on the capabilities and requirements of the target SaaS applications. Quick Connection Templates guide you through configuration of the SaaS connection, pre-populating configuration information where possible.
SaaS Connectors are currently available for Salesforce, Google Apps, Webex, and Workday with more connectors planned for future release.

More Here

Courtesy:http://www.pingidentity.com/tech-answers/use-cases/SaaSConnector-use-cases.cfm

SSO to external/SaaS Applications PingIdentity

Federated identity has evolved into an essential ingredient of Internet security technologies. As the number of Software-as-a-Service applications continue to grow the ability to implement Internet SSO and federated identity has become a fundamental use case for virtually every major SaaS provider.
While some SaaS providers started by offering a proprietary SSO mechanism, the industry trend is moving toward support of standards such as SAML 2. This allows employees, contractors or other members of an enterprise workforce to use their corporate credentials to access external applications.
In this use case, PingFederate connects to one or more service providers such as Software as a Service (SaaS) providers, enterprise applications hosted on an IaaS platform (Amazon EC2), enterprise applications developed using a PaaS provider (Force.com) or Business Process Outsourcing (BPO) suppliers that provide applications for employee use. The enterprise can provide SSO access to external applications from multiple devices including Web browsers, mobile devices and rich clients such as Microsoft Outlook. Employees benefit from SSO access whether they are in the office or on the road. PingConnect can also support this use case for small to medium enterprises who prefer a hosted solution, eliminating the need for on-premise hardware and IT resources.

SaaS Connectors provide support for advanced use cases, including user account management, and optimize the creation and configuration of connections.

 

In this use case, an enterprise uses PingFederate to give its workforce easy and secure access to external cloud based applications provided by IaaS, PaaS SaaS, outsourcers and other service providers.

More Here

Courtesy:http://www.pingidentity.com/tech-answers/use-cases/outbound-sso.cfm

New Active Directory Connector Simplifies User Authentication

OneLogin announces its Active Directory Connector that enables the authentication of cloud application users against an organization's Active Directory.

While IT benefits from having a single directory integration point, employees can use their Windows credentials to access web applications, hosted in the cloud and behind the firewall. By eliminating the need for employees to remember several usernames, passwords and login URLs, OneLogin increases the adoption of cloud applications and reduces the security risks inherent with the repeated use of weak login credentials.

“Enterprises are keen to reap the benefits of cloud computing, but do not want to abandon their existing IT infrastructure,” explains Thomas Pedersen, CEO at OneLogin. “Our new Active Directory Connector allows them to extend their directories deep into the cloud with no custom development required.”



As enterprises continue to adopt cloud computing, integrating their existing directory with various applications’ proprietary authentication APIs poses both security risks and maintenance headaches. OneLogin’s Active Directory Connector provides a single integration point that enables enterprises to centralize authentication, eliminate passwords and make it easier for employees to access web applications.

OneLogin enables any enterprise to get single sign-on within minutes via Security Assertion Markup Language (SAML). Users can easily and securely connect to SAML enabled applications, such as Salesforce, WebEx, Google Apps, Workday, Yammer, Central Desktop, SugarCRM, KnowledgeTree, SAManage and many others.

More Here

Courtesy:http://blog.onelogin.com/blog/2010/12/13/new-active-directory-connector-simplifies-user-authenticatio.html

SAML Plug-In for WordPress

WordPress has long been one of the most popular integrations among our customers and some customers manage multiple WordPress accounts with many contributors. The original WordPress integration uses form-based authentication, which means we simply automate the login process using email address and password.

However, since we're on a crusade against passwords and WordPress has a nice plug-in framework, we decided to implement a SAML plug-in that you can use with OneLogin. In addition to simply eliminating passwords, the SAML integration provides these benefits:

* Easy, one-click access to WordPress
* Users can sign in with their Active Directory or LDAP credentials
* Multi-factor authentication for added security
* Centrally de-provision former employees and contractors

Plug-ins are available to anyone who hosts WordPress themselves (i.e. not on wordpress.com) and you can add it in a matter of seconds. Just click Plugins in WordPress' sidebar and search for SAML. OneLogin's plug-in will appear at the top.

More Here

Courtesy:http://blog.onelogin.com/