This question pops up frequently on the forums.
"I have written my own custom IDP / SP. How can I test it against some instance that's publicly available?"
There are a range of commercial products e.g. Tivoli, Oracle, Ping Identity. OpenAM which all deliver this functionality but they are complex to set up and are most certainly not free.
If you work in the Microsoft world and have a "spare" Windows server that's domain joined you can use ADFS. This runs on 2008 R2, 2012 and 2012 R2 and supports both IDP and SP mode.
Open source:
* Shibboleth
* and also Testshib
* simpleSAMLphp
Both these support IDP and SP mode.
Others:
* SSOCircle - IDP only
* Kentor - IDP only
* Feide OpenIDP - IDP only
* Salesforce developer - (IDP / SP)
Beware: These are often simplified and some security checks have been removed so the fact that your code works in these environments does not ensure that they will work in the real world.
There are also some commercial / open source implementations for SAML stacks. These often have test IDP and SP that you can run up for basic testing.
* ComponentSpace is one example.
* onelogin SAML Toolkits - open source
There are others.
Enjoy!
No comments:
Post a Comment