Feide RnD: simpleSAMLphp
SimpleSAMLphp is a simple application written in native PHP that deals with authentication. SimpleSAMLphp supports several federation protocols, authentication mechanisms and can be used both for local authentication, as a service provider or as an identity provider. simpleSAMLphp can even be used to bridge other federation protocols, in example allowing you to setup a Shibboleth 1.3 Service Provider in a SAML 2.0 Federation (or the other way around).
The main feature of simpleSAMLphp is that it's extremely simple to install and maintain.
The simple nature of simpleSAMLphp does not restrict it from scaling very well. By using the built-in optional session handler, it support replicating sessions onto a memcache cluster, which gives you real fail-over and load-balancing.
simpleSAMLphp is supported by a broad open source community in the educational sector in Europe. In example the Danish educational federation is built entirely upon simpleSAMLphp.
simpleSAMLphp support both:
- SAML 2.0 IdP
- SAML 2.0 SP
- Shibboleth 1.3 IdP
- Shibboleth 1.3 SP
- A-Select IdP
- A-Select SP
- CAS for remote authentication
Also the following protocols are in progress beeing implemented:
- PAPI SP
- PAPI IdP
- OAuth (or Open Authentication) for delegation of web services
- OpenID 2.0 provider and consumer, as well as bridging support
If you plan in integrating an web application with simpleSAMLphp, that should be easy to do. There already exists integration components between a set of web application and simpleSAMLphp.