On Thu, Sep 11, 2014 at 2:26 PM, Maarten van Hulsentop < maar...@vanhulsentop.nl> wrote:
> Dear Tomcat-users, > > We are investigating the best way to support SAML 2.0 (SP) authentication > with our application. Our application is using container managed > authentication provided by Tomcat, and works very well with basic > authentication, form authentication, SPnego and others. > > My expectation would be that it should be possible to add a Valve and a > Realm and have a 3rd party tool supply the SAML2 Relying Party > implementation. > > So far, we have identified a couple of possible candidates. > - Apache CXF Fediz. This project still seems young, but the integration > would be as i expect. > - Spring security might be possible to wrap into a Valve and Realm? > - Picketlink? As stated on > > https://docs.jboss.org/author/display/PLINK/SAML+Authenticators+(Tomcat,JBossAS) I have used picketlink with tomcat as SP and jboss wildfly as IDP and it worked very well. Picketlink works great but the support is rather thin. You may also want to check WSO2. regards Leon P.S. Both provide Filters not Valves.
