Here's our situation:
- we own a main portal, developed in ASP.Net 4.0
- There are a few other web portals within our organization, which would like to use our portal for authentication & SSO. These portals could be in any platform: PHP, classic ASP, JSP, etc
- And there are a few more external portals for which also we would like SSO. These external portals are well-known in advance and they are in a closed environment: meaning they would not prefer login attempts using random public OpenID authentications.
I've been going through various articles, both on StackOverflow and in general, for e.g What is the difference between OpenID and SAML? but I could not conclude which of the following is the best option for the above scenario:
- OpenID plus self-provider, using a library like DotNetOpenAuth ( http://www.dotnetopenauth.net/). Clients will trust only one OpenID provider: us.
- SAML, suing a library like ComponentSpace ( http://www.componentspace.com/saml)
- Any other better alternative?
All tips will be highly appreciated :)