I am evaluating different protocols and software packages for my SSO project and I was thinking about the pros and cons of making an SSO system with SAML and one with something like CAS or Shibboleth. I couldn't really find any reason why I should choose SAML over Shibboleth or CAS since these two SSO solutions not only support SAML, but also many more functions that I otherwise have to implement.
Any ideas?
The important thing that shibboleth offers is that it has 2 servers, SP and IDP, to be clear the SP communicate with any IDP over the network, simply and only with configurations you can get an SSO working perfectly and it's respect the SAML norms.
For example, you have a site that can be authenticated from multiple companies, each company has it's identity system, you don't have to deal with how they connect to their system (CAS, shibboleth idp ...) but only how to protect your data, just with sharing metadatas over this federation.
