yanivmn/open-source-sso.md

Forked from bmaupin/open-source-sso.md

Last active December 5, 2024 03:47

Star (46) You must be signed in to star a gist
Fork (6) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/yanivmn/16e5fdf75d2de28650b00a150209d734.js"></script>
Save yanivmn/16e5fdf75d2de28650b00a150209d734 to your computer and use it in GitHub Desktop.

Download ZIP

Comparison of open-source SSO implementations

Raw

open-source-sso.md

	Aerobase	Keycloak	WSO2 Identity Server	Gluu	CAS	OpenAM	Shibboleth IdP
OpenID Connect/OAuth support	yes	yes	yes	yes	yes	yes	third-party
Multi-factor authentication	yes	yes	yes	yes	yes	yes	yes
Admin UI	yes	yes	yes	yes	yes	yes	no
OpenJDK support	yes	yes	yes			yes	no
Identity brokering	yes	yes	yes
Middleware	NGINX, Wildfly	Wildfly, JBOSS	WSO2 Carbon	Jetty, Apache HTTPD	any Java app server	any Java app server	Jetty, Tomcat
Open source	yes	yes	Note 1	yes	yes	yes	yes
Commercial support	yes	no	yes	yes	third-party	yes	third-party
Add federation metadata	no	no					yes
Add metadata from URL	no	no					yes
Installation	trivial	easy					difficult

The downloadable binaries on their site don't appear to include the latest security patches. While you could compile and package yourself from the source code, it's not clear if the latest security patches are open-sourced. (http://lists.jboss.org/pipermail/keycloak-user/2016-August/007281.html)

ahochsteger commented Apr 8, 2019 •

edited

Loading

Information about federation metadata + metadata from URL for WSO2 Identity Server can be found here: https://docs.wso2.com/display/IS570/Configuring+SAML2+Web+Single-Sign-On

The Carbon Middleware is running on Apache Tomcat (see https://docs.wso2.com/display/IS570/Running+the+Product).

nikos commented Jun 13, 2019

It might be interesting to add also FusionAuth as open-source solution to the comparision chart (I am not connected to them in any way, just a developer who recently figured out it might be good alternative especially if you also look for a commercial support in an enterprise environment).

Keycloak and FusionAuth Comparison

Author

yanivmn commented Jun 13, 2019

N.P, please send a PR

vburghelea commented Oct 2, 2019

@nikos FusionAuth is not open source - it's just free as in beer.

vanjaaaa commented Apr 29, 2020

Seems that I also don't understand **is FusionAuth it free and/or opensource or not..**at several docs is declared as opensource, but here I found some pricing https://www.capterra.com/p/182987/FusionAuth/ So, does anybody know exactly?
Btw - Free means free to install, and open-source free to get (and change) code, right?

For my company I need to compare also several sso solutions (free and opensource only) , from this list: https://en.wikipedia.org/wiki/List_of_single_sign-on_implementations
Except from that list, FusionAuth is also required to be included! (gluu and openAM not, I don't know why)
So I am in doubt is FusinAuth free or not, but anyway I also recommend adding it at my research and also in above list:)

At my excel I have separated columns free and opensource.
For better comparison and understanding of sso solutions I also added this columns which I can recommend
to anyone who work on similar :
-"authorization supported?" (for several only authentication is),
-installation? (easy medium difficult),
-integration? (with different FE BE technologie, also e/m/d),
-mobile apps? (android, ios) supported or not
-Liveness (num /frequency of releases , github issues resolvance etc) ,
-Modern/popular?
..
I need to go more in depth to several solutions next weeks, so
anyone who work on similar - do not hesitate to contact me to share information and knowledge:)

MyGIS commented May 13, 2021

Thank you for the nice comparison. Do all these require an installation on a server such as Windows or Linux? Is there any of these that can be sued on shared hosting? Thanks.