I've been tasked with building out SSO. It looks like my only real option is implementing a CAS server/client with a paid solution like OneLogin or rbCAS (open).<p>- https://www.onelogin.com/
- https://github.com/rbCAS/CASino<p>1. Do I have more options besides the above? If so, which?
2. Is there a better solution besides CAS (http://jasig.github.io/cas/4.0.0/index.html)?<p>Recommendations are welcome. Thanks in advance.
I think you do have options. Take a look at SAML-R (SP) [1] and Ruby SAML IDP (IdP) [2]<p>They aren't perfect but can get you up and running in relatively short time. They are also excellent in showing how things are done.<p>I worked with them before - implementing a solution where a single app acted as a SP and IdP in development env (great for validation).<p>[1] <a href="https://github.com/zendesk/samlr" rel="nofollow">https://github.com/zendesk/samlr</a>
[2] <a href="https://github.com/lawrencepit/ruby-saml-idp" rel="nofollow">https://github.com/lawrencepit/ruby-saml-idp</a>
I had pretty good experience with building authentication/identity providers with Doorkeeper in Rails. Your clients would then use Omniauth or the Oauth2 directly to login via that provider. I'm boarding a plane right now, so that pulling those projects up for you is a bit tedious but just google them. Cheers!