I am evaluating different protocols and software packages for my SSO project and I was thinking about the pros and cons of making an SSO system with SAML and one with something like CAS or Shibboleth. I couldn't really find any reason why I should choose SAML over Shibboleth or CAS since these two SSO solutions not only support SAML, but also many more functions that I otherwise have to implement.
Any ideas?
The important thing that Shibboleth offers is that it has 2 servers, SP (Service Provider) and IDP (Identity Provider). The SP server communicate with any IDP sever over the network, simply and only with configurations you can get an SSO working perfectly and it respects the SAML norms.
For example, you have a site that can be authenticated from multiple companies credentials, each company has it's own identity system, you don't have to deal with how they connect to their systems (CAS, shibboleth idp ...) but only how to protect your data using SAML2, this is done by sharing metadatas over this federation.
