Using SAML 2.0 & Rails?


#1

Is anyone using SAML for federated SSO? What tools are you using? What worked? What didn’t work?


#2

I’ve mainly used OAUTH2, but had a couple of small projects using SAML. I created a gem saml_tools to help with things like creating SAML documents from erb templates, and reading and writing data into SAML. There is also a demo app: saml_tools_demo.

In the saml_tools README, I’ve listed a number of resources that I found helpful.

I’d highly recommend that you look at ruby-saml. It’s a port from similar tools written in other languages (Java and PHP), so the code is a little busy for a ruby app, but the functionality is good.

Oh! and SAML is hard work - mainly because it’s XML based. If you’re anything like me, you’ll be yearning for simple straight-forward data structures such as JSON, after a couple of days in SAML land.


#3

As a follow up, I’m using the ruby-saml gem from OneLogin. It seems to handle the nitty gritty parts of SAML without much problem.

Locally, I’m testing using simplesamlphp.org. It seems to work pretty well for what I need, and the getting started documentation is pretty good.