Lmst

🌟 LemonLDAP::NG 2.22.1 released!

ℹ️ Some regressions were fixed, plan your upgrades!

➡️ https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-22-1-is-out/

#IAM #SSO #CAS #SAML #OpenIDConnect #OpenSource #LogicielLibre #Perl

Manual IDP support = pure dinner-table chaos:
Okta Uncle shouting, Azure AD Dad quoting page 92 docs, Google Workspace Cousin “accidentally” changing formats, Custom SAML Uncle holding handwritten XML…

Developer: surrounded by burning XML.
SSOJet: “Unified SSO, served hot.” 🍽️😂

#IAM #SSO #SAML #OIDC #Authentication #DevOps #DeveloperLife #Cybersecurity #TechHumor #SSOJet

Every engineering team has seen it: mismatched claims, XML loops, signature-validation errors, redirect issues, certificate failures, or SCIM provisioning chaos.

Share your most painful SAML / OIDC / SCIM moment below 👇😭
Let’s help the community decompress.

SSOJet exists because SSO shouldn’t take weeks or break teams to implement.

#SSO #SAML #OIDC #SCIM #IAM #infosec #devlife #webdev #foss

Growth shouldn’t be a penalty.

Auth0’s MAU-based pricing punishes successful SaaS teams with unpredictable bills and gated features.

🔧 SSOJet offers a flat-rate identity platform — same enterprise features (SAML, SCIM, MFA) without the exponential cost curve.

Cut your Auth0 bill by 70%. Keep your features.

🔗 Read the guide: How to Cut Your Auth0 Bill by 70% Without Losing Enterprise Features

https://ssojet.com/blog/how-to-cut-your-auth0-bill

#Auth0 #SSO #IAM #Developers #SaaS #SCIM #SAML #B2BSaaS

“We can’t sign without SAML.”

That’s when weeks vanish mapping XML.

Plug SSOJet → adds SAML/OIDC & SCIM in hours.

Keep your auth, skip the chaos.

Enterprise SSO done fast.

#SSO #SAML #OIDC #SCIM #DeveloperTool

Auth0’s developer trust is fading fast.

Support delays, unpredictable costs, and forced migrations have made 2025 tough for SaaS teams relying on it.

🔧 SSOJet gives you a simpler path — add enterprise SSO on top of Auth0 (or any IDP), keep your stack, and pay flat-rate pricing.

Devs deserve reliability, not chaos.

🔗 Read the full blog: Auth0 Support After Okta: What Developers Are Saying in 2025

https://ssojet.com/blog/auth0-support-after-okta#the-developer-verdict-a-breakdown-of-auth0s-post-acquisition-challenges

#SSO #Auth0 #Okta #Developers #B2BSaaS #IAM #SCIM #SAML

Moin! Dieses Jahr biete ich die ganztägige Keycloak-Schulung noch 1x an, am 18. November. Ein Platz ist noch frei. Die Zielgruppe sind Admin*s, die den von @univention ausgelieferten Keycloak in Verbindung mit UCS einsetzen. SSO-Vorkenntnisse sind nicht nötig. Hier sind die Details zur Anmeldung:

https://www.univention.de/training/keycloak/

#keycloak #singlesignon #oidc #saml #univention

It appears #AWS might be having serious #IAM identity services issues today. The #Xero status page is currently blaming AWS for a global outage of their login services:
https://status.xero.com/

That tracks, because our #SAML based #SSO page for logging into AWS accounts is not working and, worse, it seems our IAM users for deployments and server builds cannot login via the API.

Today’s todo - Understand SAML.

I have a nagging feeling this will take more than a day…

#security #saml #saml2

🌟 LemonLDAP::NG 2.21.3 and 2.16.7 LTS released!

ℹ️ Some security issues were fixed, plan your upgrades!

➡️ https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-3-is-out/

@ow2 @PerlRakuFoundation

#IAM #SSO #CAS #SAML #OpenIDConnect #OpenSource #LogicielLibre #Perl

🔧 Mit einem neuen Pilotprojekt startet #eduGAIN in die nächste Entwicklungsphase: Neben dem bisherigen Standard #SAML soll künftig auch OpenID Federation (#OIDF) unterstützt werden. 🌐

Die DFN-AAI ist von Beginn an beteiligt & hat als erste Föderation erfolgreich einen Trust Anchor implementiert. 🎉

🎯Ziel: Praxiserfahrungen sammeln, um eduGAIN langfristig technologisch breiter aufzustellen.

Mehr Infos:
👉 https://www.dfn.de/edugain-startet-pilotprojekt-fuer-openid-federation/

#DFNAAI #TrustAnchor
@dfncert

SAML vs OpenID Connect под капотом SSO

Важно не прогадать с выбором протокола для SSO. Ведь от протокола зависит буквально всё: безопасность, удобство, возможности. Протокол OIDC (OpenID Connect) является лучшей альтернативой протокола SAML.

https://habr.com/ru/articles/943152/

#oidc #openidconnect #saml #sso

Технологии единого входа (SSO) для корпоративных ресурсов

«С ростом числа внутренних сервисов и платформ в компаниях всё актуальнее становится задача унификации доступа сотрудников к корпоративным ресурсам. HR-системы, CRM, документооборот — каждый из этих инструментов требует авторизации. В итоге у сотрудников накапливается десятки учётных записей, а у администраторов — необходимость управлять ими. Чтобы сократить избыточные точки входа и упростить контроль доступа, компании всё чаще внедряют механизм единого входа — SSO (Single Sign-On)», — рассказывает моя коллега Екатерина.

https://habr.com/ru/articles/942076/

#java #sso #saml #oauth_20 #openid_connect #cas

Zscaler SAML SP Authentication Bypass via Certificate Cloning & Signature Spoofing (CVE-2025-54982): https://blog.amberwolf.com/blog/2025/august/advisory---zscaler-saml-authentication-bypass/ #saml #zscaler

Angrynerds 115 - SAML bij?

https://video.angrynerdspodcast.nl/w/6XbPN9nqbm36jR9edsqEi3

A nice little release that brings some requested #SAML improvements. Review Board does NOT charge a SSO Tax, because security is too important for that.

We've been a bit quiet lately as we've worked toward the next major Review Board release, which we're starting to wrap up now.

https://mastodon.online/@reviewboard/114984090407873615

🌗 SAML Shield：現代化您的 SAML SSO 安全防護
➤ 阻止 SAML 漏洞於源頭，以開源或託管方式提供彈性保護
✤ https://samlshield.com/
SAML Shield 是一套開源的解決方案，專為強化 SAML 單一簽署認證 (SSO) 安全性而設計，旨在防禦日益增長的 SAML 漏洞與斷言攻擊。它能與現有 SAML 堆疊無縫整合，無需修改現有的身分提供者 (IdP)，並提供彈性的部署選項，包括直接嵌入應用程式或透過代理伺服器保護。透過即時驗證 SAML 斷言，SAML Shield 能在惡意斷言觸及應用程式碼前加以攔截，並持續更新規則集以應對最新的 CVE 漏洞。
+ 這真是太棒了！終於有一個能真正解決 SAML 斷言攻擊的方案，而且還是開源的，這讓開發者們能夠更深入地瞭解其運作原理。
+ 雖然我很欣賞開源選項，但 Stytch 提供的託管方案聽起來更吸引人，尤其是有自動更新和零維護的承諾。可以省去很多麻煩。
#安全 #SAML #SSO #資訊安全 #漏洞防護