Implemented

Support SAML

Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider can contact a separate online identity provider to authenticate users who are trying to access secure content.

I would like the Orion Apps to offer a SAML-based Single Sign-On (SSO) service. Using the SAML model, Orion acts as the service provider and provides services such as NPM and NCM. The customer would provide the identity providers and control usernames, passwords and other information used to identify, authenticate and authorize users for Orion applications.

There are a number of existing open source and commercial identity provider solutions that can help customers implement SSO -- and these can also be used with other third parties (such as Google Apps). Here is one such system we make use of: Shibboleth - Home

Orion would provide the service provider  portion -- there are c++ and Java libraries available. This would avoid having to provide authentication hooks to lots of other authentication systems (and hence satisfy requests for LDAP, TACACS, kerberos, etc).