cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Support SAML

Support SAML

Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider can contact a separate online identity provider to authenticate users who are trying to access secure content.

I would like the Orion Apps to offer a SAML-based Single Sign-On (SSO) service. Using the SAML model, Orion acts as the service provider and provides services such as NPM and NCM. The customer would provide the identity providers and control usernames, passwords and other information used to identify, authenticate and authorize users for Orion applications.

There are a number of existing open source and commercial identity provider solutions that can help customers implement SSO -- and these can also be used with other third parties (such as Google Apps). Here is one such system we make use of: Shibboleth - Home

Orion would provide the service provider  portion -- there are c++ and Java libraries available. This would avoid having to provide authentication hooks to lots of other authentication systems (and hence satisfy requests for LDAP, TACACS, kerberos, etc).

Tags (3)
52 Comments
Level 16

Since I wrote this feature request Solarwinds have acquired Wheb Help Desk, which includes SAML authentication... I'd like to see that component ported over to the core product.

As SolarWinds resellers, in the last year we have had a number of customers/potential customers ask about SAML support. This is something that is becoming more prevalent and with the integration work within the SolarWinds family would no doubt be a good inclusion. Any possibility of getting an update?

Level 15

May be something we may be able to ingest from Web Help Desk as Richard mentioned but I'm afraid we have no timelines we're ready to share.  Personally I would have thought this feature request would have gotten more votes but there doesn't seem to be a lot of interest, at least within the Thwack community.

Level 16

it's something that purchasers are going to ask for.

In many installations there are a relatively few solarwinds orion users (they can be handled individually); by the time people join thwack they have solved their own access problems; if you have a small number of access groups then the current active directory implementation might be enough.

I'm an open-access type of person so here there are a couple of hundred people (in my department) with read-only access to network statistics; I could imagine a future where several thousand people have access (e.g. if customers are to be able to administer the IP resources on their subnets)

Level 7

Has this feature request been implemented as of yet??  My org is allow moving to saml compliant applications and we would like to deploy SW as one too.

Thanks

Bill

Level 10

Yeah any good references on NPM support for SSO like SAML?

Level 10

any chances to get this included in next version ?

Level 10

rob.hock‌ ,is it something you can consider in near future?

Level 16

We will shortly be coming up to the three-year anniversary for this request;

I note that 11.5.1 shipped with DotNetOpenAuth (DotNetOpenAuth.net · GitHub)

Is there documentation on how to enable/use this for authentication and authorization?

Level 10

Wait, did it?