SSO comparison request from executive management (IAM David Bantz)

Mike Schwartz mike at
Fri Dec 18 20:08:55 EST 2015


Ping has 1,000 customers--and only a small handful of universities. 
Shibboleth is the most widely deployed SAML IDP on the planet. I think 
Shibboleth has more installations than Ping in the UK alone.

Ping does not support multi-party federation metadata, and privacy 
protecting features were a secondary consideration. So in addition to 
its lower adoption rate, it has less features that universities need.

SAML is stable. If you need OpenID Connect, there are many free open 
source alternatives (like the Gluu Server which integrates well with 
Shib). So buying expensive proprietary enterprise software should only 
be a last resort.

Open source software has been shown to have a lower defect rate than 
proprietary software. Here are just a few articles that show how moving 
from open source to proprietary software would be contrary to the 
current trend in both education, government and enterprise IT in 

  Rise of Open Source

  Open source software gains traction in federal IT

  Embrace Open Source:

  Open Source Golden Age:

  Open Source Beats Proprietary Software

  Open Source marches into Enterprise

  Open Source in big companies

Ping's $100M in VC funds gives them lots of budget to market. But it 
doesn't make them a profitable business. So long term, their business 
model is no more sure a thing than a strong community of dedicated 
individuals and instutions with a common goal.

If your managment wants to shell out 1/4 million for enterprise 
software, perhaps they should re-direct those funds to the Shibboleth 
Foundation--I think they'll see a better return.



Michael Schwartz
Founder / CEO
mike at

More information about the users mailing list