Call toll free:
1.877.898.2905
Integration: How does PingFederate Work With My Infrastructure?
Ping Identity invests heavily to ensure that PingFederate integrates with what you already have without requiring extensive inter-dependencies and "fork lift" upgrades to get everything working. Answers to the most commonly asked integration questions follow:
Why do I need "first and last mile" integration?
Both parties taking part in an Internet SSO connection need software that supports the same federated identity protocol. This software must integrate with identity and authentication sources at the Identity Provider, and it must integrate with the application environment at the Service Provider.
How does "first mile" integration at the IdP work?
IdP integration involves retrieving user identity attributes from the IdP domain and sending them to the PingFederate server. Typically, the identity attributes are retrieved from an authenticated user session.
How does "last mile" integration at the SP work?
An SP is the consumer of identity attributes provided by the IdP through a SAML assertion. SP integration involves passing the identity attributes from PingFederate to the target SP application. The SP application uses this information to set a valid session or other security context for the user represented by the identity attributes.
How do I integrate custom Java, .NET and PHP applications?
PingFederate can integrate with custom/homegrown identity management and authentication systems at the IdP as well as with custom applications at the SP.
Can Ping integrate with WAM systems like SiteMinder, Oracle Access Manager and Tivoli Access Manager?
PingFederate Web Access Management (WAM) Integration Kits are available for CA SiteMinder and Oracle Access Manager. Ping Identity offers a fixed price integration service for deploying PingFederate with Tivoli Access Manager.
Does Ping integrate with authentications systems such as IWA, AD, X.509 and LDAP
Initial user authentication is normally handled outside of the PingFederate server using an authentication application or service. PingFederate Integration Kits for authentication systems leverage this local authentication to access applications outside the security domain.
Can I integrate with IIS, Apache, WebLogic and WebSphere?
PingFederate Web and application server Integration Kits allow SP enterprises to accept SAML assertions and provide SSO to all applications running on their Web and/or application server; there is no need to integrate each application.
Can I integrate with NetWeaver or SharePoint portals?
The PingFederate NetWeaver Integration Kit supplies both outgoing (IdP-side) SSO support for NetWeaver users, as well as incoming (SP-side) Internet SSO support for NetWeaver applications.
Can I use PingFederate with Citrix?
Giving external users such as customers, contractors and partners SSO access to virtualized applications used to require Citrix XenApp (formerly Presentation Server) administrators to manage passwords and user credentials for each external user.
Can I use PingFederate with ArcSight?
PingFederate will soon support native CEF (Common Event Format) integration with ArcSight IdentityView.
Can I use PingFederate with RSA SecurID?
Organizations are seeking ways to move beyond weak Internet passwords to secure Cloud Computing. Ping Identity has worked closely with RSA Security to provide a comprehensive Cloud security solution that uses PingFederate to allow SecurID authenticators to work with multiple Cloud applications.