Ping Identity has worked closely with Microsoft to fill in the gaps with regards federated single sign-on and Microsoft environments. A short list of our solution offerings. 

SAML Single Sign-On for Active Directory

PingFederate^® provides out-of-the-box integration with Active Directory to provide SAML & WS-Federation SSO with AD derived attributes on both the Identity Provider (IdP) and Service Provider (SP) side of a federated identity connection.  Furthermore, PingFederate can use Active Directory to authenticate users in organizations that do not have full identity management systems.

WS-Federation and ADFS (Active Directory Federation Services)

In addition to SAML, PingFederate natively supports WS-Federation, enabling PingFederate users to federate with users and applications not natively running on Windows.

CardSpace & Information Cards

1. Ping Identity has partnered with Microsoft to produce an Open Source CardSpace C Library, available at www.codeplex.com/InformationCard. The library enables developers to create applications that can accept Information Cards for single sign-on.
2. The PingFederate CardSpace Plugin, a new optional authentication add-on,  allows PingFederate to accept both self-issued and managed Information Cards (coming soon!).
3. Ping Identity’s independent identity service, SignOn.com, leverages emerging identity technologies such as OpenID and Information Cards to help streamline and secure the login and registration process to commonly-used Web sites.
4. The SourceID Apache Authentication Module for CardSpace, available from www.sourceid.org, allows applications using an Apache server for hosting or proxy to use Information Cards as an additional authentication mechanism.

COM Integration Kit

The PingFederate COM Integration Kit allows ASP applications that have not yet been migrated to ASP.NET to play both IdP and SP roles in SAML and WS-Federation secure Internet single sign-on use cases.

 
Internet Information Services (IIS) Integration Kit

he PingFederate IIS Integration Kit enables organizations to provide secure Internet single sign-on for employees, customers and business partners to applications running on an Internet Information Services (IIS) application server.

 
Integrated Windows Authentication  (IWA) - Integration Kit

The PingFederate IWA Integration Kit leverages the Kerberos ticket generated from a user's authentication to a Windows domain to enable SAML and WS-Federation-based secure Internet single sign-on to applications running in other security domains, both inside and outside the organization.

 
.NET Integration Kit

The PingFederate .NET Integration Kit enables the integration of .NET applications with PingFederate. Applications that authenticate end users can securely pass their attributes to PingFederate, and applications that require user attributes can securely receive them from PingFederate.

PingFederate Web Services (formerly PingTrust&trade is a Security Token Server that extends Identity Management to Web services.  PingFederate Web Services includes libraries for integration with both Java and .NET Web Service Clients and Providers.

Windows NT LAN Manager (NTLM) Integration Kit

The PingFederate NTLM Integration Kit enables a user's authentication to a Windows domain running NTLM to be used to single sign-on into Web applications that are internal or external to the organization.

SharePoint 2003 / 2007 Integration Kit

The PingFederate SharePoint Portal Server Integration Kit enables organizations to provide secure Internet single sign-on for employees, customers and business partners to applications running on SharePoint 2003 and SharePoint 2007 collaboration servers via SAML or WS-Federation.

SQL Server

Thanks to its built-in JDBC interface, PingFederate can obtain identity attributes from custom identity stores implemented on SQL Server running on either the IdP or SP side of a federated identity connection.

Rearden Commerce was the recipient of the 2007 Liberty Alliance IDDY award at Digital ID World. They won the award and was recognized for the speed with which they deployed a SAML-based single sign-on solution based on PingFederate from Ping Identity. Rearden Commerce's initial deployment of Ping Identity's PingFederate went live on July 9, 2007 and within one month, Rearden Commerce federated with 15 companies supporting 10-20 percent of all user sessions. Through PingFederate, the Rearden Commerce platform provides single sign-on capabilities via a wide variety of industry open standards, including SAML (Security Assertion Markup Language) 1.0, 1.1 and 2.0 protocols or the WS- Federation protocol, enabling corporations to provide secure seamless access to their employees without any additional user authentication.

I'd love to say that great software alone made this possible, but the reality is, Chuck Mortimore of Rearden Commerce is an exceptionally bright guy, who simply knows how to get things done.

More on Rearden Commerce

Delivered as Software as a Service (SaaS) to more than half a million employees in more than six hundred companies, the Rearden Commerce Personal Assistant leverages federation technology to help users find and purchase the services they need based on their preferences and company policies. Identity federation allows enterprises a standards-based approach to securely link and exchange identity information across partner, supplier and customer organizations. It effectively bridges separate security domains to provide companies with the ability to secure their cross- boundary interactions -- removing friction, improving productivity, gaining efficiency and enabling competitive differentiation.   

Through the use of federation technology, organizations deploying the Rearden Commerce Personal Assistant have been rapidly achieving high levels of user adoption. By making it easy for their employees to find and buy services from preferred providers offering negotiated discounts, organizations typically save 20-30 percent on the services purchased through the system.