Currently, option 1 is the preferred option as it presents the most flexible and capable solution. Option 2 lacks flexibility, and Option 3 has undesirable implications for managing attribute release.
- This page includes instructions on how to configure software to issue SAML on the same server as the RADIUS server.
Option 2 Hard-coded in the RADIUS Server
- Here is information on another option for handling SAML assertions (for use with very simple deployments or for testing purposes only).
Option 3 - Using an existing SAML Identity Provider
- Here you will find instructions on what to do if your organisation already has a SAML Identity provider and wishes to re-use that to issue SAML assertions.