I have been been working on a prototype for .NET forms authentication connecting to a Single Sign On platform. The SSO platform has to support both SAML 2.0 and quickly (less than 2 dev. weeks) connect with .NET forms authentication.
1. Ping Identity
2. Microsoft Geneva
We have settled on Ping Identity for several reasons. It currently is the quickest, although not the cheapest, solution to add SSO abilities for a SaaS provider to .NET forms authentication. Geneva is not yet complete and does not support the full SAML 2.o implementation (only SAML 2.0 Lite) at this time. It may though by the time it comes out of beta. The current Geneva iteration is beta 2 (download here). While very flexible and inexpensive, Safabyte would take longer than 2 weeks to run through a good product dev. cycle. Two weeks is just too short to develop and test thoroughly.
So Ping it is. Ping also allows us to hand off a lot of the configuration to the network services group. The development is very straight forward and can actually be done in a day giving your test team adequate time to test.