It depends on what you already have in your infrastructure. If you already have an identity provider setup e.g. Shibboleth, ADFS, OKTA etc you can go for SAML authentication handler. If you have other security solutions like IBM Security Access Manager, Oracle Identity Manger, CA Siteminder, IIS Win...