We (Ping Identity) have tons of information about SAML in the Knowledge Center tab on our Web site, pingidentity.com.
We have a Java integration kit that makes it easy to federate directly from a Java Web app, using a simple API. Lots of source code and sample apps are included for both the identity provider role and the service provider role. This makes it easy to understand the SAML protocol flow for browser SSO and for WS-Security. You can download a copy of the PingFederate server and the integration kit and get a 30-day license, all for free. So even if you have no interest in purchasing our product, you can still learn about SAML. Working through our Getting Started
doc and the sample apps from the Java integration kit are in fact how I learned SAML.
If you are looking for code, you can find open-source code at sourceid.org.
Helpful product plug: If you are doing this for your own edification, go for it. If you are doing it for business purposes, consider our product, PingFederate. It is almost always cheaper than the cost and aggravation of rolling your own. And we can usually help you get your first connection working in 2 hours. We didn't invent SAML federation, but we have certainly perfected it.