I was looking into SAML a while back for a project (preexisting compatibility) and the lack of functional open source IdP's is depressing.

I tried Gluu and it's a RAM hog for what it does (IMO). I took a look at the developer docs and it seems all but impossible to override the password hashing method with your own (query passwords from your own database instead of LDAP hashed) was one use case I was looking into)

Even storing my custom hashes in LDAP would have been acceptable.