We are currently using Shibboleth, and would love to get away from using java/Tomcat. It looks like Keycloak also uses java. Is there an alternative to this that doesn't require it?

Its written in Go, can be self-hosted or used from a cloud service.

It will also soon (end of May) provide SAML 2.0 support besides the current OpenID Connect and OAuth support.

Disclaimer: I am one of the authors ;-)