Just came across this link from a quasi-spam mailing by a java magazine. The article they sent was fluff, but gave a brief overview of SAML. This sounds like it might be useful for APOLLO, so I'm bookmarking it here.
It sounds like a way of dealing with federated identity, and the concepts of "user types" or "roles" - things that are becoming more important in APOLLO as it gets fleshed out.