We have just released our Security token service for WSE 3.0. So if you are interested in Web service security, or are learning WSE 3.0 or are interested in learning more about SAML head to our workspace and take a look... http://practices.gotdotnet.com/projects/saml. The solution has shipped as a quickstart - and we are also encouraging members of the community to develop further iterations of this release... so if anyone is interested ping me, or start a thread on our workspace.
It took longer than we thought because we spent a month doing interop testing with WCF - but at the end of the day I think you will learn a lot from this deliverable. Many thanks to the WSE 3.0 team, Ed Johns (whose code we originally used as a starting point) and in particular Pablo (http://weblogs.asp.net/cibrax/) whose development efforts were crucial to this solutions success.