A flexible and comprehensive open source, cross-domain, attribute-based web single-sign on system based on SAML 1.x and 2.0. Built on the OpenSAML libraries, a Java-based identity provider and native (C++) service provider are provided. The identity provider supports pluggability of both authentication and attribute sources and supports most of the core SAML SSO profiles and bindings. The service provider supports most popular web servers and enables seamless and loosely coupled integration of authentication and attribute data with applications without programming to product-specific APIs. Rich policy-based filtering of outgoing and incoming attributes, extensive metadata support, and pluggability at all layers are supported. Provided under the standard Apache 2.0 license.