In a nutshell, you need to establish a mutual trust between your SAML SP (located where your web service is) and SAML IdP (your Gluu instance). That is done through exchanging of so-called SAML metadata. In Gluu it's done by creating of Trust Relationship, that's correct; you can access Gluu's SAML metadata by url like [https://your.gluu.server.host.name/idp/shibboleth](https://your.gluu.server.host.name/idp/shibboleth) Regarding how to do it in your SP - that depends, as there are a lot of different software packages and SAAS services that can serve as one. The guide Zico mentioned shows how to do that in case your web service is protected by Shibboleth, a popular open-source implementation of SAML SP. You will need to consult documentation of actual software package you are using.
After you are done with metadata, you need to decide which attributes your SP needs to handle SSO. It may be that you'll need to create custom attributes at Gluu IdP to serve its needs, but Gluu already have a nice selection of ready-to-use attributes out of the box.