You need to make absolutely sure that whatever is doing the work doesn’t try
to help you out with SSL connections. So something that just forwards the
packets along might be OK.
Unless someone comes to your aid having done this your best bet is to suck
it and see with a test IdP. When you are testing you need to make sure that
you test the SAML1 flows (SAML2 doesn’t need the back channel). The easiest
way is to use the "UK Federation WAYF (always SAML 1.1)" at
https://test.ukfederation.org.uk/
/Rod
|