From b37fd69807500e5bcdbad4081d0e90976bc8e8f9 Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Wed, 21 Nov 2018 19:38:33 +0100
Subject: [PATCH] Add a note about developing and testing Auth Proc Filter

Closes: #974
---
 docs/simplesamlphp-authproc.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/simplesamlphp-authproc.md b/docs/simplesamlphp-authproc.md
index 77fd086c9..20c1eb53b 100644
--- a/docs/simplesamlphp-authproc.md
+++ b/docs/simplesamlphp-authproc.md
@@ -23,7 +23,7 @@ Examples of neat things to do using Authentication Processing Filters:
   * Ask the user for consent, before the user is sent back to a service.
   * Implement basic Access Control on the IdP (not neccessarily a good idea), limiting access for some users to some SPs.
 
-Be aware that Authentication Proccessing Filters do replace some of the preivous features in SimpleSAMLphp, named:
+Be aware that Authentication Proccessing Filters do replace some of the previous features in SimpleSAMLphp, named:
 
   * `attributemap`
   * `attributealter`
@@ -176,4 +176,6 @@ Requirements for authentication processing filters:
  - No state information should be stored in the filter object. It must instead be stored in the request state array. Any changes to variables in the filter object may be lost.
  - The filter object must be serializable. It may be serialized between being constructed and the call to the `process`-function. This means that, for example, no database connections should be created in the constructor and later used in the `process`-function.
 
+*Note*: An Auth Proc Filter will not work in the "Test authentication sources" option in the web UI of a SimpleSAMLphp IdP. It will only be triggered in conjunction with an actual SP. So you need to set up an IdP *and* and SP when testing your filter.
+
 Don't hestitate to ask on the SimpleSAMLphp mailinglist if you have problems or questions, or want to share your *Auth Proc Filter* with others.
-- 
GitLab