Add a note about developing and testing Auth Proc Filter

Closes: #974

docs/simplesamlphp-authproc.md

@@ -23,7 +23,7 @@ Examples of neat things to do using Authentication Processing Filters:
   * Ask the user for consent, before the user is sent back to a service.
   * Implement basic Access Control on the IdP (not neccessarily a good idea), limiting access for some users to some SPs.
 
-Be aware that Authentication Proccessing Filters do replace some of the preivous features in SimpleSAMLphp, named:
+Be aware that Authentication Proccessing Filters do replace some of the previous features in SimpleSAMLphp, named:
 
   * `attributemap`
   * `attributealter`
@@ -176,4 +176,6 @@ Requirements for authentication processing filters:
  - No state information should be stored in the filter object. It must instead be stored in the request state array. Any changes to variables in the filter object may be lost.
  - The filter object must be serializable. It may be serialized between being constructed and the call to the `process`-function. This means that, for example, no database connections should be created in the constructor and later used in the `process`-function.
 
+*Note*: An Auth Proc Filter will not work in the "Test authentication sources" option in the web UI of a SimpleSAMLphp IdP. It will only be triggered in conjunction with an actual SP. So you need to set up an IdP *and* and SP when testing your filter.
+
 Don't hestitate to ask on the SimpleSAMLphp mailinglist if you have problems or questions, or want to share your *Auth Proc Filter* with others.