Clientless SAML assartion into SOAP headers

Hi all - like to run something by you ALL.

 

Client-less (ex: SOAP UI) client accessing WebServices via F5. F5 Authenticates client based on client's machine cert and via OCSP. F5 then also performs SAML assertion of username taken from the CN of the Cert. THIS assertion should be added into the SOAP headers not HTTP headers. F5 then passes it to the POOL/NODE (pool/node - on back-end is actually setup as SP connector for SAML).

 

Q1: This APM policy is ALL under single VIP. Any issues here? Q2: I'm having challenge finding good docs on SAML assertion into SOAP within F5.

 

Thanks for your input!