Seamless athentication to Webtop

so, correct me if I'm wrong then, the way I have currently set it up and its working (before looking into Kerberos at all) is that I get a Logon Page for my webtop (regardless of user location/domain joined). Once user logs into this, he's good to go with all currently assigned SAML based resources. The same "logon page" credentials he inputted pass him through without a secondary login required at the iDP (also hosted on the same F5 device hosting the webtop) when authenticating SAML based resources clicked off of the webtop presented to the user.

Now, when I hopefully get Kerberos working to seamlessly authenticate the webtop for domain joined machine, or fall back to a login page for non domain joined machines, my SAML resources (either directly accessed or accessed via Webtop) should continue to allow seamless access I'm assuming either by virtue of Kerberos Auth or by the User being authenticated by the F5 logon page? I'm hoping both methods will authenticate the resource properly to not throw up a login to the iDP when currently configured SAML resources are being accessed