SAML responses are not validated.
SAML authentication adds additional checks for validating SAML responses from the identity provider.
This could reveal a non-standard configuration that needs to be updated. Information will appear in the logs upon a failed login attempt in the event that the configuration needs to be tweaked.
Validation requires a proper HTTPS configuration, as documented in Operating the Server.