...

There are some situations where the check cannot work reliably. In those cases it is possible to disable the check for a particular IdP.
The so far known cases where the check might generate a false negative are:

• IdP does not support HTTP or HTTPS with at least SSLv3 or TLS1 or newer (these IdPs are insecure anyway)
• IdP is part of a Hub & Spoke federation (some of them manually have to first approve eduGAIN SPs)
• IdP does not use web-based login form (e.g. HTTP Basic Authentication or X.509 login)
• IdP does not allow requests coming from the ECCS2 servers: technical-test.edugain.org / technical.edugain.org

Disable Checks

In cases where an IdP cannot be reliably checked, it is necessary to create or enrich the robots.txt file on the IdP's web root with:

...