diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index da38771a6fad53a563b1cad440e79baedb9e45a0..7fbc4f6c62e4bc87b446abdc3a11a7b294704f9e 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -464,6 +464,12 @@ class sspmod_saml_IdP_SAML2 {
 		$lr->setSessionIndex($association['saml:SessionIndex']);
 		$lr->setNameId($association['saml:NameID']);
 
+		$assertionLifetime = $spMetadata->getInteger('assertion.lifetime', NULL);
+		if ($assertionLifetime === NULL) {
+			$assertionLifetime = $idpMetadata->getInteger('assertion.lifetime', 300);
+		}
+		$lr->setNotOnOrAfter(time() + $assertionLifetime);
+
 		$encryptNameId = $spMetadata->getBoolean('nameid.encryption', NULL);
 		if ($encryptNameId === NULL) {
 			$encryptNameId = $idpMetadata->getBoolean('nameid.encryption', FALSE);