diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 55fe924a973e2d56dece5cfcdca523699645863b..ca92e057acfcce25654c148520ee680c0c712ca5 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -38,6 +38,10 @@ $requestid = null;
 
 SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Accessing SAML 2.0 IdP endpoint SSOService');
 
+if (!$config->getValue('enable.saml20-idp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
 /*
  * If the SAMLRequest query parameter is set, we got an incomming Authentication Request 
  * at this interface.
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index cf197d1ef078cf3c70a590cf82cdb5f5fd201985..d49a080a3663b2df24f1d51922b10bb6eda5af15 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -31,8 +31,10 @@ $session = SimpleSAML_Session::getInstance();
 $idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 
 SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutService: Accessing SAML 2.0 IdP endpoint SingleLogoutService');
-	
-	
+
+if (!$config->getValue('enable.saml20-idp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
 
 /**
  * If we get an incomming LogoutRequest then we initiate the logout process.
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index 21ba347a1db197bd292544467b5c9738804eb4dc..6d62d956c99ab7ecd2f0f1c6c5c1c7c9a290c512 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -14,6 +14,8 @@ $config = SimpleSAML_Configuration::getInstance();
 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 $session = SimpleSAML_Session::getInstance(true);
 
+if (!$config->getValue('enable.saml20-idp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
 
 
 /* Check if valid local session exists.. */
diff --git a/www/saml2/sp/AssertionConsumerService.php b/www/saml2/sp/AssertionConsumerService.php
index 7208ca3eb352e9f674d93cf50a7592fe856156d0..99e0018714d863e080185a08e980b0a2142e280b 100644
--- a/www/saml2/sp/AssertionConsumerService.php
+++ b/www/saml2/sp/AssertionConsumerService.php
@@ -29,6 +29,10 @@ $session = SimpleSAML_Session::getInstance(TRUE);
 
 SimpleSAML_Logger::info('SAML2.0 - SP.AssertionConsumerService: Accessing SAML 2.0 SP endpoint AssertionConsumerService');
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+	
 try {
 	
 	$config = SimpleSAML_Configuration::getInstance();	
diff --git a/www/saml2/sp/SingleLogoutService.php b/www/saml2/sp/SingleLogoutService.php
index 86a2ab0477bc2eee9c868cd487cb66f6d6262881..e88e25f6bf56a593723ecc52453a9f20ae266e89 100644
--- a/www/saml2/sp/SingleLogoutService.php
+++ b/www/saml2/sp/SingleLogoutService.php
@@ -22,6 +22,11 @@ $session = SimpleSAML_Session::getInstance(true);
 
 SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: Accessing SAML 2.0 SP endpoint SingleLogoutService');
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
+
 // Destroy local session if exists.
 if (isset($session) ) {
 	$session->setAuthenticated(false);
diff --git a/www/saml2/sp/idpdisco.php b/www/saml2/sp/idpdisco.php
index 54759d005a69a87c8625a2a65f43e040eb11018e..ce16c0bfea5deb6d1c6da4de04e4806f19ae7b60 100644
--- a/www/saml2/sp/idpdisco.php
+++ b/www/saml2/sp/idpdisco.php
@@ -17,6 +17,10 @@ $session = SimpleSAML_Session::getInstance();
 
 SimpleSAML_Logger::info('SAML2.0 - SP.idpDisco: Accessing SAML 2.0 discovery service');
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+	
 try {
 
 	if (!isset($_GET['entityID'])) throw new Exception('Missing parameter: entityID');
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
index 494f58cd70458a6fac5a0b998a5d08a408266768..70ce06cdc135e9a14f1ba48d0fbf74a23890d22f 100644
--- a/www/saml2/sp/initSLO.php
+++ b/www/saml2/sp/initSLO.php
@@ -14,6 +14,10 @@ $session = SimpleSAML_Session::getInstance();
 
 SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: Accessing SAML 2.0 SP initSLO script');
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+	
 if (isset($session) ) {
 	
 	try {
diff --git a/www/saml2/sp/initSSO.php b/www/saml2/sp/initSSO.php
index 4e4982af64291268240de65c6fa558637f51212e..50d64c5734e1bb95b2451f583064f672c1503ab1 100644
--- a/www/saml2/sp/initSSO.php
+++ b/www/saml2/sp/initSSO.php
@@ -15,6 +15,7 @@ $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 $session = SimpleSAML_Session::getInstance(true);
 
 
+
 /**
  * Incomming URL parameters
  *
@@ -26,6 +27,8 @@ $session = SimpleSAML_Session::getInstance(true);
 
 SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: Accessing SAML 2.0 SP initSSO script');
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
 
 try {
 
diff --git a/www/saml2/sp/metadata.php b/www/saml2/sp/metadata.php
index 9ff76a86f5ed8e04c6fb60a39716c431457d55c1..321c94d8ef34af4b8b990574f3406cfdf5f9fdca 100644
--- a/www/saml2/sp/metadata.php
+++ b/www/saml2/sp/metadata.php
@@ -13,6 +13,10 @@ $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 $session = SimpleSAML_Session::getInstance(TRUE);
 
 
+if (!$config->getValue('enable.saml20-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
 /**
  * Preconfigured to help out some federations. This makes it easier for users to report metadata
  * to the administrators of the IdP.
diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php
index 885cd9053b4a35ee7f284a92f9bbd3fea63ac562..3d50db4b2dd084ffc1f8fe683755bccf7d778ed6 100644
--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -35,6 +35,11 @@ $requestid = null;
 
 SimpleSAML_Logger::info('Shib1.3 - IdP.SSOService: Accessing Shibboleth 1.3 IdP endpoint SSOService');
 
+if (!$config->getValue('enable.shib13-idp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
+
 /*
  * If the shire query parameter is set, we got an incomming Authentication Request 
  * at this interface.
diff --git a/www/shib13/sp/AssertionConsumerService.php b/www/shib13/sp/AssertionConsumerService.php
index 70e149446aeae8df5db1035bba880ad9c60e0c76..b6f34e85b8ef2159c0a3fa9f502efa8d39c7d24d 100644
--- a/www/shib13/sp/AssertionConsumerService.php
+++ b/www/shib13/sp/AssertionConsumerService.php
@@ -15,6 +15,9 @@ $session = SimpleSAML_Session::getInstance(TRUE);
 
 SimpleSAML_Logger::info('Shib1.3 - SP.AssertionConsumerService: Accessing Shibboleth 1.3 SP endpoint AssertionConsumerService');
 
+if (!$config->getValue('enable.shib13-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
 try {
 
 	$config = SimpleSAML_Configuration::getInstance();
diff --git a/www/shib13/sp/idpdisco.php b/www/shib13/sp/idpdisco.php
index 55d4503e330d4651bdb730eaf9aa2075ed2e26b2..fad842e831dc3e3d292418719d6f0d8b8a9f4dab 100644
--- a/www/shib13/sp/idpdisco.php
+++ b/www/shib13/sp/idpdisco.php
@@ -16,6 +16,10 @@ $session = SimpleSAML_Session::getInstance();
 
 SimpleSAML_Logger::info('Shib1.3 - SP.idpDisco : Accessing Shib 1.3 discovery service');
 
+if (!$config->getValue('enable.shib13-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
 try {
 
 	if (!isset($_GET['entityID'])) throw new Exception('Missing parameter: entityID');
diff --git a/www/shib13/sp/initSSO.php b/www/shib13/sp/initSSO.php
index 49a93a6a4d60c0cd24bf7c6594578cfc294484d2..eb8de42dd171d858c66646c29c723d160b1324fd 100644
--- a/www/shib13/sp/initSSO.php
+++ b/www/shib13/sp/initSSO.php
@@ -27,6 +27,10 @@ $session = SimpleSAML_Session::getInstance();
 
 SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: Accessing Shib 1.3 SP initSSO script');
 
+if (!$config->getValue('enable.shib13-sp', false))
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
+
+
 try {
 
 	$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $config->getValue('default-shib13-idp') ;