diff --git a/www/saml2/idp/ArtifactResolutionService.php b/www/saml2/idp/ArtifactResolutionService.php
index 98d5b4986518fa6b0fd6f6990cfa67e814ca559d..12ebdb152a13d18b1877c5273472078cfdca570e 100644
--- a/www/saml2/idp/ArtifactResolutionService.php
+++ b/www/saml2/idp/ArtifactResolutionService.php
@@ -23,8 +23,8 @@ use SimpleSAML\Metadata;
 use SimpleSAML\Store;
 
 $config = Configuration::getInstance();
-if (!$config->getBoolean('enable.saml20-idp', false)) {
-    throw new Error\Error('NOACCESS');
+if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
+    throw new Error\Error('NOACCESS', null, 403);
 }
 
 $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler();
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 747e9c33363246b25fcf7fc4699a8f320ec53f31..ef1686c1d3405c104298d143f9220e038d579de7 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -5,7 +5,6 @@
  * from a SAML 2.0 SP, parses, and process it, and then authenticates the user and sends the user back
  * to the SP with an Authentication Response.
  *
- * @author Andreas Ă…kre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
  * @package SimpleSAMLphp
  */
 
@@ -13,6 +12,7 @@ require_once('../../_include.php');
 
 use Exception;
 use SimpleSAML\Assert\Assert;
+use SimpleSAML\Configuration;
 use SimpleSAML\Error;
 use SimpleSAML\IdP;
 use SimpleSAML\Logger;
@@ -21,6 +21,11 @@ use SimpleSAML\Module;
 
 Logger::info('SAML2.0 - IdP.SSOService: Accessing SAML 2.0 IdP endpoint SSOService');
 
+$config = Configuration::getInstance();
+if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
+    throw new Error\Error('NOACCESS', null, 403);
+}
+
 $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler();
 $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 $idp = IdP::getById('saml2:' . $idpEntityId);
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 0f0c2fe4565818cc7fc941b29e2e19d3f90e7053..f4bb144ffddfb4c81318c1f6c9be0e6e8f971f29 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -12,6 +12,7 @@ require_once('../../_include.php');
 
 use Exception;
 use SimpleSAML\Assert\Assert;
+use SimpleSAML\Configuration;
 use SimpleSAML\Error;
 use SimpleSAML\IdP;
 use SimpleSAML\Logger;
@@ -21,6 +22,11 @@ use SimpleSAML\Utils;
 
 Logger::info('SAML2.0 - IdP.SingleLogoutService: Accessing SAML 2.0 IdP endpoint SingleLogoutService');
 
+$config = Configuration::getInstance();
+if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
+    throw new Error\Error('NOACCESS', null, 403);
+}
+
 $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler();
 $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 $idp = IdP::getById('saml2:' . $idpEntityId);
diff --git a/www/saml2/idp/initSLO.php b/www/saml2/idp/initSLO.php
index 24f27c470e221947dbb680770297c92cf5063f82..e6c7f26f61ccec1885a88cba4c8fb611ea3149da 100644
--- a/www/saml2/idp/initSLO.php
+++ b/www/saml2/idp/initSLO.php
@@ -3,18 +3,25 @@
 require_once('../../_include.php');
 
 use SimpleSAML\Assert\Assert;
+use SimpleSAML\Configuration;
 use SimpleSAML\Error;
 use SimpleSAML\Idp;
 use SimpleSAML\Logger;
 use SimpleSAML\Metadata;
+use SimpleSAML\Module;
 use SimpleSAML\Utils;
 
+Logger::info('SAML2.0 - IdP.initSLO: Accessing SAML 2.0 IdP endpoint init Single Logout');
+
+$config = Configuration::getInstance();
+if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
+    throw new Error\Error('NOACCESS', null, 403);
+}
+
 $metadata = Metadata\MetaDataStorageHandler::getMetadataHandler();
 $idpEntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 $idp = IdP::getById('saml2:' . $idpEntityId);
 
-Logger::info('SAML2.0 - IdP.initSLO: Accessing SAML 2.0 IdP endpoint init Single Logout');
-
 if (!isset($_GET['RelayState'])) {
     throw new Error\Error('NORELAYSTATE');
 }
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index f8e49d8816b2aa0052c4e2d67e4853a4c568e483..f9534c48cd19db8763255183a89b3b92bf18556f 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -6,18 +6,17 @@ use Symfony\Component\VarExporter\VarExporter;
 
 use SAML2\Constants;
 use SimpleSAML\Assert\Assert;
+use SimpleSAML\Configuration;
+use SimpleSAML\Error;
 use SimpleSAML\Module;
 use SimpleSAML\Utils\Auth as Auth;
 use SimpleSAML\Utils\Crypto as Crypto;
 use SimpleSAML\Utils\HTTP as HTTP;
 use SimpleSAML\Utils\Config\Metadata as Metadata;
 
-// load SimpleSAMLphp configuration and metadata
-$config = \SimpleSAML\Configuration::getInstance();
-$metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();
-
-if (!$config->getBoolean('enable.saml20-idp', false)) {
-    throw new \SimpleSAML\Error\Error('NOACCESS');
+$config = Configuration::getInstance();
+if (!$config->getBoolean('enable.saml20-idp', false) || !Module::isModuleEnabled('saml')) {
+    throw new Error\Error('NOACCESS', null, 403);
 }
 
 // check if valid local session exists
@@ -25,6 +24,8 @@ if ($config->getBoolean('admin.protectmetadata', false)) {
     Auth::requireAdmin();
 }
 
+$metadata = \SimpleSAML\Metadata\MetaDataStorageHandler::getMetadataHandler();
+
 try {
     $idpentityid = isset($_GET['idpentityid']) ?
         $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
@@ -151,7 +152,7 @@ try {
         );
 
         if (!$idpmeta->hasValue('OrganizationURL')) {
-            throw new \SimpleSAML\Error\Exception(
+            throw new Error\Exception(
                 'If OrganizationName is set, OrganizationURL must also be set.'
             );
         }
@@ -246,5 +247,5 @@ try {
         exit(0);
     }
 } catch (\Exception $exception) {
-    throw new \SimpleSAML\Error\Error('METADATA', $exception);
+    throw new Error\Error('METADATA', $exception);
 }