diff --git a/modules/saml/www/sp/saml1-acs.php b/modules/saml/www/sp/saml1-acs.php
index 95cc91b58df646d5916f0de427908a2b1b575b49..fcfd5a0736a891f32505dde97ebdf4988d76ec97 100644
--- a/modules/saml/www/sp/saml1-acs.php
+++ b/modules/saml/www/sp/saml1-acs.php
@@ -8,6 +8,10 @@ if (!array_key_exists('TARGET', $_REQUEST)) {
 	throw new SimpleSAML_Error_BadRequest('Missing TARGET parameter.');
 }
 
+if (!array_key_exists('PATH_INFO', $_SERVER)) {
+    throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL');
+}
+
 $sourceId = $_SERVER['PATH_INFO'];
 $end = strpos($sourceId, '/', 1);
 if ($end === FALSE) {
diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index 1341095cbd89b36ef6f4d71b237fa9e689a8ee65..b9fb760b18cc7e648186d2336af2f69230412e4a 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -4,6 +4,10 @@
  * Assertion consumer service handler for SAML 2.0 SP authentication client.
  */
 
+if (!array_key_exists('PATH_INFO', $_SERVER)) {
+    throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in assertion consumer service URL');
+}
+
 $sourceId = substr($_SERVER['PATH_INFO'], 1);
 $source = SimpleSAML_Auth_Source::getById($sourceId, 'sspmod_saml_Auth_Source_SP');
 $spMetadata = $source->getMetadata();
diff --git a/modules/saml/www/sp/saml2-logout.php b/modules/saml/www/sp/saml2-logout.php
index d8d04c5c144ca1c653c3d2ccf22791581eab5b23..b39f3bff0c96c8bbfb7ce0cc01dc5033dc607ef3 100644
--- a/modules/saml/www/sp/saml2-logout.php
+++ b/modules/saml/www/sp/saml2-logout.php
@@ -7,7 +7,7 @@
  */
 
 if (!array_key_exists('PATH_INFO', $_SERVER)) {
-	throw new SimpleSAML_Error_BadRequest('Missing authentication source id in logout URL');
+	throw new SimpleSAML_Error_BadRequest('Missing authentication source ID in logout URL');
 }
 
 $sourceId = substr($_SERVER['PATH_INFO'], 1);