diff --git a/www/saml2/idp/SingleLogoutServiceiFrame.php b/www/saml2/idp/SingleLogoutServiceiFrame.php
index 38af9e35596ee6c3726b8a4fd806f026ec68922f..85a6f40c6695b339dca4d2bcb4980223730230b9 100644
--- a/www/saml2/idp/SingleLogoutServiceiFrame.php
+++ b/www/saml2/idp/SingleLogoutServiceiFrame.php
@@ -232,7 +232,26 @@ if (isset($_REQUEST['SAMLRequest'])) {
 	} catch(Exception $exception) {
 		SimpleSAML_Utilities::fatalError($session->getTrackID(), 'LOGOUTREQUEST', $exception);
 	}
-	
+
+	/* Log a warning if the NameID in the LogoutRequest isn't the one we assigned to the SP. */
+	$requestNameId = $logoutrequest->getNameId();
+	ksort($requestNameId);
+	$sessionNameId = $session->getSessionNameId('saml20-sp-remote', $spEntityId);
+	ksort($sessionNameId);
+	if ($sessionNameId !== NULL && $requestNameId !== $sessionNameId) {
+		SimpleSAML_Logger::warning('Wrong NameID in LogoutRequest from ' .
+			var_export($spEntityId, TRUE) . '.');
+	}
+
+	/* Log a warning if the SessionIndex in the LogoutRequest isn't correct. */
+	$requestSessionIndex = $logoutrequest->getSessionIndex();
+	$sessionSessionIndex = $session->getSessionIndex();
+	if ($requestSessionIndex !== $sessionSessionIndex) {
+		SimpleSAML_Logger::warning('Wrong SessionIndex in LogoutRequest from ' .
+			var_export($spEntityId, TRUE) . '.');
+	}
+
+
 	// Extract some parameters from the logout request
 	#$requestid = $logoutrequest->getRequestID();
 	$requester = $logoutrequest->getIssuer();
@@ -322,6 +341,13 @@ foreach ($listofsps AS $spentityid) {
 
 		$sparray[$spentityid] = array('url' => $url, 'name' => $name);
 
+		/* Add the SP logout request information to the session so that we can check it later. */
+		$requestInfo = array(
+			'ID' => $lr->getId(),
+			'RelayState' => $lr->getRelayState(),
+		);
+		$session->setData('slo-request-info', $spentityid, $requestInfo, 15*60);
+
 	} catch (Exception $e) {
 		$sparrayNoLogout[$spentityid] = array('name' => $name);
 	}
diff --git a/www/saml2/idp/SingleLogoutServiceiFrameResponse.php b/www/saml2/idp/SingleLogoutServiceiFrameResponse.php
index ec72fb2e08e7b57c4252f5cdc791fbf63f7228d7..dddd1b8a19e4157841a1861325b29ad2d011cb43 100644
--- a/www/saml2/idp/SingleLogoutServiceiFrameResponse.php
+++ b/www/saml2/idp/SingleLogoutServiceiFrameResponse.php
@@ -55,6 +55,21 @@ $spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
 
 sspmod_saml2_Message::validateMessage($spMetadata, $idpMetadata, $logoutResponse);
 
+/*
+ * Check the logout response against the logout request, and log
+ * warnings if there is a mismatch.
+ */
+$requestInfo = $session->getData('slo-request-info', $spEntityId);
+if ($requestInfo !== NULL) {
+	if ($logoutResponse->getInResponseTo() !== $requestInfo['ID']) {
+		SimpleSAML_Logger::warning('Wrong InResponseTo in LogoutResponse from ' .
+			var_export($spEntityId, TRUE) . '.');
+	}
+	if ($logoutResponse->getRelayState() !== $requestInfo['RelayState']) {
+		SimpleSAML_Logger::warning('Wrong RelayState in LogoutResponse from ' .
+			var_export($spEntityId, TRUE) . '.');
+	}
+}
 
 $sphash = sha1($spEntityId);
 setcookie('spstate-' . $sphash , '1'); // Duration: 2 hours
diff --git a/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php b/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
index 24f8c666f299849d54dc4d9a2dddd6e95f7db07a..4e1b2c866157a74657be02f6fa5a58fcd35af458 100644
--- a/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
+++ b/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
@@ -227,7 +227,14 @@ foreach ($listofsps AS $spentityid) {
 		$url = $httpredirect->getRedirectURL($lr);
 
 		$sparray[$spentityid] = array('url' => $url, 'name' => $name);
-		
+
+		/* Add the SP logout request information to the session so that we can check it later. */
+		$requestInfo = array(
+			'ID' => $lr->getId(),
+			'RelayState' => $lr->getRelayState(),
+		);
+		$session->setData('slo-request-info', $spentityid, $requestInfo, 15*60);
+
 	} catch (Exception $e) {
 		
 		$sparrayNoLogout[$spentityid] = array('name' => $name);