diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index dd1002ee8f30e9b2ad462879e0031695f09f5dab..31b14078005d8dcc08256f936ff298df58aa079c 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -425,6 +425,10 @@ if($needAuth && !$isPassive) {
 		$assertion = sspmod_saml2_Message::buildAssertion($idpMetadata, $spMetadata, $attributes);
 		$assertion->setInResponseTo($requestID);
 
+		$nameId = $assertion->getNameId();
+		$nameId['value'] = $nameId['Value'];
+		$session->setSessionNameId('saml20-sp-remote', $spentityid, $nameId);
+
 		/* Maybe encrypt the assertion. */
 		$assertion = sspmod_saml2_Message::encryptAssertion($idpMetadata, $spMetadata, $assertion);