diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index e1d6920a83fb0cb793781f3a8490d7e45b101a85..3f2c4538395c3204c5f6aea9d2584a50b3308349 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -149,8 +149,16 @@ if (isset($_REQUEST['SAMLRequest'])) {
 		$spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote');
 
 		$consumerURL = $authnrequest->getAssertionConsumerServiceURL();
-		$consumerArray = SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']);
-		if (($consumerURL != NULL) && (array_search($consumerURL, $consumerArray) !== FALSE)) $requestcache['ConsumerURL'] = $consumerURL;
+		if ($consumerURL !== NULL) {
+			$consumerArray = SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']);
+			if (in_array($consumerURL, $consumerArray, TRUE)) {
+				$requestcache['ConsumerURL'] = $consumerURL;
+			} else {
+				SimpleSAML_Logger::warning('Authentication request from ' . var_export($spentityid, TRUE) .
+					' contains invalid AssertionConsumerService URL. Was ' .
+					var_export($consumerURL, TRUE) . ', could be ' . var_export($consumerArray, TRUE) . '.');
+			}
+		}
 
 		$IDPList = $authnrequest->getIDPList();