diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 12fb37aea02169ae6483ac8a99535ce02c764ee0..3c4921be8d79e5cef43586a88449a1acb8b5e182 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -146,7 +146,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$ar = new SimpleSAML_XML_Shib13_AuthnRequest();
 		$ar->setIssuer($this->entityId);
 
-		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml1');
+		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso');
 		$ar->setRelayState($id);
 
 		$useArtifact = $idpMetadata->getBoolean('saml1.useartifact', NULL);
@@ -185,7 +185,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 			$ar->setRelayState($state['SimpleSAML_Auth_Default.ReturnURL']);
 		}
 
-		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml2');
+		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso');
 		$ar->setId($id);
 
 		$b = new SAML2_HTTPRedirect();
@@ -229,7 +229,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 	 */
 	private function startDisco(array $state) {
 
-		$id = SimpleSAML_Auth_State::saveState($state, 'saml:disco');
+		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:sso');
 
 		$config = SimpleSAML_Configuration::getInstance();
 
diff --git a/modules/saml/www/sp/discoresp.php b/modules/saml/www/sp/discoresp.php
index 940d47bf147211706ea70492865c44b87c1adc07..6d9af381ed1ac06bf985052aff6f67f527f57d2d 100644
--- a/modules/saml/www/sp/discoresp.php
+++ b/modules/saml/www/sp/discoresp.php
@@ -12,7 +12,7 @@ if (!array_key_exists('idpentityid', $_REQUEST)) {
 	throw new SimpleSAML_Error_BadRequest('Missing idpentityid to discovery service response handler');
 }
 
-$state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthID'], 'saml:disco');
+$state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthID'], 'saml:sp:sso');
 
 /* Find authentication source. */
 assert('array_key_exists("saml:sp:AuthId", $state)');
diff --git a/modules/saml/www/sp/saml1-acs.php b/modules/saml/www/sp/saml1-acs.php
index 1568f06c2415cbb053ce590b0dc862075aa08c80..11bbd1b327a46824eb3868eab6067a2b7b739e4a 100644
--- a/modules/saml/www/sp/saml1-acs.php
+++ b/modules/saml/www/sp/saml1-acs.php
@@ -18,7 +18,7 @@ $sourceId = substr($sourceId, 1, $end - 1);
 $source = SimpleSAML_Auth_Source::getById($sourceId, 'sspmod_saml_Auth_Source_SP');
 
 
-$state = SimpleSAML_Auth_State::loadState($_REQUEST['TARGET'], 'saml:sp:ssosent-saml1');
+$state = SimpleSAML_Auth_State::loadState($_REQUEST['TARGET'], 'saml:sp:sso');
 
 /* Check that the authentication source is correct. */
 assert('array_key_exists("saml:sp:AuthId", $state)');
@@ -26,6 +26,12 @@ if ($state['saml:sp:AuthId'] !== $sourceId) {
 	throw new SimpleSAML_Error_Exception('The authentication source id in the URL does not match the authentication source which sent the request.');
 }
 
+if (!isset($state['saml:idp'])) {
+	/* We seem to have received a response without sending a request. */
+	throw new SimpleSAML_Error_Exception('SAML 1 response received before SAML 1 request.');
+}
+
+
 $spMetadata = $source->getMetadata();
 
 $idpEntityId = $state['saml:idp'];
diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index 7e7440036a4aa0e4b7a8f22198f25f2151fa0d28..1cd68509c94d244494ef2b18bb1052e7bc1f2c4d 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -16,7 +16,7 @@ if (!($response instanceof SAML2_Response)) {
 $stateId = $response->getInResponseTo();
 if (!empty($stateId)) {
 	/* This is a response to a request we sent earlier. */
-	$state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:ssosent-saml2');
+	$state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:sso');
 
 	/* Check that the authentication source is correct. */
 	assert('array_key_exists("saml:sp:AuthId", $state)');