diff --git a/docs/source/simplesamlphp-sp.xml b/docs/source/simplesamlphp-sp.xml
index fc578b10ca129b98b5ef2afdd39401b23c48a62d..bdf9f16453936202419eb07ed4ee6d0686c37814 100644
--- a/docs/source/simplesamlphp-sp.xml
+++ b/docs/source/simplesamlphp-sp.xml
@@ -644,7 +644,7 @@ $session = SimpleSAML_Session::getInstance(true);</programlisting>
     <programlisting>/* Check if valid local session exists.. */
 if (!isset($session) || !$session-&gt;isValid('saml2') ) {
 	SimpleSAML_Utilities::redirect(
-		'/' . $config-&gt;getValue('baseurlpath') .
+		'/' . $config-&gt;getBaseURL() .
 		'saml2/sp/initSSO.php',
 		array('RelayState' =&gt; SimpleSAML_Utilities::selfURL())
 		);
diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php
index 713a797379902ed197b222e11822c382cf4a9bb4..7178606ec2b29c572826f412400b80784f8a7c08 100644
--- a/lib/SimpleSAML/Configuration.php
+++ b/lib/SimpleSAML/Configuration.php
@@ -58,6 +58,13 @@ class SimpleSAML_Configuration {
 
 		return $this->configuration[$name];
 	}
+	
+	public function getBaseURL() {
+		if (preg_match('/^\*(.*)$/', $this->getValue('baseurlpath', ''), $matches)) {
+			return SimpleSAML_Utilities::getFirstPathElement(false) . $matches[1];
+		}
+		return $this->getValue('baseurlpath', '');
+	}
 
 
 	/* Retrieve the base directory for this simpleSAMLphp installation.
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
index e80ca42bfa1404b781a90bb619e20f0c903d453d..001aecd91e2c55e4773503d827d9be786ef2f26d 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
@@ -109,8 +109,7 @@ abstract class SimpleSAML_Metadata_MetaDataStorageHandler {
 		assert($config instanceof SimpleSAML_Configuration);
 		
 		$baseurl = SimpleSAML_Utilities::selfURLhost() . '/' . 
-			$config->getValue('baseurlpath');
-		
+			$config->getBaseURL();
 		
 		if ($set == 'saml20-sp-hosted') {
 			switch ($property) {				
@@ -164,7 +163,8 @@ abstract class SimpleSAML_Metadata_MetaDataStorageHandler {
 		if (!isset($this->metadata[$set])) {
 			$this->load($set);
 		}
-		$currenthost = $_SERVER['HTTP_HOST'];
+		$currenthost         = SimpleSAML_Utilities::getSelfHost(); 			// sp.example.org
+		$currenthostwithpath = SimpleSAML_Utilities::getSelfHostWithPath(); 	// sp.example.org/university
 		
 		if(strstr($currenthost, ":")) {
 				$currenthostdecomposed = explode(":", $currenthost);
@@ -177,11 +177,12 @@ abstract class SimpleSAML_Metadata_MetaDataStorageHandler {
 		if (!isset($currenthost)) {
 			throw new Exception('Could not get HTTP_HOST, in order to resolve default entity ID');
 		}
-		if (!isset($this->hostmap[$set][$currenthost])) {
-			throw new Exception('Could not find any default metadata entities in set [' . $set . '] for host [' . $currenthost . ']');
-		}
-		if (!$this->hostmap[$set][$currenthost]) throw new Exception('Could not find default metadata for current host');
-		return $this->hostmap[$set][$currenthost];
+		
+		
+		if (isset($this->hostmap[$set][$currenthostwithpath])) return $this->hostmap[$set][$currenthostwithpath];
+		if (isset($this->hostmap[$set][$currenthost])) return $this->hostmap[$set][$currenthost];
+		
+		throw new Exception('Could not find any default metadata entities in set [' . $set . '] for host [' . $currenthost . ' : ' . $currenthostwithpath . ']');
 	}
 
 	abstract public function load($set);
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 7762f9f9b12088a46950d9b854c017b8dc17d9c4..a1aaf897fbc292a1d8e67396e19c965be3abd619 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -14,7 +14,9 @@ require_once('SimpleSAML/Logger.php');
 class SimpleSAML_Utilities {
 
 
-
+	/**
+	 * Will return sp.example.org
+	 */
 	public static function getSelfHost() {
 	
 		$currenthost = $_SERVER['HTTP_HOST'];
@@ -22,9 +24,12 @@ class SimpleSAML_Utilities {
 				$currenthostdecomposed = explode(":", $currenthost);
 				$currenthost = $currenthostdecomposed[0];
 		}
-		return $currenthost;
+		return $currenthost;# . self::getFirstPathElement() ;
 	}
 
+	/**
+	 * Will return https
+	 */
 	public static function getSelfProtocol() {
 		$s = empty($_SERVER["HTTPS"]) ? ''
 			: ($_SERVER["HTTPS"] == "on") ? "s"
@@ -33,6 +38,9 @@ class SimpleSAML_Utilities {
 		return $protocol;
 	}
 
+	/**
+	 * Will return https://sp.example.org
+	 */
 	public static function selfURLhost() {
 	
 		$currenthost = self::getSelfHost();
@@ -52,18 +60,62 @@ class SimpleSAML_Utilities {
 	
 	}
 	
-
-
+	/**
+	 * Will return https://sp.example.org/universities/ruc/baz/simplesaml/saml2/SSOService.php
+	 */
 	public static function selfURLNoQuery() {
 	
 		$selfURLhost = self::selfURLhost();
-		return $selfURLhost . $_SERVER['SCRIPT_NAME'];
+		return $selfURLhost . self::getScriptName();
+	
+	}
 	
+	public static function getScriptName() {
+		$scriptname = $_SERVER['SCRIPT_NAME'];
+		if (preg_match('|^/.*?(/.*)$|', $_SERVER['SCRIPT_NAME'], $matches)) {
+			#$scriptname = $matches[1];
+		}
+		return $scriptname;
 	}
+	
+	
+	/**
+	 * Will return sp.example.org/foo
+	 */
+	public static function getSelfHostWithPath() {
+	
+		$selfhostwithpath = self::getSelfHost();
+		if (preg_match('|^(/.*?)/|', $_SERVER['SCRIPT_NAME'], $matches)) {
+			$selfhostwithpath .= $matches[1];
+		}
+		return $selfhostwithpath;
+	
+	}
+	
+	/**
+	 * Will return foo
+	 */
+	public static function getFirstPathElement($trailingslash = true) {
+	
+		if (preg_match('|^/(.*?)/|', $_SERVER['SCRIPT_NAME'], $matches)) {
+			return ($trailingslash ? '/' : '') . $matches[1];
+		}
+		return '';
+	}
+	
 
 	public static function selfURL() {
 		$selfURLhost = self::selfURLhost();
-		return $selfURLhost . $_SERVER['REQUEST_URI'];	
+		return $selfURLhost . self::getRequestURI();	
+	}
+	
+	public static function getRequestURI() {
+		
+		$requesturi = $_SERVER['REQUEST_URI'];
+		if (preg_match('|^/.*?(/.*)$|', $_SERVER['REQUEST_URI'], $matches)) {
+		#$requesturi = $matches[1];
+		}
+		return $requesturi;
 	}
 	
 	public static function addURLparameter($url, $parameter) {
diff --git a/lib/SimpleSAML/XHTML/Template.php b/lib/SimpleSAML/XHTML/Template.php
index 742882de397f1bd6039c055eb520af43524194ce..d4acfa022479861a2320ed723b98efcd4aa49a78 100644
--- a/lib/SimpleSAML/XHTML/Template.php
+++ b/lib/SimpleSAML/XHTML/Template.php
@@ -24,7 +24,7 @@ class SimpleSAML_XHTML_Template {
 		$this->configuration = $configuration;
 		$this->template = $template;
 		
-		$this->data['baseurlpath'] = $this->configuration->getValue('baseurlpath');
+		$this->data['baseurlpath'] = $this->configuration->getBaseURL();
 		
 		if (!empty($languagefile)) $this->includeLanguageFile($languagefile);
 	}
diff --git a/www/admin/memcachestat.php b/www/admin/memcachestat.php
index c13653857f816950dcbf90fe3d3ff02eb45b5b81..bbe1441eda70a4229fe3a809c292ea31f9f2343b 100644
--- a/www/admin/memcachestat.php
+++ b/www/admin/memcachestat.php
@@ -15,7 +15,7 @@ try {
 
 	/* Make sure that the user has admin access rights. */
 	if (!isset($session) || !$session->isValid('login-admin') ) {
-		SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
+		SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
 		                               array('RelayState' => SimpleSAML_Utilities::selfURL())
 		                               );
 	}
diff --git a/www/admin/metadata.php b/www/admin/metadata.php
index d6f1761eae1fa4b0d1f6bd536b87a7727d1809e4..a40491f2cb63786d3f2139f6379f428d87edebc7 100644
--- a/www/admin/metadata.php
+++ b/www/admin/metadata.php
@@ -14,7 +14,7 @@ $session = SimpleSAML_Session::getInstance(true);
 
 /* Check if valid local session exists.. */
 if (!isset($session) || !$session->isValid('login-admin') ) {
-	SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
+	SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
 		array('RelayState' => SimpleSAML_Utilities::selfURL())
 	);
 }
diff --git a/www/admin/test.php b/www/admin/test.php
index 285236d6d613132f57926f4f1d6074acf2dcc868..bbdde5f571ecf7b74c349a6ea8eb1be196146577 100644
--- a/www/admin/test.php
+++ b/www/admin/test.php
@@ -94,9 +94,9 @@ if ($op === 'login') {
 		}
 
 		if($protocol === 'saml2') {
-			$url = '/' . $config->getValue('baseurlpath') . 'saml2/sp/initSSO.php';
+			$url = '/' . $config->getBaseURL() . 'saml2/sp/initSSO.php';
 		} elseif($protocol === 'shib13') {
-			$url = '/' . $config->getValue('baseurlpath') . 'shib13/sp/initSSO.php';
+			$url = '/' . $config->getBaseURL() . 'shib13/sp/initSSO.php';
 		} else {
 			error('Unable to log in with protocol "' . $protocol . '".');
 		}
@@ -133,7 +133,7 @@ if ($op === 'login') {
 	}
 
 	if ($protocol === 'saml2') {
-		$url = '/' . $config->getValue('baseurlpath') . 'saml2/sp/initSLO.php';
+		$url = '/' . $config->getBaseURL() . 'saml2/sp/initSLO.php';
 	} else {
 		error('Logout unsupported for protocol "' . $protocol . '".');
 	}
diff --git a/www/aselect/handler.php b/www/aselect/handler.php
index 795456eed71280d3cafddb580aea93aba51c9eb4..448bec0d0e6745446698997522226693c2de31ab 100644
--- a/www/aselect/handler.php
+++ b/www/aselect/handler.php
@@ -71,11 +71,11 @@ $as_metadata = array(
 			'authsp' => 'simpleSAMLphp',
 			'app_level' => '10',
 			'tgt_exp_time' => '1194590521000',
-#			'auth' => '/' . $config->getValue('baseurlpath') . '/auth/login.php',
-#			'logout' => '/' . $config->getValue('baseurlpath') . 'logout.html',
-			'auth' => '/' . $config->getValue('baseurlpath') . '/saml2/sp/initSSO.php',
-			'logout' => '/' . $config->getValue('baseurlpath') . '/saml2/sp/initSLO.php',
-			'loggedout_url' => '/' . $config->getValue('baseurlpath') . 'logout.html',
+#			'auth' => '/' . $config->getBaseURL() . '/auth/login.php',
+#			'logout' => '/' . $config->getBaseURL() . 'logout.html',
+			'auth' => '/' . $config->getBaseURL() . '/saml2/sp/initSSO.php',
+			'logout' => '/' . $config->getBaseURL() . '/saml2/sp/initSLO.php',
+			'loggedout_url' => '/' . $config->getBaseURL() . 'logout.html',
 		),
 		'remote' => array(
 			// so far the IDP bridging is statically configured to the first one in
diff --git a/www/example-simple/hostnames.php b/www/example-simple/hostnames.php
index ca049c204087a253c5506d9187a6f5ba82621fbf..325314f6a00ec259b8de20a8cf690bb97a5b85a4 100644
--- a/www/example-simple/hostnames.php
+++ b/www/example-simple/hostnames.php
@@ -17,7 +17,7 @@ $session = SimpleSAML_Session::getInstance(true);
 
 /* Check if valid local session exists.. */
 if (!isset($session) || !$session->isValid('login-admin') ) {
-	SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
+	SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
 		array('RelayState' => SimpleSAML_Utilities::selfURL())
 	);
 }
@@ -31,6 +31,7 @@ $attributes = array();
 $attributes['selfURLhost'] = array(SimpleSAML_Utilities::selfURLhost());
 $attributes['selfURLNoQuery'] = array(SimpleSAML_Utilities::selfURLNoQuery());
 $attributes['selfURL'] = array(SimpleSAML_Utilities::selfURL());
+$attributes['selfHostWithPath'] = array(SimpleSAML_Utilities::getSelfHostWithPath());
 
 $attributes['HTTP_HOST'] = array($_SERVER['HTTP_HOST']);
 $attributes['HTTPS'] = array($_SERVER['HTTPS']);
diff --git a/www/example-simple/saml2-example.php b/www/example-simple/saml2-example.php
index c483c0eb10ca8b4d657a343116ddde325658dfb3..de07c4c4cc5bef6bf061d89a3264dc7ce42e8536 100644
--- a/www/example-simple/saml2-example.php
+++ b/www/example-simple/saml2-example.php
@@ -40,7 +40,7 @@ $session = SimpleSAML_Session::getInstance(TRUE);
  */
 if (!$session->isValid('saml2') ) {
 	SimpleSAML_Utilities::redirect(
-		'/' . $config->getValue('baseurlpath') . 'saml2/sp/initSSO.php',
+		'/' . $config->getBaseURL() . 'saml2/sp/initSSO.php',
 		array('RelayState' => SimpleSAML_Utilities::selfURL())
 	);
 }
@@ -57,15 +57,15 @@ $attributes = $session->getAttributes();
  *
  */
 
-$t = new SimpleSAML_XHTML_Template($config, 'status.php');
+$t = new SimpleSAML_XHTML_Template($config, 'status.php', 'attributes.php');
 
 $t->data['header'] = 'SAML 2.0 SP Demo Example';
 $t->data['remaining'] = $session->remainingTime();
 $t->data['sessionsize'] = $session->getSize();
 $t->data['attributes'] = $attributes;
 $t->data['icon'] = 'bino.png';
-$t->data['logout'] = '<p>[ <a href="/' . $config->getValue('baseurlpath') . 'saml2/sp/initSLO.php?RelayState=/' . 
-	$config->getValue('baseurlpath') . 'logout.html">Logout</a> ]';
+$t->data['logout'] = '<p>[ <a href="/' . $config->getBaseURL() . 'saml2/sp/initSLO.php?RelayState=/' . 
+	$config->getBaseURL() . 'logout.html">Logout</a> ]';
 $t->show();
 
 
diff --git a/www/example-simple/shib13-example.php b/www/example-simple/shib13-example.php
index d70950f477b4fa0a77b7cd22197cb7ed7aeb8a82..c9876c696270327dd0232fc585cff6136d917dcf 100644
--- a/www/example-simple/shib13-example.php
+++ b/www/example-simple/shib13-example.php
@@ -40,7 +40,7 @@ $session = SimpleSAML_Session::getInstance(TRUE);
  */
 if (!isset($session) || !$session->isValid('shib13') ) {	
 	SimpleSAML_Utilities::redirect(
-		'/' . $config->getValue('baseurlpath') . 'shib13/sp/initSSO.php',
+		'/' . $config->getBaseURL() . 'shib13/sp/initSSO.php',
 		array('RelayState' => SimpleSAML_Utilities::selfURL())
 	);
 }
diff --git a/www/index.php b/www/index.php
index ef77bc18e1f22a7a51e65fe822ada3db8500adf3..e8622423679c9cb3aea52fd7c9aedbd4ad964aaa 100644
--- a/www/index.php
+++ b/www/index.php
@@ -15,7 +15,7 @@ $session = SimpleSAML_Session::getInstance(true);
 /* Check if valid local session exists.. */
 if ($config->getValue('admin.protectindexpage', false)) {
 	if (!isset($session) || !$session->isValid('login-admin') ) {
-		SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
+		SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
 			array('RelayState' => SimpleSAML_Utilities::selfURL())
 		);
 	}
diff --git a/www/openid/provider/server.php b/www/openid/provider/server.php
index bf5e40534764e531bf22d68d1f827e2a7d660cee..0a16ab51b608ec10b3258d32ae130430d1a4618d 100644
--- a/www/openid/provider/server.php
+++ b/www/openid/provider/server.php
@@ -112,7 +112,7 @@ function action_default()
 		
 		$relaystate = SimpleSAML_Utilities::selfURLNoQuery() . '?RelayState=' . urlencode($_GET['RelayState']) .
 			'&RequestID=' . urlencode($requestid);
-		$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmeta['auth'], 
+		$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getBaseURL() . $idpmeta['auth'], 
 			'RelayState=' . urlencode($relaystate));
 		
 		$t->data['initssourl'] 			= $authurl;
@@ -230,7 +230,7 @@ function check_authenticated_user() {
 		
 		
 		$relaystate = SimpleSAML_Utilities::selfURLNoQuery() . '/login';
-		$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmeta['auth'], 
+		$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getBaseURL() . $idpmeta['auth'], 
 			'RelayState=' . urlencode($relaystate));
 		
 		SimpleSAML_Utilities::redirect($authurl);
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index e5e5dd04f0b41fc8d4de74c2a1e492f24f650d6f..8515634a646e0f812c38332d3ab720836cc567b7 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -132,7 +132,7 @@ if (!isset($session) || !$session->isValid($authority) ) {
 
 	$relaystate = SimpleSAML_Utilities::selfURLNoQuery() .
 		'?RequestID=' . urlencode($requestid);
-	$authurl = '/' . $config->getValue('baseurlpath') . $idpmetadata['auth'];
+	$authurl = '/' . $config->getBaseURL() . $idpmetadata['auth'];
 
 	SimpleSAML_Utilities::redirect($authurl,
 		array('RelayState' => $relaystate));
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 05ff903c73d4dd184670c1808702b7bffcd6cbaf..bdf02af69ad68c062374cbb2545033fba683a7c1 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -222,7 +222,7 @@ if ($config->getValue('debug', false))
  * initiate SAML 2.0 SP Single LogOut, with the RelayState equal this URL.
  */
 if ($session->getAuthority() == 'saml2') {
-	SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'saml2/sp/initSLO.php',
+	SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'saml2/sp/initSLO.php',
 		array('RelayState' => SimpleSAML_Utilities::selfURLNoQuery())
 	);
 }
diff --git a/www/saml2/sp/initSSO.php b/www/saml2/sp/initSSO.php
index c26210b16f4f80b7050545e3d83052c19ee13c3f..b8716f84fc86cecec450ad7e93301116f2a753e6 100644
--- a/www/saml2/sp/initSSO.php
+++ b/www/saml2/sp/initSSO.php
@@ -47,7 +47,7 @@ if (!isset($session) || !$session->isValid('saml2') ) {
 		SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: No chosen or default IdP, go to SAML2disco');
 		
 		$returnURL = urlencode(SimpleSAML_Utilities::selfURL());
-		$discservice = '/' . $config->getValue('baseurlpath') . 'saml2/sp/idpdisco.php?entityID=' . $spentityid . 
+		$discservice = '/' . $config->getBaseURL() . 'saml2/sp/idpdisco.php?entityID=' . $spentityid . 
 			'&return=' . $returnURL . '&returnIDParam=idpentityid';
 		SimpleSAML_Utilities::redirect($discservice);
 	}
diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php
index db38d9d011e740bcbe8390eefc407aaa236adade..15216908a94bb1881af3fd5bcc227040dce02f26 100644
--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -122,7 +122,7 @@ $authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : null
 if (!$session->isAuthenticated($authority) ) {
 
 	$relaystate = SimpleSAML_Utilities::selfURLNoQuery() . '?RequestID=' . urlencode($requestid);
-	$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmetadata['auth'], 
+	$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getBaseURL() . $idpmetadata['auth'], 
 		'RelayState=' . urlencode($relaystate));
 	SimpleSAML_Utilities::redirect($authurl);
 	
diff --git a/www/shib13/sp/initSSO.php b/www/shib13/sp/initSSO.php
index bc7ec229dbcb6915ea23402fde5c7650f87645ee..6b3dba0c7786c291334c2b65761fe76c8e927995 100644
--- a/www/shib13/sp/initSSO.php
+++ b/www/shib13/sp/initSSO.php
@@ -49,7 +49,7 @@ if (!isset($session) || !$session->isValid('shib13') ) {
 		SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: No chosen or default IdP, go to Shib13disco');
 	
 		$returnURL = urlencode(SimpleSAML_Utilities::selfURL());
-		$discservice = '/' . $config->getValue('baseurlpath') . 'shib13/sp/idpdisco.php?entityID=' . $spentityid . 
+		$discservice = '/' . $config->getBaseURL() . 'shib13/sp/idpdisco.php?entityID=' . $spentityid . 
 			'&return=' . $returnURL . '&returnIDParam=idpentityid';
 		SimpleSAML_Utilities::redirect($discservice);