diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index 24123aae675cf328ceb7437cf98c62fd5ab7c813..21df10bd09bab8c917676f586b3013a674e9b771 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -26,11 +26,16 @@ require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSA
 
 $config = SimpleSAML_Configuration::getInstance();
 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-$session = SimpleSAML_Session::getInstance(true);
+$session = SimpleSAML_Session::getInstance(TRUE);
 
 try {
 	$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
 	$idpmetadata = $metadata->getMetaDataCurrent('saml20-idp-hosted');
+	
+	if (!array_key_exists($idpmetadata, 'auth')) {
+		throw new Exception('Missing mandatory parameter in SAML 2.0 IdP Hosted Metadata: [auth]');
+	}
+	
 } catch (Exception $exception) {
 	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'METADATA', $exception);
 }
@@ -56,15 +61,15 @@ if (isset($_GET['SAMLRequest'])) {
 	try {
 		$binding = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);
 		$authnrequest = $binding->decodeRequest($_GET);
-		
-		//$session = $authnrequest->createSession();
+
 		$requestid = $authnrequest->getRequestID();
+		$issuer = $authnrequest->getIssuer();
 		
 		/*
 		 * Create an assoc array of the request to store in the session cache.
 		 */
 		$requestcache = array(
-			'Issuer'    => $authnrequest->getIssuer()
+			'Issuer'    => $issuer
 		);
 		if ($relaystate = $authnrequest->getRelayState() )
 			$requestcache['RelayState'] = $relaystate;
@@ -72,11 +77,11 @@ if (isset($_GET['SAMLRequest'])) {
 		$session->setAuthnRequest('saml2', $requestid, $requestcache);
 		
 		
-		if ($binding->validateQuery($authnrequest->getIssuer(),'IdP')) {
-			SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Valid signature found for '.$requestid);
+		if ($binding->validateQuery($issuer, 'IdP')) {
+			SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Valid signature found for ' . $requestid);
 		}
 		
-		SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Incomming Authentication request: '.$authnrequest->getIssuer().' id '.$requestid);
+		SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Incomming Authentication request: '.$issuer.' id '.$requestid);
 	
 	} catch(Exception $exception) {
 		SimpleSAML_Utilities::fatalError($session->getTrackID(), 'PROCESSAUTHNREQUEST', $exception);
@@ -94,13 +99,11 @@ if (isset($_GET['SAMLRequest'])) {
 } elseif(isset($_GET['RequestID'])) {
 
 	try {
-
-		$requestid = $_GET['RequestID'];
-
-		$requestcache = $session->getAuthnRequest('saml2', $requestid);
-		
+	
 		SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Got incomming RequestID');
 		
+		$requestid = $_GET['RequestID'];
+		$requestcache = $session->getAuthnRequest('saml2', $requestid);
 		if (!$requestcache) throw new Exception('Could not retrieve cached RequestID = ' . $requestid);
 		
 	} catch(Exception $exception) {
@@ -112,11 +115,11 @@ if (isset($_GET['SAMLRequest'])) {
 }
 
 
-$authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : null;
+$authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : NULL;
 
 
-/*
- * As we have passed the code above, we have an accociated request that is already processed.
+/**
+ * As we have passed the code above, we have an associated request that is already processed.
  *
  * Now we check whether we have a authenticated session. If we do not have an authenticated session,
  * we look up in the metadata of the IdP, to see what authenticaiton module to use, then we redirect
@@ -126,18 +129,16 @@ $authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : null
  */
 if (!isset($session) || !$session->isValid($authority) ) {
 
-
 	SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Will go to authentication module ' . $idpmetadata['auth']);
 
 	$relaystate = SimpleSAML_Utilities::selfURLNoQuery() .
 		'?RequestID=' . urlencode($requestid);
 	$authurl = '/' . $config->getBaseURL() . $idpmetadata['auth'];
 
-	SimpleSAML_Utilities::redirect($authurl,
-		array('RelayState' => $relaystate));
+	SimpleSAML_Utilities::redirect($authurl, array('RelayState' => $relaystate));
 		
-/*
- * We got an request, and we hav a valid session. Then we send an AuthenticationResponse back to the
+/**
+ * We got an request, and we have a valid session. Then we send an AuthnResponse back to the
  * service.
  */
 } else {
@@ -153,7 +154,7 @@ if (!isset($session) || !$session->isValid($authority) ) {
 		// Right now the list is used for SAML 2.0 only.
 		$session->add_sp_session($spentityid);
 
-		SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Sending back AuthnResponse to '.$spentityid);
+		SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Sending back AuthnResponse to ' . $spentityid);
 		
 
 		
@@ -163,8 +164,8 @@ if (!isset($session) || !$session->isValid($authority) ) {
 		 */
 		$attributes = $session->getAttributes();
 		$afilter = new SimpleSAML_XML_AttributeFilter($config, $attributes);
-		
 		$afilter->process($idpmetadata, $spmetadata);
+		
 		/**
 		 * Make a log entry in the statistics for this SSO login.
 		 */