diff --git a/lib/SimpleSAML/ModuleControllerResolver.php b/lib/SimpleSAML/ModuleControllerResolver.php
index bd013538759dd1f4750cb688a761dd21b614ad59..28abc93d13039cda670058830de93e7ac8ac88cb 100644
--- a/lib/SimpleSAML/ModuleControllerResolver.php
+++ b/lib/SimpleSAML/ModuleControllerResolver.php
@@ -2,6 +2,7 @@
 
 namespace SimpleSAML;
 
+use SimpleSAML\Auth\AuthenticationFactory;
 use SimpleSAML\Error\Exception;
 use Symfony\Component\Config\Exception\FileLocatorFileNotFoundException;
 use Symfony\Component\Config\FileLocator;
@@ -60,6 +61,7 @@ class ModuleControllerResolver extends ControllerResolver implements ArgumentRes
 
         $this->argFactory = new ArgumentMetadataFactory();
         $this->container = new ContainerBuilder();
+        $this->container->autowire(AuthenticationFactory::class, AuthenticationFactory::class);
 
         try {
             $this->routes = $loader->load('routes.yaml');
diff --git a/modules/core/lib/Controller.php b/modules/core/lib/Controller.php
index 97df0cfd63f1a1716f4a166a63e584f3d5db668f..8a4563f42df18c96261dab9a35344e64c8a01c7e 100644
--- a/modules/core/lib/Controller.php
+++ b/modules/core/lib/Controller.php
@@ -21,6 +21,9 @@ class Controller
     /** @var \SimpleSAML\Configuration */
     protected $config;
 
+    /** @var \SimpleSAML\Auth\AuthenticationFactory */
+    protected $factory;
+
     /** @var \SimpleSAML\Session */
     protected $session;
 
@@ -33,14 +36,19 @@ class Controller
      *
      * It initializes the global configuration and auth source configuration for the controllers implemented here.
      *
-     * @param \SimpleSAML\Configuration $config The configuration to use by the controllers.
-     * @param \SimpleSAML\Session $session The session to use by the controllers.
+     * @param \SimpleSAML\Configuration              $config The configuration to use by the controllers.
+     * @param \SimpleSAML\Session                    $session The session to use by the controllers.
+     * @param \SimpleSAML\Auth\AuthenticationFactory $factory A factory to instantiate \SimpleSAML\Auth\Simple objects.
      *
      * @throws \Exception
      */
-    public function __construct(\SimpleSAML\Configuration $config, \SimpleSAML\Session $session)
-    {
+    public function __construct(
+        \SimpleSAML\Configuration $config,
+        \SimpleSAML\Session $session,
+        \SimpleSAML\Auth\AuthenticationFactory $factory
+    ) {
         $this->config = $config;
+        $this->factory = $factory;
         $this->sources = $config::getOptionalConfig('authsources.php')->toArray();
         $this->session = $session;
     }
@@ -62,7 +70,7 @@ class Controller
             throw new Exception('Invalid authentication source');
         }
 
-        $auth = new \SimpleSAML\Auth\Simple($as);
+        $auth = $this->factory->create($as);
         if (!$auth->isAuthenticated()) {
             // not authenticated, start auth with specified source
             return new RedirectResponse(\SimpleSAML\Module::getModuleURL('core/login/'.urlencode($as)));
@@ -122,7 +130,7 @@ class Controller
         }
 
         // at this point, we have a valid auth source selected, start auth
-        $auth = new \SimpleSAML\Auth\Simple($as);
+        $auth = $this->factory->create($as);
         $as = urlencode($as);
 
         if ($request->get(\SimpleSAML\Auth\State::EXCEPTION_PARAM, false) !== false) {
@@ -160,7 +168,7 @@ class Controller
      */
     public function logout($as)
     {
-        $as = new \SimpleSAML\Auth\Simple($as);
-        return new RunnableResponse([$as, 'logout'], [$this->config->getBasePath().'logout.php']);
+        $auth = new \SimpleSAML\Auth\Simple($as);
+        return new RunnableResponse([$auth, 'logout'], [$this->config->getBasePath().'logout.php']);
     }
 }