diff --git a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
index 8d68c99f71007de1d05db650ba2a7b7fbace671e..6845a0e6de9a913d8035a8f82da9ea706120f9d3 100644
--- a/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
@@ -76,10 +76,11 @@ class SimpleSAML_Bindings_SAML20_HTTPPost {
 		/*
 		$privatekey = "/home/as/erlang/feide2/cert/edugain/server1Key.pem";
 		$publiccert = "/home/as/erlang/feide2/cert/edugain/server2chain.pem";
-		*/
+
 
 		$privatekey = "/home/as/erlang/feide2/cert/server.pem";
 		$publiccert = "/home/as/erlang/feide2/cert/server.crt";
+				*/
 		
 		$privatekey = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['privatekey'];
 		$publiccert = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['certificate'];
diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
index cbe2a19a3d0f026f39f70b7c74017d72cb25d619..21409b26d24d7b392d5cec34fa6bf3421b7bf97d 100644
--- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
+++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php
@@ -68,18 +68,14 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 	
 	public function sendResponse($response, $idpentityid, $spentityid, $relayState = null) {
 
-		$idpmd = $this->metadata->getMetaData($idpentityid, 'saml20-idp-hosted');
-		$spmd = $this->metadata->getMetaData($spentityid, 'saml20-sp-remote');
+		$idpmd = $this->metadata->getMetaData($idpentityid, 'shib13-idp-hosted');
+		$spmd = $this->metadata->getMetaData($spentityid, 'shib13-sp-remote');
 		
-		$destination = $spmd['assertionConsumerServiceURL'];
+		$destination = $spmd['shire'];
 	
-		/*
-		$privatekey = "/home/as/erlang/feide2/cert/edugain/server1Key.pem";
-		$publiccert = "/home/as/erlang/feide2/cert/edugain/server2chain.pem";
-		*/
+		$privatekey = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['privatekey'];
+		$publiccert = $this->configuration->getValue('basedir') . '/cert/' . $idpmd['certificate'];
 
-		$privatekey = "/home/as/erlang/feide2/cert/server.pem";
-		$publiccert = "/home/as/erlang/feide2/cert/server.crt";
 
 		
 		/*
@@ -87,7 +83,8 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 		 */
 		$objXMLSecDSig = new XMLSecurityDSig();
 		//$objXMLSecDSig->idKeys[] = 'ResponseID';
-		#$objXMLSecDSig->idKeys = array('ResponseID');
+		
+		$objXMLSecDSig->idKeys = array('ResponseID');
 		
 		$objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
 		
@@ -99,9 +96,9 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 		//$assertionroot = $responsedom->getElementsByTagName('Assertion')->item(1);
 		$firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
 		
-		#$objXMLSecDSig->addReferenceList(array($responseroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'));
-		$objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature',
-			'http://www.w3.org/2001/10/xml-exc-c14n#'));
+		$objXMLSecDSig->addReferenceList(array($responseroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'), null, 'ResponseID');
+		#$objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature',
+		#	'http://www.w3.org/2001/10/xml-exc-c14n#'));
 		
 		#$objXMLSecDSig->addRefInternal($responseroot, $responseroot, XMLSecurityDSig::SHA1);
 		
@@ -128,7 +125,7 @@ class SimpleSAML_Bindings_Shib13_HTTPPost {
 		*/
 		
 		
-		$objXMLSecDSig->appendSignature($firstassertionroot, true);
+		$objXMLSecDSig->appendSignature($responseroot, false);
 		
 		$response = $responsedom->saveXML();
 		
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index 03befb7c6c8787e8c63bacb84e5c5584f7f512f4..db523b01931796bdf63c02fbefbb0a1b5dba27df 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -34,6 +34,8 @@ class SimpleSAML_Session {
 	private $configuration = null;
 	
 	private $authnrequests = array();
+	private $shibauthreq = null;
+	
 	private $authnresponse = null;
 	
 	private $logoutrequest = null;
@@ -61,6 +63,7 @@ class SimpleSAML_Session {
 		$this->protocol = $protocol;
 		$this->authnresponse = $message;
 		
+		
 		$this->authenticated = $authenticated;
 		if ($authenticated) {
 			$this->sessionstarted = time();
@@ -119,6 +122,14 @@ class SimpleSAML_Session {
 			$_SESSION['SimpleSAMLphp_SESSION'] = self::$instance;
 		}
 	}
+	
+	public function setShibAuthnRequest(SimpleSAML_XML_Shib13_AuthnRequest $req) {
+		$this->shibauthreq = $req;
+	}
+	
+	public function getShibAuthnRequest() {
+		return $this->shibauthreq;
+	}
 
 	public function setAuthnRequest($requestid, SimpleSAML_XML_SAML20_AuthnRequest $xml) {	
 		$this->authnrequests[$requestid] = $xml;
@@ -218,6 +229,10 @@ class SimpleSAML_Session {
 		$this->attributes = $attributes;
 	}
 	
+	public function setAttribute($name, $value) {
+		$this->attributes[$name] = $value;
+	}
+	
 }
 
 ?>
\ No newline at end of file
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
index ef7c0c9aa034b0af09f749899da580df8e7c7a3b..6d12ae978634bf514ad6ac38ee19b4ebab10be35 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnRequest.php
@@ -34,6 +34,8 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
 	function __construct(SimpleSAML_Configuration $configuration, SimpleSAML_XML_MetaDataStore $metadatastore) {
 		$this->configuration = $configuration;
 		$this->metadata = $metadatastore;
+		
+		$this->requestid = $this->generateID();
 	}
 	
 	public function setRelayState($relayState) {
@@ -54,7 +56,13 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
 
 
 	public function parseGet($get) {
-		return null;
+		if (!isset($get['shire'])) throw new Exception('Could not read shire parameter from HTTP GET request');
+		if (!isset($get['providerId'])) throw new Exception('Could not read providerId parameter from HTTP GET request');
+		if (!isset($get['target'])) throw new Exception('Could not read target parameter from HTTP GET request');
+
+		$this->setIssuer($get['providerId']);
+		$this->setRelayState($get['target']);
+
 	}
 	
 	public function setNewRequestID() {	
@@ -70,11 +78,11 @@ class SimpleSAML_XML_Shib13_AuthnRequest {
 		$session = SimpleSAML_Session::getInstance();
 		
 		if (!isset($session)) {
-			SimpleSAML_Session::init(self::PROTOCOL);
+			SimpleSAML_Session::init(self::PROTOCOL, null, false);
 			$session = SimpleSAML_Session::getInstance();
 		}
 
-		$session->setAuthnRequest($this->getRequestID(), $this);
+		$session->setShibAuthnRequest($this);
 		
 		/*
 		if (isset($this->relayState)) {
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index 22412500c8d8432a5520edbc4447ddfc637b6ad4..98a029550c5ca6b3dc4867d367c01a34cfd9b11e 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -319,15 +319,15 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
 	
 		//echo 'idp:' . $idpentityid . ' sp:' . $spentityid .' inresponseto:' .  $inresponseto . ' namid:' . $nameid;
 	
-		$idpmd 	= $this->metadata->getMetaData($idpentityid, 'saml20-idp-hosted');
-		$spmd 	= $this->metadata->getMetaData($spentityid, 'saml20-sp-remote');
+		$idpmd 	= $this->metadata->getMetaData($idpentityid, 'shib13-idp-hosted');
+		$spmd 	= $this->metadata->getMetaData($spentityid, 'shib13-sp-remote');
 		
 		$id = self::generateID();
 		$issueInstant = self::generateIssueInstant();
 		$assertionExpire = self::generateIssueInstant(60 * 5); # 5 minutes
 		
 		$assertionid = self::generateID();
-		$sessionindex = self::generateID();
+		
 		
 		if (is_null($nameid)) {
 			$nameid = self::generateID();
@@ -335,63 +335,82 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
 
 		$issuer = $idpentityid;
 
-		$assertionConsumerServiceURL = $spmd['assertionConsumerServiceURL'];
-		$spNameQualifier = $spmd['spNameQualifier'];
-		
-		$destination = $spmd['assertionConsumerServiceURL'];
+		$shire = $spmd['shire'];
+		$audience = $spmd['audience'];
+		$spnamequalifier = $spmd['spnamequalifier'];
+		$base64 = $idpmd['base64'];
 		
 		$encodedattributes = '';
-		foreach ($attributes AS $name => $value) {
-			$encodedattributes .= $this->enc_attribute($name, $value[0], true);
+		
+		if (is_array($attributes)) {
+
+			$encodedattributes .= '<AttributeStatement>
+				<Subject>
+					<NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . $spnamequalifier . '"
+						>' . $nameid . '</NameIdentifier>
+				</Subject>';
+				
+			foreach ($attributes AS $name => $value) {
+				$encodedattributes .= $this->enc_attribute($name, $value[0], $base64);
+			}
+			
+			$encodedattributes .= '</AttributeStatement>';
 		}
 		
-		$authnResponse = '<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
-    ID="' . $id . '"
-    InResponseTo="' . $inresponseto. '" Version="2.0"
-    IssueInstant="' . $issueInstant . '"
-    Destination="' . $destination . '">
-    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">' . $issuer . '</saml:Issuer>
-    <samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
-        <samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
-            Value="urn:oasis:names:tc:SAML:2.0:status:Success"> </samlp:StatusCode>
-    </samlp:Status>
-    <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0"
-        ID="' . $assertionid . '" IssueInstant="' . $issueInstant . '">
-        <saml:Issuer>' . $issuer . '</saml:Issuer>
-        <saml:Subject>
-            <saml:NameID NameQualifier="' . $issuer . '" SPNameQualifier="'. $spentityid. '"
-                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
-                >' . $nameid. '</saml:NameID>
-            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-                <saml:SubjectConfirmationData NotOnOrAfter="' . $assertionExpire . '"
-                    InResponseTo="' . $inresponseto. '"
-                    Recipient="' . $destination . '"/>
-            </saml:SubjectConfirmation>
-        </saml:Subject>
-        <saml:Conditions NotBefore="' . $issueInstant. '" NotOnOrAfter="' . $assertionExpire. '">
-            <saml:AudienceRestriction>
-                <saml:Audience>' . $spentityid . '</saml:Audience>
-            </saml:AudienceRestriction>
-        </saml:Conditions>
-        <saml:AuthnStatement AuthnInstant="' . $issueInstant . '"
-            SessionIndex="' . $sessionindex . '">
-            <saml:AuthnContext>
-                <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
-            </saml:AuthnContext>
-        </saml:AuthnStatement>
-        <saml:AttributeStatement>
-            ' . $encodedattributes . '
-        </saml:AttributeStatement>
-    </saml:Assertion>
-</samlp:Response>
-';
+		
+		
+		/*
+		 * The SAML 1.1 response message
+		 */
+		$response = '<Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
+    xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+    xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="' . $issueInstant. '"
+    MajorVersion="1" MinorVersion="1"
+    Recipient="' . $shire . '"
+    ResponseID="' . $id . '">
+
+<Status>
+        <StatusCode Value="samlp:Success">
+            <StatusCode xmlns:code="urn:geant2:edugain:protocol" Value="code:Accepted"/>
+        </StatusCode>
+    </Status>    
+    <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
+        AssertionID="' . $assertionid . '" IssueInstant="' . $issueInstant. '"
+        Issuer="' . $issuer . '" MajorVersion="1" MinorVersion="1">
+        <Conditions NotBefore="' . $issueInstant. '" NotOnOrAfter="'. $assertionExpire . '">
+            <AudienceRestrictionCondition>
+                <Audience>' . $audience . '</Audience>
+            </AudienceRestrictionCondition>
+        </Conditions>
+        <AuthenticationStatement AuthenticationInstant="' . $issueInstant. '"
+            AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
+            <Subject>
+                <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . $spnamequalifier . '"
+                    >' . $nameid . '</NameIdentifier>
+                <SubjectConfirmation>
+                    <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod>
+                </SubjectConfirmation>
+            </Subject>
+        </AuthenticationStatement>
+        
+                ' . $encodedattributes . '
+    </Assertion>
+</Response>';
 		  
-		return $authnResponse;
+		return $response;
 	}
 
 
 	
 
+
+	private function enc_attribute($name, $value, $base64 = false) {
+		return '<Attribute AttributeName="' . $name . '" 
+			AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri">
+		<AttributeValue>' . ($base64 ? base64_encode($value) : htmlspecialchars($value) ) . '</AttributeValue>
+	</Attribute>';
+	}	
 	
 }
 
diff --git a/lib/xmlseclibs.php b/lib/xmlseclibs.php
index f441eafd9040959ed0bb4aaa72a5bb00fe513911..18807ca2e8b17d9ab00da8bbc5fc8e1b2516ce43 100644
--- a/lib/xmlseclibs.php
+++ b/lib/xmlseclibs.php
@@ -811,10 +811,10 @@ class XMLSecurityDSig {
 		return TRUE;
 	}
 
-	private function addRefInternal($sinfoNode, $node, $algorithm, $arTransforms=NULL, $options=NULL) {
+	private function addRefInternal($sinfoNode, $node, $algorithm, $arTransforms=NULL, $options=NULL, $id_name = 'ID') {
 		$prefix = NULL;
 		$prefix_ns = NULL;
-		$id_name = 'ID';
+
 
 		if (is_array($options)) {
 			$prefix = empty($options['prefix'])?NULL:$options['prefix'];
@@ -868,23 +868,23 @@ class XMLSecurityDSig {
 		$refNode->appendChild($digestValue);
 	}
 
-	public function addReference($node, $algorithm, $arTransforms=NULL, $options=NULL) {
+	public function addReference($node, $algorithm, $arTransforms=NULL, $options=NULL, $idname = 'ID') {
 		if ($xpath = $this->getXPathObj()) {
 			$query = "./secdsig:SignedInfo";
 			$nodeset = $xpath->query($query, $this->sigNode);
 			if ($sInfo = $nodeset->item(0)) {
-				$this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options);
+				$this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options, $idname);
 			}
 		}
 	}
 
-	public function addReferenceList($arNodes, $algorithm, $arTransforms=NULL, $options=NULL) {
+	public function addReferenceList($arNodes, $algorithm, $arTransforms=NULL, $options=NULL, $idname = 'ID') {
 		if ($xpath = $this->getXPathObj()) {
 			$query = "./secdsig:SignedInfo";
 			$nodeset = $xpath->query($query, $this->sigNode);
 			if ($sInfo = $nodeset->item(0)) {
 				foreach ($arNodes AS $node) {
-					$this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options);
+					$this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options, $idname);
 				}
 			}
 		}
@@ -979,7 +979,50 @@ class XMLSecurityDSig {
 		$objKey->serializeKey($parent);
 	}
 
-	public function appendSignature($parentNode, $insertBefore = FALSE, $assertion = false) {
+
+	public function appendSignatureShib($parentNode, $insertBefore = FALSE, $assertion = false) {
+		$baseDoc = ($parentNode instanceof DOMDocument)?$parentNode:$parentNode->ownerDocument;
+		$newSig = $baseDoc->importNode($this->sigNode, TRUE);
+
+	
+	
+		$xnode = null;
+		
+		$xpath = new DOMXPath($baseDoc);
+		$xpath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS);
+		$xpath->registerNamespace('samlp', 'urn:oasis:names:tc:SAML:1.0:protocol');
+		$xpath->registerNamespace('saml', 'urn:oasis:names:tc:SAML:1.0:assertion');
+
+
+		if ($insertBefore && !$assertion) {
+
+			$query = "//samlp:Status";
+			$nodeset = $xpath->query($query, $parentNode);
+
+			$xnode = $nodeset->item(0);
+			if (!$xnode)
+				throw new Exception("Could not find node to sign before (Root signing mode)");
+		
+			$parentNode->insertBefore($newSig, $xnode);
+			
+		} elseif ($insertBefore) {
+			
+			$query = "//saml:Assertion/saml:Subject";
+			$nodeset = $xpath->query($query, $parentNode);
+
+			$xnode = $nodeset->item(0);
+			if (!$xnode)
+				throw new Exception("Could not find node to sign before (Assertion signing mode)");
+
+			$parentNode->insertBefore($newSig, $xnode);
+		} else {
+			$parentNode->appendChild($newSig);
+		}
+	}
+	
+	
+
+	public function appendSignature($parentNode, $insertBefore = false, $assertion = false) {
 		$baseDoc = ($parentNode instanceof DOMDocument)?$parentNode:$parentNode->ownerDocument;
 		$newSig = $baseDoc->importNode($this->sigNode, TRUE);
 
diff --git a/metadata-templates/shib13-idp-hosted.php b/metadata-templates/shib13-idp-hosted.php
index ce175ddb88481d08e3581d3fac35b9a398a466d6..80c1c6b91b4428b4e95ad692d5c82819e600995d 100644
--- a/metadata-templates/shib13-idp-hosted.php
+++ b/metadata-templates/shib13-idp-hosted.php
@@ -1,15 +1,26 @@
 <?php
 /* 
- * SAML 2.0 Meta data for simpleSAMLphp
+ * Shibboleth 1.3 IdP Meta data for simpleSAMLphp
+ *
+ *
  *
  */
 
 
 $metadata = array(
-	'feide.erlang.no-shib13'	=> array(
-		'issuer'						=>	'feide.erlang.no',
-		'assertionDurationMinutes'		=>	10,
-		'audience'						=> 'urn:mace:feide:shiblab'
+	'dev3.andreas.feide.no'	=> array(
+		'issuer'						=>	'dev3.andreas.feide.no',
+		'host'							=>	'dev3.andreas.feide.no',
+		'audience'						=> 'urn:mace:feide:shiblab',
+
+		'base64'			=> false,
+		
+		// X.509 key and certificate. Relative to the cert directory.
+		'privatekey'		=>	'server.pem',
+		'certificate'		=>	'server.crt',
+		
+		// Authentication plugin to use. login.php is the default one that uses LDAP.
+		'auth'				=>	'auth/login.php'
 	)
 );
 
diff --git a/metadata-templates/shib13-sp-remote.php b/metadata-templates/shib13-sp-remote.php
index f79d904bf87f75deadd7b170b4190bbdbcc09dec..e44d5b0002c07a949d001b8a5813acfb222b6181 100644
--- a/metadata-templates/shib13-sp-remote.php
+++ b/metadata-templates/shib13-sp-remote.php
@@ -1,6 +1,9 @@
 <?php
 /* 
- * SAML 2.0 Meta data for simpleSAMLphp
+ * Shibboleth 1.3 Meta data for simpleSAMLphp
+ *
+ *
+ *
  *
  */
 
diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php
new file mode 100644
index 0000000000000000000000000000000000000000..5a8d2ae46cd80fe90d3fdfc5d2eea30a9706bf92
--- /dev/null
+++ b/www/shib13/idp/SSOService.php
@@ -0,0 +1,150 @@
+<?php
+
+
+require_once('../../../www/_include.php');
+
+
+require_once('SimpleSAML/Utilities.php');
+require_once('SimpleSAML/Session.php');
+require_once('SimpleSAML/XML/MetaDataStore.php');
+require_once('SimpleSAML/XML/Shib13/AuthnRequest.php');
+require_once('SimpleSAML/XML/Shib13/AuthnResponse.php');
+require_once('SimpleSAML/Bindings/Shib13/HTTPPost.php');
+
+//require_once('SimpleSAML/XML/SAML20/AuthnRequest.php');
+//require_once('SimpleSAML/XML/SAML20/AuthnResponse.php');
+//require_once('SimpleSAML/Bindings/SAML20/HTTPRedirect.php');
+//require_once('SimpleSAML/Bindings/SAML20/HTTPPost.php');
+
+require_once('SimpleSAML/XHTML/Template.php');
+
+
+session_start();
+
+$config = SimpleSAML_Configuration::getInstance();
+$metadata = new SimpleSAML_XML_MetaDataStore($config);
+
+$idpentityid = $metadata->getMetaDataCurrentEntityID('shib13-idp-hosted');
+$idpmeta = $metadata->getMetaDataCurrent('shib13-idp-hosted');
+
+$requestid = null;
+$session = null;
+
+
+if (isset($_GET['shire'])) {
+
+
+	try {
+		$authnrequest = new SimpleSAML_XML_Shib13_AuthnRequest($config, $metadata);
+		$authnrequest->parseGet($_GET);
+		
+		$session = $authnrequest->createSession();
+	
+		$requestid = $authnrequest->getRequestID();
+
+		//$session->setShibAuthnRequest($authnrequest);
+
+		
+
+	
+	} catch(Exception $exception) {
+		
+		$et = new SimpleSAML_XHTML_Template($config, 'error.php');
+		
+		$et->data['header'] = 'Error getting incomming request';
+		$et->data['message'] = 'Something bad happened when simpleSAML got the incomming authentication request';	
+		$et->data['e'] = $exception;
+		
+		$et->show();
+
+	}
+
+} elseif(isset($_GET['RequestID'])) {
+
+
+
+	try {
+
+		$requestid = $_GET['RequestID'];
+		$session = SimpleSAML_Session::getInstance();
+		$authnrequest = $session->getShibAuthnRequest();
+		
+		if (!$authnrequest) throw new Exception('Could not retrieve cached RequestID = ' . $requestid);
+		
+	} catch(Exception $exception) {
+		
+		$et = new SimpleSAML_XHTML_Template($config, 'error.php');
+		
+		$et->data['header'] = 'Error retrieving authnrequest cache';
+		$et->data['message'] = 'simpleSAML cannot find the authnrequest that it earlier stored.';	
+		$et->data['e'] = $exception;
+		
+		$et->show();
+
+	}
+	
+	
+	/*	
+	$authnrequest = new SimpleSAML_XML_SAML20_AuthnRequest($config, $metadata);
+	$authnrequest->setXML($authnrequestXML);
+	*/
+	
+
+
+} else {
+
+	echo 'You must either provide a SAML Request message or a RequestID on this interface.';
+	exit(0);
+
+}
+
+
+
+
+if (!$session->isAuthenticated() ) {
+
+	$relaystate = SimpleSAML_Utilities::selfURLNoQuery() . '?RequestID=' . urlencode($requestid);
+	$authurl = SimpleSAML_Utilities::addURLparameter('/' . $config->getValue('baseurlpath') . $idpmeta['auth'], 
+		'RelayState=' . urlencode($relaystate));
+	header('Location: ' . $authurl);
+	exit(0);
+} else {
+
+	try {
+	
+		//$session->add_sp_session($authnrequest->getIssuer());
+
+
+		//$session->setAttribute('eduPersonAffiliation', array('student'));
+
+		$ar = new SimpleSAML_XML_Shib13_AuthnResponse($config, $metadata);
+		$authnResponseXML = $ar->generate($idpentityid, $authnrequest->getIssuer(), 
+			$requestid, null, $session->getAttributes());
+		
+		#echo $authnResponseXML;
+		#print_r($authnResponseXML);
+		
+		//sendResponse($response, $idpentityid, $spentityid, $relayState = null) {
+		$httppost = new SimpleSAML_Bindings_Shib13_HTTPPost($config, $metadata);
+		
+		//echo 'Relaystate[' . $authnrequest->getRelayState() . ']';
+		
+		$httppost->sendResponse($authnResponseXML, 
+			$idpentityid, $authnrequest->getIssuer(), $authnrequest->getRelayState());
+			
+	} catch(Exception $exception) {
+		
+		$et = new SimpleSAML_XHTML_Template($config, 'error.php');
+		
+		$et->data['header'] = 'Error sending response to service';
+		$et->data['message'] = 'Some error occured when trying to issue the authentication response, and send it back to the SP.';	
+		$et->data['e'] = $exception;
+		
+		$et->show();
+
+	}
+	
+}
+
+
+?>
\ No newline at end of file