diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index e98f60b4232eb203b6e3e9199c94c6db9bbec2c4..194e00954d51fbd7d02ec8530c3ed54a0797705a 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -72,11 +72,20 @@ if ($prevAuth !== null && $prevAuth['id'] === $response->getId() && $prevAuth['i
 
 $idpMetadata = array();
 
+$state = null;
 $stateId = $response->getInResponseTo();
 if (!empty($stateId)) {
-    // this is a response to a request we sent earlier
-    $state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:sso');
+    // this should be a response to a request we sent earlier
+    try {
+        $state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:sso');
+    } catch (Exception $e) {
+        // something went wrong,
+        SimpleSAML_Logger::warning('Could not load state specified by InResponseTo: '.$e->getMessage().
+            ' Processing response as unsolicited.');
+    }
+}
 
+if ($state) {
     // check that the authentication source is correct
     assert('array_key_exists("saml:sp:AuthId", $state)');
     if ($state['saml:sp:AuthId'] !== $sourceId) {