diff --git a/composer.json b/composer.json
index 77908e774..ae80957b6 100644
--- a/composer.json
+++ b/composer.json
@@ -34,7 +34,7 @@
         "ramsey/uuid": "^3.3.0",
         "sensio/framework-extra-bundle": "^3.0",
         "sensio/generator-bundle": "^3.0",
-        "simplesamlphp/saml2": "^4.1",
+        "simplesamlphp/saml2": "4.6.*",
         "swiftmailer/swiftmailer": "^5.4",
         "symfony/monolog-bundle": "^3.1.0",
         "symfony/swiftmailer-bundle": "^2.6",
diff --git a/composer.lock b/composer.lock
index d35ba0fb3..0d58cbdcf 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "4ea3bffda5cedfbc93ac5352054e5316",
+    "content-hash": "75e0838cd30c0a80bdbad193bdcf465c",
     "packages": [
         {
             "name": "beberlei/assert",
@@ -2672,16 +2672,16 @@
         },
         {
             "name": "robrichards/xmlseclibs",
-            "version": "3.1.0",
+            "version": "3.1.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/robrichards/xmlseclibs.git",
-                "reference": "8d8e56ca7914440a8c60caff1a865e7dff1d9a5a"
+                "reference": "2bdfd742624d739dfadbd415f00181b4a77aaf07"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/8d8e56ca7914440a8c60caff1a865e7dff1d9a5a",
-                "reference": "8d8e56ca7914440a8c60caff1a865e7dff1d9a5a",
+                "url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/2bdfd742624d739dfadbd415f00181b4a77aaf07",
+                "reference": "2bdfd742624d739dfadbd415f00181b4a77aaf07",
                 "shasum": ""
             },
             "require": {
@@ -2706,7 +2706,11 @@
                 "xml",
                 "xmldsig"
             ],
-            "time": "2020-04-22T17:19:51+00:00"
+            "support": {
+                "issues": "https://github.com/robrichards/xmlseclibs/issues",
+                "source": "https://github.com/robrichards/xmlseclibs/tree/3.1.3"
+            },
+            "time": "2024-11-20T21:13:56+00:00"
         },
         {
             "name": "sensio/framework-extra-bundle",
@@ -2835,39 +2839,41 @@
         },
         {
             "name": "simplesamlphp/saml2",
-            "version": "v4.1.9",
+            "version": "v4.6.13",
             "source": {
                 "type": "git",
                 "url": "https://github.com/simplesamlphp/saml2.git",
-                "reference": "ff19d04d3af0689a13c1f75859e13f4a511343cb"
+                "reference": "f32fdf3b86b156adfb982a09c902790dc6562b34"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/ff19d04d3af0689a13c1f75859e13f4a511343cb",
-                "reference": "ff19d04d3af0689a13c1f75859e13f4a511343cb",
+                "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/f32fdf3b86b156adfb982a09c902790dc6562b34",
+                "reference": "f32fdf3b86b156adfb982a09c902790dc6562b34",
                 "shasum": ""
             },
             "require": {
                 "ext-dom": "*",
                 "ext-openssl": "*",
                 "ext-zlib": "*",
-                "php": ">=7.1",
-                "psr/log": "~1.1",
-                "robrichards/xmlseclibs": "^3.1.0",
-                "webmozart/assert": "^1.5"
+                "php": ">=7.1 || ^8.0",
+                "psr/log": "~1.1 || ^2.0 || ^3.0",
+                "robrichards/xmlseclibs": "^3.1.1",
+                "webmozart/assert": "^1.9"
+            },
+            "conflict": {
+                "robrichards/xmlseclibs": "3.1.2"
             },
             "require-dev": {
-                "mockery/mockery": "~1.2",
-                "phpunit/phpunit": "^7.5",
-                "sebastian/phpcpd": "~4.1",
-                "sensiolabs/security-checker": "~6.0",
+                "mockery/mockery": "^1.3",
+                "phpunit/phpunit": "^7.5 || ^8.5 || ^9.5",
+                "sebastian/phpcpd": "~4.1 || ^5.0 || ^6.0",
                 "simplesamlphp/simplesamlphp-test-framework": "~0.1.0",
                 "squizlabs/php_codesniffer": "~3.5"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "v4.0.x-dev"
+                    "dev-master": "v4.2.x-dev"
                 }
             },
             "autoload": {
@@ -2886,7 +2892,11 @@
                 }
             ],
             "description": "SAML2 PHP library from SimpleSAMLphp",
-            "time": "2020-08-19T06:10:17+00:00"
+            "support": {
+                "issues": "https://github.com/simplesamlphp/saml2/issues",
+                "source": "https://github.com/simplesamlphp/saml2/tree/v4.6.13"
+            },
+            "time": "2024-11-20T21:03:56+00:00"
         },
         {
             "name": "swiftmailer/swiftmailer",
diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/IdentityProviderController.php b/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/IdentityProviderController.php
index 1a802fbe8..ef0570751 100644
--- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/IdentityProviderController.php
+++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/IdentityProviderController.php
@@ -100,6 +100,9 @@ public function singleSignOnAction(Request $request, $idpName)
                 $authnRequest->getAssertionConsumerServiceURL() :
                 $response->getDestination());
 
+        /* set the destination element of the response to the ACS URL */
+        $response->setDestination($destination);
+
         if ($mockIdp->mustUseHttpRedirect()) {
             $redirect = new HTTPRedirect();
             $redirect->setDestination($destination);
diff --git a/tests/library/EngineBlock/Test/Saml2/AuthnRequestAnnotationDecoratorTest.php b/tests/library/EngineBlock/Test/Saml2/AuthnRequestAnnotationDecoratorTest.php
index 8ff2bca7a..20b15ac51 100644
--- a/tests/library/EngineBlock/Test/Saml2/AuthnRequestAnnotationDecoratorTest.php
+++ b/tests/library/EngineBlock/Test/Saml2/AuthnRequestAnnotationDecoratorTest.php
@@ -35,7 +35,7 @@ public function testToString()
         $annotatedRequest->setDebug();
 
         $this->assertEquals(
-            '{"sspMessage":"<?xml version=\"1.0\"?>\n<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"TEST123\" Version=\"2.0\" IssueInstant=\"1970-01-01T00:00:00Z\"\/>\n","keyId":null,"wasSigned":false,"debug":true,"unsolicited":false,"transparent":false,"deliverByBinding":null}',
+            '{"sspMessage":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"TEST123\" Version=\"2.0\" IssueInstant=\"1970-01-01T00:00:00Z\"\/>\n","keyId":null,"wasSigned":false,"debug":true,"unsolicited":false,"transparent":false,"deliverByBinding":null}',
             $annotatedRequest->__toString()
         );
     }