diff --git a/mellon/views.py b/mellon/views.py
index f2ba26b..c4b8237 100644
--- a/mellon/views.py
+++ b/mellon/views.py
@@ -159,6 +159,9 @@ class LoginView(LogMixin, View):
         login = utils.create_login(request)
         try:
             login.initRequest(request.META['QUERY_STRING'], lasso.HTTP_METHOD_ARTIFACT_GET)
+        except lasso.ProfileInvalidArtifactError:
+            self.log.warning(u'artifact is malformed %r', request.GET['SAMLart'])
+            return HttpResponseBadRequest(u'artifact is malformed %r' % request.GET['SAMLart'])
         except lasso.ServerProviderNotFoundError:
             self.log.warning('no entity id found for artifact %s',
                              request.GET['SAMLart'])
diff --git a/tests/test_views.py b/tests/test_views.py
index f4800d1..4355377 100644
--- a/tests/test_views.py
+++ b/tests/test_views.py
@@ -205,3 +205,12 @@ def test_sp_initiated_login_requested_authn_context(private_settings, client):
     assert request.initFromQuery(urlparse(response['Location']).query)
     assert request.requestedAuthnContext.authnContextClassRef == (
             'urn:be:fedict:iam:fas:citizen:eid', 'urn:be:fedict:iam:fas:citizen:token')
+
+
+def test_malfortmed_artifact(private_settings, client, caplog):
+    private_settings.MELLON_IDENTITY_PROVIDERS = [{
+        'METADATA': open('tests/metadata.xml').read(),
+    }]
+    response = client.get('/login/?SAMLart=xxx', status=400)
+    assert 'artifact is malformed' in response.content
+    assert 'artifact is malformed' in caplog.text()