diff --git a/lcs/root.ptl b/lcs/root.ptl
index 59dd8e2..bcdaac1 100644
--- a/lcs/root.ptl
+++ b/lcs/root.ptl
@@ -64,7 +64,7 @@ class LoginDirectory(Directory):
 
 class RootDirectory(Directory):
     _q_exports = ['', 'admin', 'backoffice', 'login', 'logout', 'liberty', 'saml',
-            'ident', 'register']
+            'ident', 'register', 'info']
 
     def _q_index [html] (self):
         template.html_top('Lasso Conformance SP')
@@ -74,6 +74,32 @@ class RootDirectory(Directory):
         else:
             self.unlogged_page()
 
+    def info(self):
+        request = get_request()
+        http_accept = request.environ.get('HTTP_ACCEPT')
+        http_poas = request.environ.get('HTTP_PAOS')
+
+        if http_accept != 'application/vnd.paos+xml' and http_poas != 'urn:liberty:paos:2003-08':
+            return template.error_page(_('Invalid PAOS Request'))
+
+        server = misc.get_lasso_server(protocol = 'saml2')
+        if not server:
+            return template.error_page(_('SAML 2.0 support not yet configured.'))
+        login = lasso.Login(server)
+        # XXX: only works with a single identity provider
+        login.initAuthnRequest(None, lasso.HTTP_METHOD_SOAP)
+        login.request.nameIDPolicy.format = lasso.SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT
+        login.request.nameIDPolicy.allowCreate = True
+        login.request.forceAuthn = False
+        login.request.isPassive = True
+        login.request.consent = 'urn:oasis:names:tc:SAML:2.0:consent:current-implicit'
+        #login.request.protocolBinding = lasso.SAML2_METADATA_BINDING_SOAP
+        login.request.assertionConsumerServiceIndex = 2
+        login.buildAuthnRequestMsg()
+
+        response = get_response()
+        response.set_content_type('text/xml')
+        return login.msgBody
 
     def unlogged_page [html] (self):
         form = Form(enctype='multipart/form-data', id = 'sso')