diff --git a/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java b/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java
index f4d2f8c301..8f4093f370 100644
--- a/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java
+++ b/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java
@@ -510,7 +510,18 @@ public class ShibAuthentication implements AuthenticationMethod
 			int port = request.getServerPort();
 			String contextPath = request.getContextPath();
 
-			String returnURL = request.getHeader("Referer");;
+			String returnURL = request.getHeader("Referer");
+			if (returnURL == null) {
+				if (request.isSecure() || forceHTTPS) {
+					returnURL = "https://";
+				} else {
+					returnURL = "http://";
+				}
+				returnURL += host;
+				if (!(port == 443 || port == 80)) {
+					returnURL += ":" + port;
+				}
+			}
 
 			try {
 				shibURL += "?target="+URLEncoder.encode(returnURL, "UTF-8");
diff --git a/dspace-spring-rest/src/test/java/org/dspace/app/rest/AuthenticationRestControllerIT.java b/dspace-spring-rest/src/test/java/org/dspace/app/rest/AuthenticationRestControllerIT.java
index 48c823e2e3..2970b7c4a1 100644
--- a/dspace-spring-rest/src/test/java/org/dspace/app/rest/AuthenticationRestControllerIT.java
+++ b/dspace-spring-rest/src/test/java/org/dspace/app/rest/AuthenticationRestControllerIT.java
@@ -17,13 +17,17 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 
 import java.util.Base64;
 
 import org.dspace.app.rest.builder.GroupBuilder;
 import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
 import org.dspace.eperson.Group;
+import org.dspace.services.ConfigurationService;
+import org.junit.Before;
 import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
 
 /**
  * Integration test that covers various authentication scenarios
@@ -33,6 +37,18 @@ import org.junit.Test;
  */
 public class AuthenticationRestControllerIT extends AbstractControllerIntegrationTest {
 
+    @Autowired
+    ConfigurationService configurationService;
+
+    public static final String[] PASS_ONLY = {"org.dspace.authenticate.PasswordAuthentication"};
+    public static final String[] SHIB_ONLY = {"org.dspace.authenticate.ShibAuthentication"};
+
+    @Before
+    public void setup() throws Exception {
+        super.setUp();
+        configurationService.setProperty("plugin.sequence.org.dspace.authenticate.AuthenticationMethod", PASS_ONLY);
+   }
+
     @Test
     public void testStatusAuthenticated() throws Exception {
         String token = getAuthToken(eperson.getEmail(), password);
@@ -293,4 +309,32 @@ public class AuthenticationRestControllerIT extends AbstractControllerIntegratio
                 .andExpect(status().isUnauthorized())
                 .andExpect(status().reason(containsString("Login failed")));
     }
+
+    @Test
+    public void testShibbolethLoginRequest() throws Exception {
+        configurationService.setProperty("plugin.sequence.org.dspace.authenticate.AuthenticationMethod", SHIB_ONLY);
+
+        getClient().perform(get("/api/authn/login").header("Referer", "http://my.uni.edu"))
+                .andExpect(status().isUnauthorized())
+                .andExpect(header().string("Location", "/Shibboleth.sso/Login?target=http%3A%2F%2Fmy.uni.edu"))
+                .andReturn().getResponse().getHeader("Location");
+
+        //Simulate that a shibboleth authentication has happened
+
+        String token = getClient().perform(get("/api/authn/login")
+                .requestAttr("SHIB-MAIL", eperson.getEmail()))
+                .andExpect(status().isOk())
+                .andReturn().getResponse().getHeader(AUTHORIZATION_HEADER);
+
+        getClient(token).perform(get("/api/authn/status"))
+                .andExpect(status().isOk())
+                //We expect the content type to be "application/hal+json;charset=UTF-8"
+                .andExpect(content().contentType(contentType))
+                .andExpect(jsonPath("$.okay", is(true)))
+                .andExpect(jsonPath("$.authenticated", is(true)))
+                .andExpect(jsonPath("$.type", is("status")))
+                .andExpect(jsonPath("$._links.eperson.href", startsWith(REST_SERVER_URL)))
+                .andExpect(jsonPath("$._embedded.eperson.email", is(eperson.getEmail())));
+    }
+
 }
\ No newline at end of file