diff --git a/lib/passport-saml/saml.js b/lib/passport-saml/saml.js
index 2ef65955..c62feb6f 100644
--- a/lib/passport-saml/saml.js
+++ b/lib/passport-saml/saml.js
@@ -180,14 +180,19 @@ SAML.prototype.generateAuthorizeRequest = function (req, isPassive, callback) {
       };
     }
 
-    if (!self.options.disableRequestedAuthnContext) {
+   if (!self.options.disableRequestedAuthnContext) {
+      var authnContextInArray = [];        
+      self.options.authnContext.split(',').forEach(function(value, index) {
+        authnContextInArray.push({
+            '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
+            '#text': self.options.authnContext.split(',')[index]
+        });        
+      });
+        
       request['samlp:AuthnRequest']['samlp:RequestedAuthnContext'] = {
         '@xmlns:samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
         '@Comparison': 'exact',
-        'saml:AuthnContextClassRef': {
-          '@xmlns:saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
-          '#text': self.options.authnContext
-        }
+        'saml:AuthnContextClassRef': authnContextInArray
       };
     }
 
diff --git a/package.json b/package.json
index 20aa10ef..5f4211b0 100644
--- a/package.json
+++ b/package.json
@@ -35,7 +35,7 @@
     "xml2js": "0.4.x",
     "xml-crypto": "0.8.x",
     "xmldom": "0.1.x",
-    "xmlbuilder": "2.5.x",
+    "xmlbuilder": "4.1.x",
     "xml-encryption": "~0.7"
   },
   "devDependencies": {
diff --git a/test/samlTests.js b/test/samlTests.js
index 9a6ae158..98e01b13 100644
--- a/test/samlTests.js
+++ b/test/samlTests.js
@@ -45,7 +45,7 @@ describe('SAML.js', function() {
     // NOTE: This test only tests existence of the assertion, not the correctness
     it('calls callback with saml request object', function(done) {
       saml.getAuthorizeUrl(req, function(err, target) {
-        url.parse(target, true).query.should.have.property('SAMLRequest');
+        should(url.parse(target, true).query).have.property('SAMLRequest');
         done();
       });
     });
diff --git a/test/static/expected metadata.xml b/test/static/expected metadata.xml
index b915723f..1f8d97e7 100644
--- a/test/static/expected metadata.xml	
+++ b/test/static/expected metadata.xml	
@@ -33,9 +33,15 @@ nwtlCg==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
-      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
-      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
-      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <#list>
+        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      </#list>
+      <#list>
+        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      </#list>
+      <#list>
+        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      </#list>
     </KeyDescriptor>
     <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
     <AssertionConsumerService index="1" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://example.serviceprovider.com/saml/callback"/>
diff --git a/test/tests.js b/test/tests.js
index 4e520295..bd1addbd 100644
--- a/test/tests.js
+++ b/test/tests.js
@@ -161,11 +161,12 @@ describe( 'passport-saml /', function() {
           request(requestOpts, function (err, response, body) {
             should.not.exist(err);
             response.statusCode.should.equal(check.expectedStatusCode);
+              
             if (response.statusCode == 200) {
               should.exist(passedRequest);
               passedRequest.url.should.eql('/login');
               passedRequest.method.should.eql('POST');
-              passedRequest.body.should.eql(check.samlResponse);
+              should(passedRequest.body).match(check.samlResponse);
             } else {
               should.not.exist(passedRequest);
             }