diff --git a/ui/.env b/ui/.env
index 64641bc9..e6464568 100644
--- a/ui/.env
+++ b/ui/.env
@@ -11,4 +11,5 @@ NEXT_PUBLIC_SAML_REQUEST_TEMPLATE=<?xml version="1.0" encoding="UTF-8"?><SOAP-EN
 # Test Properties.
 TEST_USER_A={ "name": "Testf-iwt-a TestIAM-staff", "firstName": "Testf-iwt-a", "lastName": "TestIAM-staff", "uid": "testiwta", "uhUuid": "99997010", "roles": [] }
 XML_SOAP_RESPONSE=<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><saml1p:Response xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol" InResponseTo="myserver.example.edu" IssueInstant="2018-05-03T19:50:56.390Z" MajorVersion="1" MinorVersion="1" ResponseID="_0044d5b611aac99d82cb9926281bbd30"><saml1p:Status><saml1p:StatusCode Value="saml1p:Success"/></saml1p:Status><saml1:Assertion xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_0b1889b7ce444ecbe8cfd131501c4f59" IssueInstant="2018-05-03T19:50:56.390Z" Issuer="localhost" MajorVersion="1" MinorVersion="1"><saml1:Conditions NotBefore="2018-05-03T19:50:56.390Z" NotOnOrAfter="2018-05-03T19:51:26.390Z"><saml1:AudienceRestrictionCondition><saml1:Audience>https://myserver.example.edu/myapp</saml1:Audience></saml1:AudienceRestrictionCondition></saml1:Conditions><saml1:AuthenticationStatement AuthenticationInstant="2018-05-03T19:50:56.320Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><saml1:Subject><saml1:NameIdentifier>iam_0108</saml1:NameIdentifier><saml1:SubjectConfirmation><saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod></saml1:SubjectConfirmation></saml1:Subject></saml1:AuthenticationStatement><saml1:AttributeStatement><saml1:Subject><saml1:NameIdentifier>testiwta</saml1:NameIdentifier><saml1:SubjectConfirmation><saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod></saml1:SubjectConfirmation></saml1:Subject><saml1:Attribute AttributeName="mail" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">testiwta@hawaii.edu</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="eduPersonAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">staff</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="uhUuid" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">99997010</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="givenName" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Testf-iwt-a</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="eduPersonOrgDN" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">uhsystem</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="cn" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Testf-iwt-a TestIAM-staff</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">testiwta</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="uhEmail" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">testiwta@hawaii.edu</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="eduPersonPrincipalName" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">testiwta@hawaii.edu</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="sn" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">TestIAM-staff</saml1:AttributeValue></saml1:Attribute><saml1:Attribute AttributeName="uhOrgAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/"><saml1:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">eduPersonOrgDN=uhsystem,eduPersonAffiliation=staff</saml1:AttributeValue></saml1:Attribute></saml1:AttributeStatement></saml1:Assertion></saml1p:Response></SOAP-ENV:Body></SOAP-ENV:Envelope>
+XML_SOAP_RESPONSE_REQUEST_DENIED=<?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><saml1p:Response InResponseTo="fu4lt9kuex6.2024-03-02T04:22:20.681Z" IssueInstant="2024-03-02T04:21:52.029Z" MajorVersion="1" MinorVersion="1" ResponseID="_19a94ee2c5ebf35f62a6d482c2e23e9a" xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"><saml1p:Status><saml1p:StatusCode Value="saml1p:RequestDenied"/><saml1p:StatusMessage>Ticket 'test' not recognized</saml1p:StatusMessage></saml1p:Status></saml1p:Response></SOAP-ENV:Body></SOAP-ENV:Envelope>
 IRON_SESSION_SECRET=IronSessionSecretForTestingAuthentication
diff --git a/ui/src/access/Saml11Validator.ts b/ui/src/access/Saml11Validator.ts
index 1448bca0..d046fc2b 100644
--- a/ui/src/access/Saml11Validator.ts
+++ b/ui/src/access/Saml11Validator.ts
@@ -35,6 +35,15 @@ export const validateTicket = async (ticket: string): Promise<User> => {
             body: samlRequestBody
         });
         const data = await response.text();
+
+        const { statusCode }: { statusCode: string } = await transform(data, {
+            statusCode: '//*[local-name() = "Status"]/*[local-name() ="StatusCode"]/@Value'
+        });
+
+        if (statusCode.endsWith('RequestDenied')) {
+            throw new Error('Invalid ticket');
+        }
+
         const casUser = await transform(data, samlResponseTemplate);
 
         return {
diff --git a/ui/tests/access/Saml11Validator.test.ts b/ui/tests/access/Saml11Validator.test.ts
index 730787af..f8e525aa 100644
--- a/ui/tests/access/Saml11Validator.test.ts
+++ b/ui/tests/access/Saml11Validator.test.ts
@@ -3,6 +3,7 @@ import User, { AnonymousUser } from '@/access/User';
 
 const testUser: User = JSON.parse(process.env.TEST_USER_A as string);
 const xmlSoapResponse = process.env.XML_SOAP_RESPONSE as string;
+const xmlSoapResponseRequestDenied = process.env.XML_SOAP_RESPONSE_REQUEST_DENIED as string;
 
 describe('Saml11Validator', () => {
 
@@ -18,6 +19,11 @@ describe('Saml11Validator', () => {
             expect(await validateTicket('ticket')).toEqual(AnonymousUser);
         });
 
+        it('should return an AnonymousUser on invalid ticket', async () => {
+            fetchMock.mockResponse(xmlSoapResponseRequestDenied);
+            expect(await validateTicket('ticket')).toEqual(AnonymousUser);
+        });
+
     });
 
 });