Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx211f4300-c0c2-535a-88f9-97b2c6fb0997" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx211f4300-c0c2-535a-88f9-97b2c6fb0997"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>14p0JNKBlfdl7Q40FfBLmBSg7/U=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>um2fHMLh6mVh29SB5UMRe9zgV5U73T9Gdqdw/G9/cymU3qoENFhBC7Fq9x4Wsikpqln1vKbYPZlxjBxhXQVfOxiE0NzqmIqO/kNtg7++WZzYYrPK1wfy0dZ8o0rGGNoYrUO4VL5/EykrAqBB3KpGA+0EIny7RH1zD+UO9q+Nz7Q=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx7c04d19b-4c63-4650-c6ce-7aab1123e6f9" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx7c04d19b-4c63-4650-c6ce-7aab1123e6f9"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>wpzMbfBpxsUcJoME14hg+3tUA5w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SQ+PQJErtf054vV3NTWl/YhMv/ta7Yj7sGlPSdfbn+tqwQIkggiXiNyPK0d9QzJXeFu+Yp7bPOEskX0vKEn8hLbki59RgnMl49go6nMwttG2zOa8feiPpeLFecbDC1AvG4TtmROhxu/M5THAGD2enP4edgBq81Sj7ly62+9kfE4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxb4bcf0de-658a-3d6d-ef1d-64c89dcaeeff" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb4bcf0de-658a-3d6d-ef1d-64c89dcaeeff"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>mfJTV5gXZm5l49cYbIpu5YaUHfk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>KSDbnjT0yD3IIzXLz1wtCQsq/rZYaylubNYeihHhRZYVpAR07VxpfSJuma7C4qjI8MTSgTWBgeNoCprzrwqTjTjqsZTDCg+3I3k4OKhIr5PT92rQLp0qJvptcLyIgfPYQMg8q+bYw1ifVpGTzkn53lw3Xz9NMpRhyKSjZEcAWlc=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx2e0a0e00-fcb1-8e97-d0f6-87a005bc0a7e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2e0a0e00-fcb1-8e97-d0f6-87a005bc0a7e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Xumgq/GGMpwyBRsqqI60Tzg9pr4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>eNtxLk/orzCGkvDEn3Dc0G3aDWge96QPH7cercZFkN71V+KTTLFW4YZgSYubHPcg0fzm2UxzZgf74p/VaTSrWmUoD4LmrsamagnKfMDlxEEoZeXcRBZyVlYx7jj5PZpILXWOMP1MokEI2D8w9i5xFyYJtQhBjgYB2Zfgb/umfDI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Ibq8EWpKLXe1UvH3t0PU19XoLvQMv9kGuT/fxwsjvc0v7oETHVtHD7jAbWSIj+wHxmaY+Zl38XN4gAAVkuVp6caerRrQbFHXuYfmGZuCTSIwG7cXlM764V8K4zV6Xf1v9dw/6bfIcn0D2eAi9CraiIzBpZm/IRBo/BvavnyVgKc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>siOVR4SGYcu0aL5GT0ifdMGpTAWEpBOaQqbWfKqbgaY5kz+vMNzht4sCSDcCr04UNtBC/27khNIbQ30SoRwZgu/bdtjoXrDVWIRvTPUATQomiT14iiKJZ80rah+IVh7ng92wcEqOdx9nRCSWKOZk8n0wOxvAj/o69noce/7Kb/XNz2PezlLdugIz6Wx979MqjR4wcgGxZXF8YYceJsfRZ+7KynTvXwwoRHtfBTMgNtPuGlCzoaiSsm2Z7UCxXHdY/7sjwzZjsfof+q7iXLKrNzorWTMES9UqzyaJqYTvCEXQFyFXMB9DM+8xSyO663oFopTsbTAXLTDedpIc2wgY2qDYeqt3EffSyFfaKbN9ptU0X0/0QkxKideU/8LEL+Ae1OoE2zN/R45G+nx8wSFckKyUJjtf+szN13Jn8ByczTaGxDXO8Ip8rovUFxHe3hs0wM9SsWGBPqRDXi1a5tq50W8dEWxrSHLWfYjr+2FH0f/gPhPyE6syIuX8oYbRELCabis81m5JrZ/9mPM0czSsjaNDtYfuBJ8Yiv5kBXecIGhYfK8M2Z/nXECrzU1u0liFgY+BPcxlFnR9zs246yXHaRLibZpwezRfdktYtyaCwagko4CdzUEXQWD2fXfiqOCxPX+02AcfTbDV4MpCPNrcwI4r0TDnbZrd3joNjnlQxiVV4VE0iGXz9InOszb8gdpUlh+OIVQS7WRZBUIx0GXICfDPRXsIBGdv5esrduumDjJZW4E8xPATY7ypXbnGMRcijIpsLfyEbVJfH/2/NsnJnpMSqpNho7J99sIEYZ9aOQiW++KND19s0YnTuAaxhldPT9TQO+Jfi5Iav6PBTKv9A88QemUlh1YGCNVAzhB5aLM9HEiXWXeU8h+r+n3uOd9KrTDAG3x0IXhSnlGtUl6+ID8tx0WIJau/J1L89RCDAHl5DROemHjXq54v/WHDr5ZcVdtzePL1r7HrQ4y/59180PZ9i2G2O0Y71AzxnnrJlzGJOBa710+MZE+jt93K6aK36vmzE8AxVHmdBvWVuEbiq/eCimpvCQuEjR0XkjT9wZtiMWZeXw9u9MzgkW6h8s7Pgr48TyK0NNZY20/tksNGFZ/FFCf0iUtbEO3O4V+ryR0mEjVPDx0ooUq8qT5QncXQUincDaWlU0zs0QpWR+mrufJzvUforMIBbKpUQI7OPsHJTbQ7UW1ZaroQveeB5TKaUUpfvngjUm4zsacVXLadq5OxIQU2ydFMB0uSD7NdAN3nYGsxqD7DxhVetIkt9/hAfO9TxDyOZsvtxcv4d4MBYIm+kKPuKaS26ohahKSmqXFHqp2jUym76EeirbxZuIWcO2lGT8nMSp+VAw21U8rfTNocF1MU+NklfuArZ0gVwn4sMvhu3fgogb++Tpe9/yBwIYaKuQaG/QFVuvVWUP4MBzTvxPd8snlNDX/JgP5wioZXXHYjTN7ZrY5PjxlXKk0XVvgaE/fypiNldAwBxF/moDhYQWTjUqBzZrE9pyy1qDcI6qOzhTD7mzCja1iINZTZmnZ0P5GU/dXf2Ey+vk26EW92mD22SATZbNhvtgQEy663a5EFtLeZVJBj7WLkL9B20Z5xiEL59L7FV7Ps0UXzJNl/SqoEwQ0C0YKCsOy5gbNVrrn2f16odpkIqE7EjjxyMEm17hQw48IW5x8CdAYuaKnLCkiy/hGszsJJmlAnN8i5tbDBwzFB2wJsQ2EtrOl8BgG0WLthQu+RLjBiMXqRUxABkmwnoIFTkKpTmAnnjLsBhfRLIjmZ/j9nNEOwpnhefvurIgkJ4EAH9ONYJm98pZg1LQeBNFLL2UABxj5S4rxspOyXvlgu5iQQ4T/GC4zVfBClJ68LE/K/RHQUNcST1oqG/4F5A+U6s8PVjR1WV6uFrQt8dM/xJtQaEn0ejcQuaKvM/Y0ftVqCxbzjWBpn8oYFUzngZEQDRycRhaDecNabj6b6BF3WWdk4pLZUK9pVL4hPC/DDjpUysItV9ObtUOtrfOW5Z/lnTrjOo/sQRnA+8V76rzdFz6722cYE+FiekXvsj9FW7WdTXpHYvSTeXPw60F7kRVEnQSMFBwcetJMYYbZcH4OPDs9ESEHqKNmPuzWtsL3BE2KOT4LzMsrL9T/O7WW7SYnjC63BhgjnT4+ZkhEWUROwWuthuNsLjpK+LkNtV4fRDAidiOgHHJ1U6UBSC/PfIQta7Rpi6SXSymBtpwbFBUaF+apZ7Resgv6GMx3n2bygbhyKK+6SPEqtlyG5fHHPs/98FkVD7Pj7T9dBc2/4WmtYpZaa0DmBdsWnWqHPnY9yl/A7QcF0ryJDi3NCoD9sBcikOKJIwz+jKZvbKSvwHLqojqJ23oqEXphZtTLm/U4AQ42K6PyTgmtEghDomZaH03ypm90e9oEP36a9L06BYPG5+BO7KYjf1BIyEzqyWZ2uFOCRQwN8f26v5JWuB4304Hr/qEJshnTXfvTZ59ezjrVZ9E4WosQtxWCcYP6xLc/xUa6pRH6qAAR4n6Kqp5pirq4WY/6IZ1LbV+2+4qgzhzh3pzyMtecL3obu9HqoACYRLSk/BvqR0Yn+0iOHyun910B67QAIv7R/3+9NiL8UQiWjxcNp7niFntDPjARJY7yI5A+lWYukNhtkIgnukD7SLa4nmm4IusiAPepL9sMOhUAuMFkiZSnVJbIubNIjiwCCdJlKgpecVVcs03tt4CUvnHnU0YnguXVoND4LpGuOu4dTALcNFoEGSrw1AlZTGez+hvDe5G44rp5aY70eaRXYEd0Zqv+C6uQy+3LiJszsIj7IQh9hzoCvlJeeHJJtwNvYdcX3FOPrvaYJ1W+GZItzTPzromRWFaoc9nd5m4v/hqrXkTfEis3bZUerNvHRKO323NHaFZGad7L2qA3/jGcNORuZM+pv/UygcCw=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VhSI74xMMLFbhzcuviNckxino3YVW6vEOzhSoHMY4wBsIsLrEm1BGvP5qQ6LkWZZ0rJC54D9iyqwUg3EXK70vJxHVR/VO0QhxYr/ZMAU8oEbnqli4n9bnoDMNqgEmZO4H3IF/9iHzrSMq+O0IVrP4ldhK7c8EYvxdcL/4MfyWSk=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>HmYuqOeJAAT03wJd00BSEnThYbwl2tsSs/WPs4RaStFkS3iI5j0scIjmAbbSfg16WCpcJV3cMHY1LbW8DGVmRT/2gAvdoZ/HCcNeTC6P/lUrd3siyRuROvJuJxE2HRRcdykEwlEkRwsDQ3NgOaRyCPyuZXOXknAP7b4cj+dWuvDRiuEgHB9VvB1gz3Czf8iEIh1/QIspDM2rNzJ/q/aOKGk3R8QNoxSMIEKSt1v3Y5ncG4yBBa9/b/l1f4d9eVI2kNIIWXaIGGACdGzRUwsYg0oeK+XR6w7E5y74TIHNHVH0iUAS02BnizpanMP+9lk1y1Ty30SQwOyw3O7ltivtV9XolY9CxQW+eh43ZMT2Mm9CskwNaQuQ8lxuD9UUcAwjWymLb+Vm8ILvy6iW4QBWehkQsWnnwMwyVKJ2dsQygeNflribCxwd43kEeDtFMO1stMowAUjRRiVo/6MrWDsOBs1dPsbGOYcM8g3uAFpyti0QIARGHCq3cKkdfcUoHnWyBrOP4YWAQGoyV0iSlI8UCGKpDtLEDT8Wm8GmRIvwoydSy4LUaYDSX8P7M1kIJOC8RcvowHglzxb9ctOsBG4RnzXgchvAXQeppqJOt8VB2N4RcM5PlqxggyVnoHRZELNJ0eQmUi3Z4BQZ5r6JrrdaN6kQqokVVd8b85fZgd7TBpdIHdCpYaEIsFAz0up/ftbm99lU5PWvkLQJRQB4wI6Fy7KGgfoH4RFfioKXyKTNd9zpXsV7BdGf6XYwxLjptHSrl/TX68zQmSbYSuvlyRpmd7S+DDjD6trHNTfGyiJ/jm2rdlCMzPJHJJVM+I0cvrdEGp8NjGMpopmWn6t5Lf9k695XQmAuC3YFOuMegl7B4pv1zme9z1trw9bD6K1+CddYdi0hcALS8PdbPLLyHTKQndEOOWhwYIm7WRAh9uOqYGGc4EnD2K0kdMOny8rZyzCkfTzp/zdjSpSBAcgwihxhMJlqggOFVAWl1MhkeNQRvWkDYzTklf4S35PFG9fzBDxeb8UGVY5A5EKiHZ7swqhx+qCBrWjUQQYPIV/z7YqZAsh1m0CUggYXKdHqaaE/W/pd9iZwE3R3apvoha43E/smkAKqxONfvJgbS54sGYgaCt5rbQM9SaQEdrCxy5i0Snjh/R+yH9JdOA4fwNGT90gbj/C2KOj+B5sS/exbJ4EPgSfaHFHVMMh3shbJOFpmsnM8JSkUxEgolfkLhuxMwT365JI5l8GxOoRd5iVxbtukFlzARNEpI4w+aXWl5U8iCpIHuq+WPwKefGoKvGag6RyHPgm/N07vlr5aww976xHzD6Apa7V6reG4VxzTVGQejrzx4isBYjSF689aQQjfL8Ae5me21SenY7v3k2eiz2z90N42kYUN69cktUa4Qsi1aM1OUmJ6zKPex4Qj0rbcvOklyr7c1YdUhI02s/I4s7WnVheaR9iwwzuChBDHsYkvOIBjiagWdW2QYf+feyJzhjjOTmLKcAGI0sct2PzZ6SgQ0czHINusw4hQK/exANfVSn1uIoxdBb6cCArYgtWhXQ74aN/PFzxoeOjhDZTvlZEfE5N1K5+guOqL1DVMyKLggVESzDXLqjiT67Xh6RTx/LAyaaUekpjXqKbZNrV64FFx3ZzSNPEvppLS2nzMMbAT+hbv7NQIO95bponOe9tuoNCTniCW0x48o7KL7udCxbmdK2smcmGI0VthlltWCztrtbZTeKCYcVOB375uxXSBqQyCBvJU8ILVr2VAa4ReehxKkY2HUfgsygr6klh3glM+SvYmzegAS/V39TNF1gex9eRR+9bdTHMkdZ4nP63hGUvhWMipGK3aW4sepN2dkZhABK1C0iWqCYR2zwtT+yfo9UTdvqw+eReS7ala9zBVTM1YXJRGxOr20jhd7Fg9LHdIexJklKX7p3pf+d5qW2cglbaHlTaicDZRaZZdDCY6CvqFr5XoaCJSMPCqyIVFR9tFenUou8fs8yf0KiD7TblhhRG8S4laW0KAMoRBOW3RVs6savaEr5HNlXNpt9mcvnVpDVOyI9Fc8WhDcjlRwV1sEFsJNgHO5lDV2RZUr0aiASiVl6YvBfbjHoG3ZjK6ZxYiY9hDDgBow4B3REm8elCMGuE6hZ9T53Vcq9qAcP1sewEw6/VhOVcwWvYLor7qk0l5MqqbRmq1JXp+rvp54IpgZcBy1UhW6bXNX5h1ODlfyevl0H2aeipbuSwYOsyGwG6gPQE/LegpZLqjY+Y+a64VzCovIB5bROwprBUgTXq84R3YnC7Dlb0O0TNM9TwM83TtBzEfSmwK7D33DR7ANGFinPkeGD4V8+abpN/SbgmBNlhjCzofw6rwLdTkc59kdB2dMmwkB+KpPlT39cKGER/pPtdch4ZMfh65WpYDzO2GCWC8Det/ZqT6P5HjAejRngb13U4jFqXKrEr+9b+M8LIm0QP+ptXJOXDgnv6N/t+g2YUHZXEpuYpUgVmX4MdY9AoodIcZqAzLAErv2At/INbdu/LqqZYPFLmGBOjOGtI4AQeeKVfIBII6VGxQMVHmLQ5cqSED4aBzFps//Z43KMC9Ebo/d/n3syjmbklhJDHm17cFRYekkr9Bnu4XSOXHNQcEvgchiDxeacGEH9pmY6/bYHTipnBCiVVb9/m2QTNAMAJGsRA7wgsaEDCYFTcrDfT9ZZm8+1AmUrTjFCSiJvdRP5OGOyLROAlKHd7Ra+rdx3/wPNS47EonHAjiUdCI9jgltCPIO5XUCSOoSUEnYEojRDLliXF1o4dE8p2gRU9wxTK3hY14q7pIsZsryADMMEZYE0/4y7U+AvaxxppmUTHtpoExcMidG5AHPOvVHJMRoijfafP6QM1FUdPeh0iQtrChX3l5qR+VFLnxrKrqxgorKFFdHq8T4Dp6BgavsvOFufgNaWWzGi3aALjWS4rEubvCS1pBNrAuGxpy8SaGSqmfd+fCQO9BSrhNhYH/CpE6UOAsgj5PlXYWfiTOPKoVls5HYrbg8pR6JsCPTAwM2+uVjcfbnQHgjkGFSBahlkatFhOcWCFalxbeaAYvYltpX/uQ0O0B/XOal4tIk9VdqN5Lh3aqVQuAxCpMNRJYvGmOLH5b3UUkjxJwXouuxEkV6ltpmyw8R2EwSi8bpqpNY7MM7D13pUNB9T242D91A2qgGAdhd8Ay+k5spWRl82BcjmsUDHSEMW1Xb8PMlftiTa0OucAtGm5P80xGBc2VzTs+bT/rv3IsRtM9kdgsKskwo46MIZFF6Wer7K8pBqmSxh6HE7lG0RqbwXpoBPDzojSfgA9x5LrBNXrAR6uGz5v1SXdcD2SDLG70UNrigy9vMwGy6sfLlp2nBb26ILQwqvl3kbujO7vB+p5t9PDABjkHkBDV2RQIxnl+e5y36DQGD+BsIeOF6Fbik2ExUbuO4YFht7gzKYZ/74qkCtj/qopeCTin2+AHV4g/6u9g01yLTBKF1kxbxfXb47cPRUhzBi86TAySye+cQ1R0BGmd/ZJmtWaIS1wDJLBIfl7wMf8ibbtmtOmAV7NvkuzQDF58I8iv6fLNEQsjG9npYmPYeoQTtfR1QipOt8WNyHBVLLQPNVDatX+Ewl5n63JfksPTk0M0on/6mWt2q2TlXpXACuTL4MhKDRTOp0DGjLg4BunVYN54bxy2rnrIvKi3WCWmiXgEKcMhT69d25p+q0GMEVqsYVGISloccWTuZWn1K7uceIOy/aqBDb103/zGJntnX24eKLprgT0U5sMvqNNyn3GqIEHC0WywgL6YaDtL0ty+MSEycFw8teW71X65/BAjZOlPg/fY0bnoZ5vyksHn39wbmPnunzCuC9heamIp5qKRAdf1EWYHL/3Ctd5gfwp1Y1LahR3o2MvLAjae1R1BYs/AhNq85k2WgJLPhZ65/4Q3VxeT0N6LDwmwCLI+VueLfhKhKZLJmLLtOoPZgT7TgYz4fB9v14Zxjfxcb/QKitrep9kxbDcN5qlloPC/Wn+GnHY7NAnkKjsNgnHtVzovh2kGz/opMZx/3lOpuhKk78pjBX/6KJRHJRt3YOOvSR6XAzFZ6U1wcv8P5CrVcVIEoh9zZhvjiCSqWTp+IEs4FqGSGPTKoBqpr3jLXp7BLHKqAntXVTYY7aTVeCALHmkcWzh1CRgEpl8Hiq6ws4eLcYnlkZUXd0Z+ULNJyab4GDjLqP5bHsa1AlFdBJGttCJc/XZB495vTFDA6zt59/oyaG/C9eSMoqD18+nxjlkp6RdV8sEHOWLUWZCBEmhH3CJGx6gCmOwY6fCrbpugMJMR9JcutEJGlxB16y+8B5J4BOAyqcbf7UGLvs6TH2K8S24VpEExYLH8dtHjF4Qiq9oLjDW/CmVr3Yl1BK2GXyyM4yklqrbChPwNcdzPz5q5oKutYbMHBVlyU3rO3ujicmp+ZRGHD0kKzi2c9GmMR9UxChiIuERVrKr/+2K4O2NRws6pF+8TMAT4nTgQvPnT6IKpQtVGcPUXVPpfD+vgADff8q9eip+lvLJSrpacbSws+3H10OVNqtLG9mVv9/MO9zrORPJYsVDOwXd+Xi7MCxd7v0Ob4uxD7F2JTgeIHwYS+kCNWAOti5lat22E9Gj4hAO8Iffdm+r9hUUP9aFlodDX+yBFsr4QQc/1As0C5qFOklG1/fi42YYg2pljOUgCNSn3ohmmxUrqgAA46345V0bw4YMBmWVc6PsA0miQNpPw6Ndt5IWpih/daS++jtLqZu9PY30hUsyONekrUSjh+3kEeyT/IDETBJ7TOqj8mcIH1grJaEFi2ocfsJowL8kkFk8rqoWiZuZX3B2kYru97eaO03UBFYcVWhg7REIAsMSdFINmc5UMYQ6ozPsxhi+x1CiP099jNsYaG9BZslmT2GffdGUFLzx55jcNKzk3+CPVnLpkYEP2841F+QoM/N9aEkbXBY3cQ4Ew0CEGkgTAQFVRfXob00PX+5GaTvsPFvdv0urmew9VB8NxEtVVrrxeEsV54B0WnC4KiMi0yZZ2YXS5iiPsCn20K6w42OPkVAmt8dNRIa/sTQPl8BoNIOm8XkJb55VbVTe6zDF8Hd3eyB9xfFJYqeiEYpPQngI7a6ojtUYm29V5rQQ5ln/S2MMXR5Yo//CrZDZkRjeTMgF9wcbnjW5NRbbByjOmKMPkICj9sVQlGOJgavGCuqytCv2r+VdWIXHlpijOpYvAi8Fe8b66o4dS93xf/QoKftxd9EIfn1L2vYnDpMvbwO97z7SD/17uqnLtBGAUOD3PaY3izZsMFN6kL2+XBjUXAC5kmsfdz7FW5vJzsH0vKzMTklTKJwwdQ3gA4iAUHdPB9Rf3RfNbqiYAhJ+1m66DCkmcCJKvO9HlbhqNBOkzuWagoxgb3xovwX0jVWHXRGLXhoQQh5b7LB7FXH3XYgqnox5Wpe5CTipphL56nqg8IFEvtVUWR0qOXV0cmhLUcWM7zpgQ0IeBlqxI8rB1tCa0WUY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx8adccc8e-c3ff-f541-43d2-5b0484a71009" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx8adccc8e-c3ff-f541-43d2-5b0484a71009"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>+ne51iGpWNBNKIZKqK39nptj6Q4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>zN2qIyW6GVtTLJNk/p/khIeOjPK7hlaYS4HCeW4yLWFY49leC1QgAgPUbpGYQcz/9dH6tvseCx8jEVKknh/nlL5b8g0gT5gUxxIQIuY112jkvoE6hu8h/JUJ+NKGoODIlnTv/KocmPHmYcNTf9i7cqaNyI22O+3ZQZ+6ajTcvrM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Ibq8EWpKLXe1UvH3t0PU19XoLvQMv9kGuT/fxwsjvc0v7oETHVtHD7jAbWSIj+wHxmaY+Zl38XN4gAAVkuVp6caerRrQbFHXuYfmGZuCTSIwG7cXlM764V8K4zV6Xf1v9dw/6bfIcn0D2eAi9CraiIzBpZm/IRBo/BvavnyVgKc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>siOVR4SGYcu0aL5GT0ifdMGpTAWEpBOaQqbWfKqbgaY5kz+vMNzht4sCSDcCr04UNtBC/27khNIbQ30SoRwZgu/bdtjoXrDVWIRvTPUATQomiT14iiKJZ80rah+IVh7ng92wcEqOdx9nRCSWKOZk8n0wOxvAj/o69noce/7Kb/XNz2PezlLdugIz6Wx979MqjR4wcgGxZXF8YYceJsfRZ+7KynTvXwwoRHtfBTMgNtPuGlCzoaiSsm2Z7UCxXHdY/7sjwzZjsfof+q7iXLKrNzorWTMES9UqzyaJqYTvCEXQFyFXMB9DM+8xSyO663oFopTsbTAXLTDedpIc2wgY2qDYeqt3EffSyFfaKbN9ptU0X0/0QkxKideU/8LEL+Ae1OoE2zN/R45G+nx8wSFckKyUJjtf+szN13Jn8ByczTaGxDXO8Ip8rovUFxHe3hs0wM9SsWGBPqRDXi1a5tq50W8dEWxrSHLWfYjr+2FH0f/gPhPyE6syIuX8oYbRELCabis81m5JrZ/9mPM0czSsjaNDtYfuBJ8Yiv5kBXecIGhYfK8M2Z/nXECrzU1u0liFgY+BPcxlFnR9zs246yXHaRLibZpwezRfdktYtyaCwagko4CdzUEXQWD2fXfiqOCxPX+02AcfTbDV4MpCPNrcwI4r0TDnbZrd3joNjnlQxiVV4VE0iGXz9InOszb8gdpUlh+OIVQS7WRZBUIx0GXICfDPRXsIBGdv5esrduumDjJZW4E8xPATY7ypXbnGMRcijIpsLfyEbVJfH/2/NsnJnpMSqpNho7J99sIEYZ9aOQiW++KND19s0YnTuAaxhldPT9TQO+Jfi5Iav6PBTKv9A88QemUlh1YGCNVAzhB5aLM9HEiXWXeU8h+r+n3uOd9KrTDAG3x0IXhSnlGtUl6+ID8tx0WIJau/J1L89RCDAHl5DROemHjXq54v/WHDr5ZcVdtzePL1r7HrQ4y/59180PZ9i2G2O0Y71AzxnnrJlzGJOBa710+MZE+jt93K6aK36vmzE8AxVHmdBvWVuEbiq/eCimpvCQuEjR0XkjT9wZtiMWZeXw9u9MzgkW6h8s7Pgr48TyK0NNZY20/tksNGFZ/FFCf0iUtbEO3O4V+ryR0mEjVPDx0ooUq8qT5QncXQUincDaWlU0zs0QpWR+mrufJzvUforMIBbKpUQI7OPsHJTbQ7UW1ZaroQveeB5TKaUUpfvngjUm4zsacVXLadq5OxIQU2ydFMB0uSD7NdAN3nYGsxqD7DxhVetIkt9/hAfO9TxDyOZsvtxcv4d4MBYIm+kKPuKaS26ohahKSmqXFHqp2jUym76EeirbxZuIWcO2lGT8nMSp+VAw21U8rfTNocF1MU+NklfuArZ0gVwn4sMvhu3fgogb++Tpe9/yBwIYaKuQaG/QFVuvVWUP4MBzTvxPd8snlNDX/JgP5wioZXXHYjTN7ZrY5PjxlXKk0XVvgaE/fypiNldAwBxF/moDhYQWTjUqBzZrE9pyy1qDcI6qOzhTD7mzCja1iINZTZmnZ0P5GU/dXf2Ey+vk26EW92mD22SATZbNhvtgQEy663a5EFtLeZVJBj7WLkL9B20Z5xiEL59L7FV7Ps0UXzJNl/SqoEwQ0C0YKCsOy5gbNVrrn2f16odpkIqE7EjjxyMEm17hQw48IW5x8CdAYuaKnLCkiy/hGszsJJmlAnN8i5tbDBwzFB2wJsQ2EtrOl8BgG0WLthQu+RLjBiMXqRUxABkmwnoIFTkKpTmAnnjLsBhfRLIjmZ/j9nNEOwpnhefvurIgkJ4EAH9ONYJm98pZg1LQeBNFLL2UABxj5S4rxspOyXvlgu5iQQ4T/GC4zVfBClJ68LE/K/RHQUNcST1oqG/4F5A+U6s8PVjR1WV6uFrQt8dM/xJtQaEn0ejcQuaKvM/Y0ftVqCxbzjWBpn8oYFUzngZEQDRycRhaDecNabj6b6BF3WWdk4pLZUK9pVL4hPC/DDjpUysItV9ObtUOtrfOW5Z/lnTrjOo/sQRnA+8V76rzdFz6722cYE+FiekXvsj9FW7WdTXpHYvSTeXPw60F7kRVEnQSMFBwcetJMYYbZcH4OPDs9ESEHqKNmPuzWtsL3BE2KOT4LzMsrL9T/O7WW7SYnjC63BhgjnT4+ZkhEWUROwWuthuNsLjpK+LkNtV4fRDAidiOgHHJ1U6UBSC/PfIQta7Rpi6SXSymBtpwbFBUaF+apZ7Resgv6GMx3n2bygbhyKK+6SPEqtlyG5fHHPs/98FkVD7Pj7T9dBc2/4WmtYpZaa0DmBdsWnWqHPnY9yl/A7QcF0ryJDi3NCoD9sBcikOKJIwz+jKZvbKSvwHLqojqJ23oqEXphZtTLm/U4AQ42K6PyTgmtEghDomZaH03ypm90e9oEP36a9L06BYPG5+BO7KYjf1BIyEzqyWZ2uFOCRQwN8f26v5JWuB4304Hr/qEJshnTXfvTZ59ezjrVZ9E4WosQtxWCcYP6xLc/xUa6pRH6qAAR4n6Kqp5pirq4WY/6IZ1LbV+2+4qgzhzh3pzyMtecL3obu9HqoACYRLSk/BvqR0Yn+0iOHyun910B67QAIv7R/3+9NiL8UQiWjxcNp7niFntDPjARJY7yI5A+lWYukNhtkIgnukD7SLa4nmm4IusiAPepL9sMOhUAuMFkiZSnVJbIubNIjiwCCdJlKgpecVVcs03tt4CUvnHnU0YnguXVoND4LpGuOu4dTALcNFoEGSrw1AlZTGez+hvDe5G44rp5aY70eaRXYEd0Zqv+C6uQy+3LiJszsIj7IQh9hzoCvlJeeHJJtwNvYdcX3FOPrvaYJ1W+GZItzTPzromRWFaoc9nd5m4v/hqrXkTfEis3bZUerNvHRKO323NHaFZGad7L2qA3/jGcNORuZM+pv/UygcCw=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxc75430d7-f56c-997c-7d8c-ef40f545eb4e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxc75430d7-f56c-997c-7d8c-ef40f545eb4e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>iivNd5WprOAttQddWyX0HaVUkYg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Xck0jMXycx+0+WSm6W/m+HFbpiglCDYPL0f4lcAnleqai7SvzRtG1V76cdqIA8ANJbP734n3m957KzK1ma3G+u8sppWp+FjSA3N66UjMwIOqYnHURLgdXpO0hFyuFUJKpqjP/Itw6qAAjBUme3rhu7n6RaMpAYy2ppTnMgh/RxM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VhSI74xMMLFbhzcuviNckxino3YVW6vEOzhSoHMY4wBsIsLrEm1BGvP5qQ6LkWZZ0rJC54D9iyqwUg3EXK70vJxHVR/VO0QhxYr/ZMAU8oEbnqli4n9bnoDMNqgEmZO4H3IF/9iHzrSMq+O0IVrP4ldhK7c8EYvxdcL/4MfyWSk=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>HmYuqOeJAAT03wJd00BSEnThYbwl2tsSs/WPs4RaStFkS3iI5j0scIjmAbbSfg16WCpcJV3cMHY1LbW8DGVmRT/2gAvdoZ/HCcNeTC6P/lUrd3siyRuROvJuJxE2HRRcdykEwlEkRwsDQ3NgOaRyCPyuZXOXknAP7b4cj+dWuvDRiuEgHB9VvB1gz3Czf8iEIh1/QIspDM2rNzJ/q/aOKGk3R8QNoxSMIEKSt1v3Y5ncG4yBBa9/b/l1f4d9eVI2kNIIWXaIGGACdGzRUwsYg0oeK+XR6w7E5y74TIHNHVH0iUAS02BnizpanMP+9lk1y1Ty30SQwOyw3O7ltivtV9XolY9CxQW+eh43ZMT2Mm9CskwNaQuQ8lxuD9UUcAwjWymLb+Vm8ILvy6iW4QBWehkQsWnnwMwyVKJ2dsQygeNflribCxwd43kEeDtFMO1stMowAUjRRiVo/6MrWDsOBs1dPsbGOYcM8g3uAFpyti0QIARGHCq3cKkdfcUoHnWyBrOP4YWAQGoyV0iSlI8UCGKpDtLEDT8Wm8GmRIvwoydSy4LUaYDSX8P7M1kIJOC8RcvowHglzxb9ctOsBG4RnzXgchvAXQeppqJOt8VB2N4RcM5PlqxggyVnoHRZELNJ0eQmUi3Z4BQZ5r6JrrdaN6kQqokVVd8b85fZgd7TBpdIHdCpYaEIsFAz0up/ftbm99lU5PWvkLQJRQB4wI6Fy7KGgfoH4RFfioKXyKTNd9zpXsV7BdGf6XYwxLjptHSrl/TX68zQmSbYSuvlyRpmd7S+DDjD6trHNTfGyiJ/jm2rdlCMzPJHJJVM+I0cvrdEGp8NjGMpopmWn6t5Lf9k695XQmAuC3YFOuMegl7B4pv1zme9z1trw9bD6K1+CddYdi0hcALS8PdbPLLyHTKQndEOOWhwYIm7WRAh9uOqYGGc4EnD2K0kdMOny8rZyzCkfTzp/zdjSpSBAcgwihxhMJlqggOFVAWl1MhkeNQRvWkDYzTklf4S35PFG9fzBDxeb8UGVY5A5EKiHZ7swqhx+qCBrWjUQQYPIV/z7YqZAsh1m0CUggYXKdHqaaE/W/pd9iZwE3R3apvoha43E/smkAKqxONfvJgbS54sGYgaCt5rbQM9SaQEdrCxy5i0Snjh/R+yH9JdOA4fwNGT90gbj/C2KOj+B5sS/exbJ4EPgSfaHFHVMMh3shbJOFpmsnM8JSkUxEgolfkLhuxMwT365JI5l8GxOoRd5iVxbtukFlzARNEpI4w+aXWl5U8iCpIHuq+WPwKefGoKvGag6RyHPgm/N07vlr5aww976xHzD6Apa7V6reG4VxzTVGQejrzx4isBYjSF689aQQjfL8Ae5me21SenY7v3k2eiz2z90N42kYUN69cktUa4Qsi1aM1OUmJ6zKPex4Qj0rbcvOklyr7c1YdUhI02s/I4s7WnVheaR9iwwzuChBDHsYkvOIBjiagWdW2QYf+feyJzhjjOTmLKcAGI0sct2PzZ6SgQ0czHINusw4hQK/exANfVSn1uIoxdBb6cCArYgtWhXQ74aN/PFzxoeOjhDZTvlZEfE5N1K5+guOqL1DVMyKLggVESzDXLqjiT67Xh6RTx/LAyaaUekpjXqKbZNrV64FFx3ZzSNPEvppLS2nzMMbAT+hbv7NQIO95bponOe9tuoNCTniCW0x48o7KL7udCxbmdK2smcmGI0VthlltWCztrtbZTeKCYcVOB375uxXSBqQyCBvJU8ILVr2VAa4ReehxKkY2HUfgsygr6klh3glM+SvYmzegAS/V39TNF1gex9eRR+9bdTHMkdZ4nP63hGUvhWMipGK3aW4sepN2dkZhABK1C0iWqCYR2zwtT+yfo9UTdvqw+eReS7ala9zBVTM1YXJRGxOr20jhd7Fg9LHdIexJklKX7p3pf+d5qW2cglbaHlTaicDZRaZZdDCY6CvqFr5XoaCJSMPCqyIVFR9tFenUou8fs8yf0KiD7TblhhRG8S4laW0KAMoRBOW3RVs6savaEr5HNlXNpt9mcvnVpDVOyI9Fc8WhDcjlRwV1sEFsJNgHO5lDV2RZUr0aiASiVl6YvBfbjHoG3ZjK6ZxYiY9hDDgBow4B3REm8elCMGuE6hZ9T53Vcq9qAcP1sewEw6/VhOVcwWvYLor7qk0l5MqqbRmq1JXp+rvp54IpgZcBy1UhW6bXNX5h1ODlfyevl0H2aeipbuSwYOsyGwG6gPQE/LegpZLqjY+Y+a64VzCovIB5bROwprBUgTXq84R3YnC7Dlb0O0TNM9TwM83TtBzEfSmwK7D33DR7ANGFinPkeGD4V8+abpN/SbgmBNlhjCzofw6rwLdTkc59kdB2dMmwkB+KpPlT39cKGER/pPtdch4ZMfh65WpYDzO2GCWC8Det/ZqT6P5HjAejRngb13U4jFqXKrEr+9b+M8LIm0QP+ptXJOXDgnv6N/t+g2YUHZXEpuYpUgVmX4MdY9AoodIcZqAzLAErv2At/INbdu/LqqZYPFLmGBOjOGtI4AQeeKVfIBII6VGxQMVHmLQ5cqSED4aBzFps//Z43KMC9Ebo/d/n3syjmbklhJDHm17cFRYekkr9Bnu4XSOXHNQcEvgchiDxeacGEH9pmY6/bYHTipnBCiVVb9/m2QTNAMAJGsRA7wgsaEDCYFTcrDfT9ZZm8+1AmUrTjFCSiJvdRP5OGOyLROAlKHd7Ra+rdx3/wPNS47EonHAjiUdCI9jgltCPIO5XUCSOoSUEnYEojRDLliXF1o4dE8p2gRU9wxTK3hY14q7pIsZsryADMMEZYE0/4y7U+AvaxxppmUTHtpoExcMidG5AHPOvVHJMRoijfafP6QM1FUdPeh0iQtrChX3l5qR+VFLnxrKrqxgorKFFdHq8T4Dp6BgavsvOFufgNaWWzGi3aALjWS4rEubvCS1pBNrAuGxpy8SaGSqmfd+fCQO9BSrhNhYH/CpE6UOAsgj5PlXYWfiTOPKoVls5HYrbg8pR6JsCPTAwM2+uVjcfbnQHgjkGFSBahlkatFhOcWCFalxbeaAYvYltpX/uQ0O0B/XOal4tIk9VdqN5Lh3aqVQuAxCpMNRJYvGmOLH5b3UUkjxJwXouuxEkV6ltpmyw8R2EwSi8bpqpNY7MM7D13pUNB9T242D91A2qgGAdhd8Ay+k5spWRl82BcjmsUDHSEMW1Xb8PMlftiTa0OucAtGm5P80xGBc2VzTs+bT/rv3IsRtM9kdgsKskwo46MIZFF6Wer7K8pBqmSxh6HE7lG0RqbwXpoBPDzojSfgA9x5LrBNXrAR6uGz5v1SXdcD2SDLG70UNrigy9vMwGy6sfLlp2nBb26ILQwqvl3kbujO7vB+p5t9PDABjkHkBDV2RQIxnl+e5y36DQGD+BsIeOF6Fbik2ExUbuO4YFht7gzKYZ/74qkCtj/qopeCTin2+AHV4g/6u9g01yLTBKF1kxbxfXb47cPRUhzBi86TAySye+cQ1R0BGmd/ZJmtWaIS1wDJLBIfl7wMf8ibbtmtOmAV7NvkuzQDF58I8iv6fLNEQsjG9npYmPYeoQTtfR1QipOt8WNyHBVLLQPNVDatX+Ewl5n63JfksPTk0M0on/6mWt2q2TlXpXACuTL4MhKDRTOp0DGjLg4BunVYN54bxy2rnrIvKi3WCWmiXgEKcMhT69d25p+q0GMEVqsYVGISloccWTuZWn1K7uceIOy/aqBDb103/zGJntnX24eKLprgT0U5sMvqNNyn3GqIEHC0WywgL6YaDtL0ty+MSEycFw8teW71X65/BAjZOlPg/fY0bnoZ5vyksHn39wbmPnunzCuC9heamIp5qKRAdf1EWYHL/3Ctd5gfwp1Y1LahR3o2MvLAjae1R1BYs/AhNq85k2WgJLPhZ65/4Q3VxeT0N6LDwmwCLI+VueLfhKhKZLJmLLtOoPZgT7TgYz4fB9v14Zxjfxcb/QKitrep9kxbDcN5qlloPC/Wn+GnHY7NAnkKjsNgnHtVzovh2kGz/opMZx/3lOpuhKk78pjBX/6KJRHJRt3YOOvSR6XAzFZ6U1wcv8P5CrVcVIEoh9zZhvjiCSqWTp+IEs4FqGSGPTKoBqpr3jLXp7BLHKqAntXVTYY7aTVeCALHmkcWzh1CRgEpl8Hiq6ws4eLcYnlkZUXd0Z+ULNJyab4GDjLqP5bHsa1AlFdBJGttCJc/XZB495vTFDA6zt59/oyaG/C9eSMoqD18+nxjlkp6RdV8sEHOWLUWZCBEmhH3CJGx6gCmOwY6fCrbpugMJMR9JcutEJGlxB16y+8B5J4BOAyqcbf7UGLvs6TH2K8S24VpEExYLH8dtHjF4Qiq9oLjDW/CmVr3Yl1BK2GXyyM4yklqrbChPwNcdzPz5q5oKutYbMHBVlyU3rO3ujicmp+ZRGHD0kKzi2c9GmMR9UxChiIuERVrKr/+2K4O2NRws6pF+8TMAT4nTgQvPnT6IKpQtVGcPUXVPpfD+vgADff8q9eip+lvLJSrpacbSws+3H10OVNqtLG9mVv9/MO9zrORPJYsVDOwXd+Xi7MCxd7v0Ob4uxD7F2JTgeIHwYS+kCNWAOti5lat22E9Gj4hAO8Iffdm+r9hUUP9aFlodDX+yBFsr4QQc/1As0C5qFOklG1/fi42YYg2pljOUgCNSn3ohmmxUrqgAA46345V0bw4YMBmWVc6PsA0miQNpPw6Ndt5IWpih/daS++jtLqZu9PY30hUsyONekrUSjh+3kEeyT/IDETBJ7TOqj8mcIH1grJaEFi2ocfsJowL8kkFk8rqoWiZuZX3B2kYru97eaO03UBFYcVWhg7REIAsMSdFINmc5UMYQ6ozPsxhi+x1CiP099jNsYaG9BZslmT2GffdGUFLzx55jcNKzk3+CPVnLpkYEP2841F+QoM/N9aEkbXBY3cQ4Ew0CEGkgTAQFVRfXob00PX+5GaTvsPFvdv0urmew9VB8NxEtVVrrxeEsV54B0WnC4KiMi0yZZ2YXS5iiPsCn20K6w42OPkVAmt8dNRIa/sTQPl8BoNIOm8XkJb55VbVTe6zDF8Hd3eyB9xfFJYqeiEYpPQngI7a6ojtUYm29V5rQQ5ln/S2MMXR5Yo//CrZDZkRjeTMgF9wcbnjW5NRbbByjOmKMPkICj9sVQlGOJgavGCuqytCv2r+VdWIXHlpijOpYvAi8Fe8b66o4dS93xf/QoKftxd9EIfn1L2vYnDpMvbwO97z7SD/17uqnLtBGAUOD3PaY3izZsMFN6kL2+XBjUXAC5kmsfdz7FW5vJzsH0vKzMTklTKJwwdQ3gA4iAUHdPB9Rf3RfNbqiYAhJ+1m66DCkmcCJKvO9HlbhqNBOkzuWagoxgb3xovwX0jVWHXRGLXhoQQh5b7LB7FXH3XYgqnox5Wpe5CTipphL56nqg8IFEvtVUWR0qOXV0cmhLUcWM7zpgQ0IeBlqxI8rB1tCa0WUY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>