Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxba0658ee-2034-6f86-8a96-b027ba42577b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxba0658ee-2034-6f86-8a96-b027ba42577b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>jxa7b/184pxz9DFa6Kpqjh38jWo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>DGT55zVpEojnzycy0hOhQ4wG95hL+pWknaqLeln7MRN1tm7IlMk13nzfeKB9Vxjxf5ynswD4d74otYrByrcUDGG3UXGT2acIwIwNgabYqAX2JOELXPi0L+qSQkPHDUCpIqiM2Qd4BGbasrfFvBn7TpPIzY56Ru+Z2kmNP7epIz0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx77d9bd92-efe2-eb51-cc48-42352b4a8db6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx77d9bd92-efe2-eb51-cc48-42352b4a8db6"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>WTgnhFkofInwxR+kkG4zZM/Sr1M=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>heWuVElLun8OdaSWEbJ9PdjXsEvqpqoBFjA8ADxSQBtrgn7C5rq1PLKYU26mU9f2kmVetteKP70MOnt6tBewq2q1Dv3MFukwEG+cAdJ1umV5We56xp7Mg17ctSjbXZvXvC7obMV0cITD2oGCMUhchb1hPX+Sjd0RF6yq2uVf1UU=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxc1133c8d-025a-efa8-42e0-9f77d987c6d9" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxc1133c8d-025a-efa8-42e0-9f77d987c6d9"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>8cq0Fa/i4cc4wcVb3c3zD3r5Rnk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>GwQqBacMD5M6QPviVT/i/Krrs6qdznvN3wNToRPaZ6i6UV6dZ4m/VS7yD2PjY+yOQkBFGuPjBHklwXaVQz4J+y4m2hjqp9OzyelwCkQ6NMZrHMoj27BZKCXvIcvdUXwCT/43IPJL5GF8oO9Ql1M7AdAypJ8FUcBfzCN1GONfFaQ=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx49a67e27-5912-970f-9c5f-692a7827a08c" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx49a67e27-5912-970f-9c5f-692a7827a08c"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>2nJ4XO6nWH01Gei4+bvb7m0dOAQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Af6c7GmV+VWzpP457wFftBdK4JkqKttGo9so4UWcvOkVUHD84cmOMUJYkQIAGC20EwDR6lqeuvlxvnK+D5fCyU848K5Hl82DIN7Ix7suMHwXX8NmM3O1F/6I6L1ymHR8uv4owrwz7HyhyFWzEL1AAkFTpmOzYgOg1X/hc7f7fMQ=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>R+AqSZ5EwQd7kaFIGFWCoFCQxsrVNney6V0ifA8WdznrpD9sZfqV/2b/pblIiv6KVHHSsugq2GmhGgQeUi26jo/WZbrkjNnc+MEKVwRQFQFA7WWA/yocPk0CZKRS7NnDueIl7Gu4NS8UuXIbLdqdBMavOBOsTjknseU95L82T5E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>bz6aMq9MDOCKJnNfDLjSutMXU7SF8yesDEADoWkHPqVDzt2tbOLJ9+SzGwMDoBqyX/PP6YapzvqmNmcw1kGkw32xWN5+8xg1GMfl4W9pQwucbQUnf91vnwNynkHVPi9xYP/GtYOXqIQbeJ0OqKbBFmwp8htUAH2n1+4j3TZVUiIdmGGeCXh21SextyU6BZ2Rg90b/Mx7xpL7h9T1++Md6CoszW/p4VAtGKD+hS0NhaUPJm8sD5EraI+QPtl1z4VlkAQTJg84ye9dvZMNAq/9Mu3f0t1rwsiTdjwj2ocQ0Q1HxBUfbxDkprsrJuFk7kZ0Jfra1IQvIfxosxg5VVwy90j1TjnTcXTbkV/bepDgvWtFq27VhYS24If9JIYnw7lFklfwhDg7D/uOv8P5R+4BcjVo20QHSwGguNq6+XTzzC4OHxfY8q9eD1bVnMsDCOnQcjECG/A4m8JJMVDAladlgU8b/YSUR/2X8G4u1vTjY1SxNdAar0ZtBzNH2V8NA9IgkP2yb6L3iOF7nBfGX9L9cp98u8Ievtx70V0fVJDdkUG0dsVeyhECgd0A6DMA/jehNzIOslx0ybh2Tc/SQLDnS0OTEG76YyK1Fnnh2sLCfg+B1oxhcdEjY2CrEZ7GIpqmOrZ/kwpkqX+V4qV/9k3ooFcNyg65Lmkkoa1K8iIE1CnOY7TE5fMLKg0ZHr/5tUQyJ2W6W5aWCMUC6AryC63AAnTkf4mGKgxFmd+c48BwkuXBc+16RZtlcqI4t7Wt1QkYoyK4Z4BX4nNeuwp/lIk3jBFLX8gqZjqoP8ko3eVFJXkYIMuXbC+9KRsa+1J8dZMvEOAMDQjj9YaIM7dVVLD9njrzBE008kglmxYKr4pIbYthTr0UT/qy7f5YFTs2gwy7ku7lrZR29gLn4DhbmfJRkMbZxCyOIPqoGr4jWvz49IY7ivbRjxakLt+e3ocrqn5GFtWEMaiGvTmKjwBc+pU5oKcw80bkvnoHihd7dyIWHrpkpaUw8PmGI8OKEc2vfONSHkCYxYSTkhyeVpJQWYC/zzp6vA/7aY3/oxuvWJlkhVHSWuk3MPKdhsUsOI+jHUIMr8gAoTEWSKd3UTRYeF27p71EQuTjbMc07qJMtHLPqkGMX+6wTDMD9Q+GY0D9dOt3UR90H5y9ukcL1XqRL1Ku1od+txKLcENT+HNKaWUpIklHcDQ8XPNpffE/IGpGmWvxf4UzwRLpkFxMmL93JAq6kiQ0ZiUqkHZe58hXjDemjtPc3cM2Rfe5UXf23kHuvQUbFBdxb4oyYC+k/efOzTkS4s8hoiIQHamuTp/lBNplvFAQvAF2Bn61j0fqZrVn+EARUNGoVwq04XhMftXqdy7RDDhxfd2+Wd+RisjeY6Hz5Ad0wjcfX1Ty+ak2l3BswmLWnjvhL44yo6eOj3HxrxbFtKUqXqWyZ2kxNPZgspwyYvktiovN/z4N3/K85Z5ThlMgWnw7Ypee52RCHQPgISDjQrgy7HnO8KkVrUquMoTtS4g1i0URcbpcq5mTGSCdT/3fxnIKRYar7pu4u7IfmdKVi54L3q7APEz7HsEWXe0S0c0dUthBPrXjmWPNsyHk+dUSlSy6CDfwg3mgyIXB8x3t85uJ2rIsVEiF5jzXlKjGNk+Ce/A/vpDUSph/MW0kZteWTs0N1vmJHCAFYJtcaPfVpj+7Qlor4KBebRIsezGiY2WSxP6mq0K6JFArlrDBRqYdqw0Sg28ZtasN87MNhei3oLIWzV8NG5sp2vR9EZYzqbFTn9CWMP3c3QifXBOHbW9JCXy5QyCoR9Ut0SnzxaE8spzEvqDD2bdesw0MzSiJxd59jaOaGHXpwklgSwL09TKUXAnT4xQMpTZVfBtxcYjWACH1J8s/Q0MopgYoy2mUrt+pms4cSDCW5nfdK4mjYR+KzNOhmEXH+0/4McKix598Xr4uHnQ/iXYkC2+Ylc0ttDNiNRfYheEou2il4O2xbFaI7pfSWcNYAL2ifd8MrGI1rb3jz486bliqcbtXOdicx+bLoFdy4uODL05FkmLYskK3hN0Qj43e6xVsEe9wwSwnD2m+7OnFs4RmlL/zIbl3tiXUbJ2gVyqYYbXXBnSIfeCM3QttwGVutKjO/IyXmCskXCDcXb5Fj4FeErqKmK4L0pN8nsWvI8vsqXdNmBP+O5OxCsR02jIqmpA4Zxeq6REp9JyUWvTrJTYUK0ZujfrOk7EfvvLo1KMLFglNPhWRfnmejZ3fToYZ/Hysj99vkYymI4TlGdhe/0bciyC5KvVNpqENrKDenTn6wastyMpk54EJzWwAnJTv4Xj3mojsroZE6RPiMvAMW3qX7/E/5DYy/uXOwp4vKLGzT+14xFjwYK0osIoF+2m0RqVbleRCV6jWsaIKof90uRS6M+xNAnzlFe8XKL31O6EBd6E2Ssoc9BTrkjKi278NwHDx3H5jSJARXe0LY4vcJGmIzbRCvzJFPIS1dvzfEg1BK8m5D19OVgdh0IYklBHYwbByiv0mnOhZ41M7a2J5aLSZIYts4VGVLrWWk/FZkRQk9bCrUyxZT8d6y2KQ7tar/GMILlNW3S988YDa/3wmYUv1l8Nz0VPZkKymPRft1mVfY6ues0dROIW6YbLC44DK7WDUZXvMYY+NouXLom4TvhUO8jad+JvnJIBKWgY9erVUDaR1V9cWWoP5iamWcK9X9ZL4xXzRxAdi8AD7t9eCiZuaCglKnSn603SeHwYjx4uOV/coYqvMTXsQHcKtDitLwMTz/FLtXe2EGEh9dccLptHZ++giyhjggEH81H1tkk04x3JZzx6iLVSQI1rCwmAy0SLuXIBVtgw52B8Z9QxHTQkTbgX7D0Uijtq/ez6o1yRpENcYCVcGKLArB69st5oYI9xtPgzgtCgp1qJDF23Iwy5r3EWcgCPloy8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>cEUQt5DbJOm++qGxOcVaCGoNsBiPy5y9pmWjsvIp3B9vBfNS1QFCqUwknh/GMF1G+t//RbJlKfkfuCt4KPjn23aDIaJ/1Kj4flIm3VLELgh4nZMIU5LcJV1gwny162s/y4NJl3Jj6ofHVuMssjxuXkNd0Dg2oxGqkf5foFqmJb4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Kz0jcEEO48LYASxluJZdJmugKHUAzzMkyszjR9iP4rceLXnvOfpA8147ThOo6l3gjRFUPQgRoxdBgm2eKkZg9IT5P0sHure8OF9Rx683sDVMsYFCYmkOUAzJqn+f1CPcvSifMH7nhC45llgEzyWzLA3TKnvsS/avwIGDAaRqjuU0lRnhhOJ4eyNka4Ryi2++ltWTqo9ppMpSkXGL19JUKlJroEyiedNilKimWx1uScaJxjrfjeB5vMD7fKjjIWbm75XuMk3krV0Rcna1W4//AaGrPGRr4pPAPZdpCW/5N9zfV3gte6HeiqX3a+tNqKI7d6UxpOySJ/Me4rxuLk7he1tes2mZqbFBsCbhR5b6B0brgz+vQrZMpRhndogW+rzp19QfO2L6qSbfI6kZwKkD1jUqNJ0kJ0ZrnuBFB4z+IsnT7O3AkQ4Oqy4eUROW1AW2oDRMME25FenUbs+HCUH2NlgdzbQQks0BrK+eDxT8CWAqhpyUeFlc+JpxolVatzfgzroRqiA93CHTV8/LfBf6rfEnDks5Gxp+gRbumTvpyd4aP358Cae7glKIZL9BFPjTJaOsDnuvzxZP27HtaMKDYnh/avf0Un0C8IbXHukrBek45jFv/gbt07R/e8LfsXdyXqLns7EO9Su+h25txJKzYHp/Yy+iAJA0IAKeu6UeMCWHuazmllXXaOV/cU4qiX7GBrbW5v2Ie8ravwjiSOITmJUn+/ayOJ16zsXD+yCgemMeedoVoOy5lL40ZjKmE/4K3qX7cL8HJV7gUMmU3Tg94EjdNr99Rnz9LA6FV+s5T/HGWYHSJOgMBgd84+eBHeReQvZMjhFcs5Rzk2tMb001AmWGXCn7q755r0rxO0DZgtAVfaU75o3y5x8pvZnBZdxjYFUYQJRyhHzrClw8rcoDd6NnuBphlypuWZBwg+053dSPJwpQmvM0+LerOssHfXnaAjyAPGKiHvNFTkKRkRE9TNvQRRNqmUIxGuMTA0/W0BhMZ6cUOjG7Q7YuvszWO3qPNOAUZrvFsHGYAARy+5G3g0HIEd9Jwz9wtDQ6GzMK0nqLJfPBtJOZ15nfIpCle+epdLuXaJrzFAngKlGyCPMkW+02w3q1xqiCSF16DPYclcotb30ob82OX5iy3OibnpGVLbaT9hCR1ACAjSub3/AbQ+dEhB+UoWKO4+5x1254RCUsoHFRgZCR4x/kUo9RnQ5qul7HtcjYC2MQwIC5JwmPZF3i8ftOVPS5qe+gYnqdBYO+NPlMFB4r8NaVwBoF0MOZTkRaDmBgepUb1lKKKIiwMV/6EtYMKPaCWMItE5ONU9StRC7hj4H0wULWqubC5Qt/niTOMBtK8WOmnt06isWyHyFzjRAOQ450SKR1oWyAiwqBcPBY4nYFW2Cdsgf+xWxfC8LJkelwWtlK4p+YcePZO0KdrZgPVgjWW/gnOffXn1IN9w5s/HRnrEXwSeIwcfvruiDDSmAlTeljv3jhh2Dx9Vf/al6PZMg7U4Kpod9YypbYivMPwA0RWZP5BZaB1fvc7OjY8we3VrhyF96vFtVrt28DliNb1pKlQiYh0gS1my9HfpZfWl91qVkyhpGt3PcJ6yvYyPmbj9x5VW1ko7m2gSf3pipGcA/6y8CNHcWBeWZY9vSZEEDES5Kw/4wNbVPq9SUywE28v44esn7HECOuZ6UW6+lXj+VD2rRHlDvRL+d8PR5Y/kmAOtjBSSObsC5Mj0CMrkxmrcLXCpj6xNXSRQXeHPXD7hjR38t1Xk/++w3Z+NF2yTbRf+ogzdkIP9JxkZC7ul4XPoV8rKrRnZazc0eNsh0i1MtCjK7CXVmkPXH3fmqKeKivhq5iXP91W2+LvUJVIHnbSnLUe3gmS+eJQ7zQz2VFkLYwl/3yTGz8b/aywSvz9vLHHXlxijyyK1Rue6f7W1gVEcoQ6uYAI9Mgq/tPrLHgmAk3+Yh3OyZcuOagAG2/udfEx4BJ4qG4jD5PbOAXGrh3lL5DnKPVw17B0KzJSWvzv8ZsXigujmzAjL4duLYPc2LPOSYanpi5DLvXtD71iFUOAUfvW1bMR8c400MfghGg+ln0zjx8J8+1I3VLH77zbh7Ym7qjxh4ovoaGzIHRx8C8C3UzhsJOz0bdv2l0IyLnJDJ2FEu3Hwo+XnN2pg7bZwLSbMaefnHohGnLo1hhl9ONUe6chGFeqaX2MBgx6I7R0Lg+66EnNeXa7nE2l021BiYGpq7COBjkM3SkvZzvt7Ay1vWn/U3SvwvgIOfKgdIIB36hd01nt+kLl7f9ab6DLixI3A27jQztLcC1s0/h1oMNLNJw+xz4+knPUDbYjfncYU7kTMuelgrMwbbS3z55FITOJWpw/c/B7fBCRskHRjTWDC/8wETAVDfZF98rnyBXXf9q7ZNwXOGLOI0BPP9KSOHiLSp5fZWo3LD3ZP7A/a24cQFWMPsPIuXyp0A60zZmu6/LjLbDIErYkzXDRUSpYLvCKhPvdLs00QRis332r+woj8bpFHeJL5NCq5w7hBPXlYPOg2fGzjydOQDVAtqYO7pSxFoQweYF8U8Nd9OdK6CVpEEgHKaiUTlFpGrt+NimyHXuUGMplzdNvoZtX6AbriqDj31UkXARVqqpiw1JOdAdy97/Dk62Mc+JdmicLDdRQvUZw5aW3Cdj4SWk9dG7kfq5mhjlcxM0wxAUYKiKER6PJi9Xg85h4I6kCpnVr12vQHAQVF4oX1tMvE4NtdjKl8TLxYgyYm3PR53maNq+rdryw6MTmj4FxGIf1ijW1DJaQlPo3ZGC9yOdynU+sYaNRXZcNfUpwH8qY38c5tj35aE2KKl4Eqjd4Tnbw5oYMpc0lTxC34LEIEwBrb65EfZ4GrPhsmeIazq8TsaWgBhHg4Qk7VzvolyYTQoFg7zwivdK5mxW4cJ+WsRaKuEng0PVzw5WO+rxYNtV+93XnQ58imXSP3neaqVwmy1N4Qiy5t+gy0XmsHVZ3NcTaYEa6aKf66e3T0f47oSs6m0CeiYxCtjOX0MzgwT5odxAx36Dpj670EnTiY60EJ/lKVthegPp7uRR8aKn44v5xBFnwHGLLzitBPsn9un8R5vgSA0kLSSv05S8MRZoUFbXZR5SObLvHmfeEs9cTKcgw6BjKF4Foi8YoH3O7/6TKqxn/HPIRLOUPWqDeYeR5IMGLUsmZ1noEVmOItNGd0hkAZYNBTgH+F3P49IMZWu5cjhqE/7sU7EKhuUcMjEvX763aOvHPp1sx/hS4tcFNoaggZium15/9hLid3lS8RRFgHibrn1PhdCac/GgHxdRX4m6H1AyjKxdhERa8pI/19E+6xv6CSz1Y0VUfZWybCA0AWk1MyDbEbDHRWdsaWvAOGjpwlIX0qn2tfRGb/EpIgXFO9i+0txdX3xs99NrcHTUP9ImfrILXpE+C0nH8mGzv8c5FL9da1BC4Bcz8G4fJ6QuWdQl8y0GB/dgX3LXl6rGTz/z0ywZjPuri0qDnW8wKohgdPWgB2tpTjuZKDbqijgQGMpvR+nfVam36zGRNxCgaAoTDLlJ5bKY94p4/TYNLG3GXD2LRBnw7bZTlI2P8mC5u0RAFCIA8ZSCDx/tGN2JHJBM/69v2CYJFjkLLhg1OjnfZgdeelWIUlhdLD79JZvOxgAfgrWGH7scxGeiFLgUZCr6/8Eg7ak/q1CWYNz+juqcspCTkvbiQPH6qLnZeFfplW+buqy9j6hYCRK6eGO057QlTKC/XWjqmXnAg3c4Ow5H9ErICA8Tb6b/vBXYA9eX+leEk3OJ86hOUhD2fuGQY/beJyaCvC4RP9tDbw/ZO6k+PQW3nOzWFBuyDEr/oLIg9Q/QImxBv16VCTMPB6B+IdLXDfvKQQnjbYpdBNwV0/D5dKuM+hX/5UfLojLgEJwgmj6rdE3ZUi8tphc69//hIEcKQrQRCHkXhhPpL0FIpoPUvQm0gpdw97RpSBbADkLpLfAOEyAz9gwkTn2Y2hKdt0vgjzKp8xAjuM4tuWzlohdsjqYk3//nxocFwdpes9TzARga7BsKcPccGUMUVRMVOn0xi93XVyC8j0zIinvf3tZREpoRRjlzEhDinVnqpSfKVtdp1fqXJFZCLfi5l1fv1JZE6I4dxHyJs6hU2d+59v2KHnyU165CYXVhbhkM8Zh5/ncIhne/SB9l56RL4wi6y2ahEr1GVO9Z7YqA07ByEpw5XDhpqynkOSWimn9cTZwbn1zCZFUYgyzxt7ai2c7C/WbOsjIfy9OvKdM3yL3jlSCCXvTcXTDSPxE63XKO9aAJnBaO2VcMKTnzBEfnpYToLqB0QUwsnLCAMdx1+ShTJkWFKqh/VoWe3CHt4qlmx6s3/d4LtXp65mnm5VpQVpV6PeI095OYoQeQcCYgfjxPaXAtlHtrgeS72O4dPiN0YxIqwkYVijkKShR/6vaSDajbZHCvaz4HQkrkLhi1TVMukqE2YByVvBvlv5xnNRfdI1tAlMsexL2yhriP3aB9d7yivtMOlyFCltq5m6mMEdpieOlhy4zzrCQe2b0dGiWrNoTfeRvAgvr7S/qBFYcsvPWp5B+zRpEQngAD/6bzJRqS3+ziFdbfriV30UnYJbY+kohzwQolqZzv/pQV9eK6PEaM/0/M+NeqSgrGjLtJbPWi5oCkhcnCibHJiceQiGcZjT8k+p6LdsogWR2zH4JkhGp1H1jYW1ho6oZaNZn0Hdm0o/Wxat4hNk+W9TRcQgO5Dhj4eaCYFw19lp+5vZUsibOcvK+cRN/Nvn9FZAeVr8deSXnE3N3kfXbQWEzxLKLfhb3eytPN19TwnUTa9ehWZ65IN86jBbbn6dq6viCQ7Zv8RBcfoRDLrde8uKvQ8pd9tMVn2oHpd70u+CrLvUfFA+N13NwhtD/A3+dCYgajebvf8lj29Kl60+lVsolYzJLsk4fipK5nADS9KtqyrQhgvDHv/LGoVlSNxTK/DPdSIvOblBy91UEP4uifCOS1icmkQSHaRft5oy5k4FT9OKSUooFAr8DWjiruBoNYQtGICDs93z9osFiiExLZRuB/14hxGD028sw+AzNmBGHhPsSeRoFl6mCcmsLaZzhMcFuT2vFM4y02BwCg1wRw/QSM9EMp9J3wZsLFqwVT6WVbup1gSGSfEwdZ4RXuNiLs1Rq/UoOadpmNemeXvcHDuBP2Op1V06f8jF6BQdBYDAo0dvkT+70GeXb1L2ejeR+87dvdLKOip/p1Z04fuPzP2V09seQuYXpsJvLxQgajqF8qH6HsovGXXa4hqQe59Ql+C8hHFv0Tg4BnOhJ2Zpq29HQUuWRQhzwh1WmFHq+E/F4zlNMujm+bSqrC7eobZD9b/OFVZPlnDbed5MZpoxAI0VLPcK2zkpePM+iebNEmYjx5Yanv3MTrfDMqmKK6DsLm38sV5I4/YqJDB0iytOdCcwAtA7m6ue6cuG+f80yNmEkZYi22iI94JBUIK42WnIILyM8GeSFivREUqFo=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxff9d3f6c-a804-33e6-2ca6-b2a1d0152aa9" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxff9d3f6c-a804-33e6-2ca6-b2a1d0152aa9"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>s0ISDE1afuzzCZzLKtRray2JseQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>AP1Mp54Wt7ZvxFXtH47UqFulebkNerpOGB6KU01B/5U8e+31Has5zO4exxivelNJKAZMy+KFvp2Gs6xUgWqFATdqeGAq7sciMhwt97LOcYFqS5dzPNcGZ0TujwdM9IFJLC7r1QA6xW75/qoTq4u7uHmKFdWpvhIzpNthj5VmPsM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>R+AqSZ5EwQd7kaFIGFWCoFCQxsrVNney6V0ifA8WdznrpD9sZfqV/2b/pblIiv6KVHHSsugq2GmhGgQeUi26jo/WZbrkjNnc+MEKVwRQFQFA7WWA/yocPk0CZKRS7NnDueIl7Gu4NS8UuXIbLdqdBMavOBOsTjknseU95L82T5E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>bz6aMq9MDOCKJnNfDLjSutMXU7SF8yesDEADoWkHPqVDzt2tbOLJ9+SzGwMDoBqyX/PP6YapzvqmNmcw1kGkw32xWN5+8xg1GMfl4W9pQwucbQUnf91vnwNynkHVPi9xYP/GtYOXqIQbeJ0OqKbBFmwp8htUAH2n1+4j3TZVUiIdmGGeCXh21SextyU6BZ2Rg90b/Mx7xpL7h9T1++Md6CoszW/p4VAtGKD+hS0NhaUPJm8sD5EraI+QPtl1z4VlkAQTJg84ye9dvZMNAq/9Mu3f0t1rwsiTdjwj2ocQ0Q1HxBUfbxDkprsrJuFk7kZ0Jfra1IQvIfxosxg5VVwy90j1TjnTcXTbkV/bepDgvWtFq27VhYS24If9JIYnw7lFklfwhDg7D/uOv8P5R+4BcjVo20QHSwGguNq6+XTzzC4OHxfY8q9eD1bVnMsDCOnQcjECG/A4m8JJMVDAladlgU8b/YSUR/2X8G4u1vTjY1SxNdAar0ZtBzNH2V8NA9IgkP2yb6L3iOF7nBfGX9L9cp98u8Ievtx70V0fVJDdkUG0dsVeyhECgd0A6DMA/jehNzIOslx0ybh2Tc/SQLDnS0OTEG76YyK1Fnnh2sLCfg+B1oxhcdEjY2CrEZ7GIpqmOrZ/kwpkqX+V4qV/9k3ooFcNyg65Lmkkoa1K8iIE1CnOY7TE5fMLKg0ZHr/5tUQyJ2W6W5aWCMUC6AryC63AAnTkf4mGKgxFmd+c48BwkuXBc+16RZtlcqI4t7Wt1QkYoyK4Z4BX4nNeuwp/lIk3jBFLX8gqZjqoP8ko3eVFJXkYIMuXbC+9KRsa+1J8dZMvEOAMDQjj9YaIM7dVVLD9njrzBE008kglmxYKr4pIbYthTr0UT/qy7f5YFTs2gwy7ku7lrZR29gLn4DhbmfJRkMbZxCyOIPqoGr4jWvz49IY7ivbRjxakLt+e3ocrqn5GFtWEMaiGvTmKjwBc+pU5oKcw80bkvnoHihd7dyIWHrpkpaUw8PmGI8OKEc2vfONSHkCYxYSTkhyeVpJQWYC/zzp6vA/7aY3/oxuvWJlkhVHSWuk3MPKdhsUsOI+jHUIMr8gAoTEWSKd3UTRYeF27p71EQuTjbMc07qJMtHLPqkGMX+6wTDMD9Q+GY0D9dOt3UR90H5y9ukcL1XqRL1Ku1od+txKLcENT+HNKaWUpIklHcDQ8XPNpffE/IGpGmWvxf4UzwRLpkFxMmL93JAq6kiQ0ZiUqkHZe58hXjDemjtPc3cM2Rfe5UXf23kHuvQUbFBdxb4oyYC+k/efOzTkS4s8hoiIQHamuTp/lBNplvFAQvAF2Bn61j0fqZrVn+EARUNGoVwq04XhMftXqdy7RDDhxfd2+Wd+RisjeY6Hz5Ad0wjcfX1Ty+ak2l3BswmLWnjvhL44yo6eOj3HxrxbFtKUqXqWyZ2kxNPZgspwyYvktiovN/z4N3/K85Z5ThlMgWnw7Ypee52RCHQPgISDjQrgy7HnO8KkVrUquMoTtS4g1i0URcbpcq5mTGSCdT/3fxnIKRYar7pu4u7IfmdKVi54L3q7APEz7HsEWXe0S0c0dUthBPrXjmWPNsyHk+dUSlSy6CDfwg3mgyIXB8x3t85uJ2rIsVEiF5jzXlKjGNk+Ce/A/vpDUSph/MW0kZteWTs0N1vmJHCAFYJtcaPfVpj+7Qlor4KBebRIsezGiY2WSxP6mq0K6JFArlrDBRqYdqw0Sg28ZtasN87MNhei3oLIWzV8NG5sp2vR9EZYzqbFTn9CWMP3c3QifXBOHbW9JCXy5QyCoR9Ut0SnzxaE8spzEvqDD2bdesw0MzSiJxd59jaOaGHXpwklgSwL09TKUXAnT4xQMpTZVfBtxcYjWACH1J8s/Q0MopgYoy2mUrt+pms4cSDCW5nfdK4mjYR+KzNOhmEXH+0/4McKix598Xr4uHnQ/iXYkC2+Ylc0ttDNiNRfYheEou2il4O2xbFaI7pfSWcNYAL2ifd8MrGI1rb3jz486bliqcbtXOdicx+bLoFdy4uODL05FkmLYskK3hN0Qj43e6xVsEe9wwSwnD2m+7OnFs4RmlL/zIbl3tiXUbJ2gVyqYYbXXBnSIfeCM3QttwGVutKjO/IyXmCskXCDcXb5Fj4FeErqKmK4L0pN8nsWvI8vsqXdNmBP+O5OxCsR02jIqmpA4Zxeq6REp9JyUWvTrJTYUK0ZujfrOk7EfvvLo1KMLFglNPhWRfnmejZ3fToYZ/Hysj99vkYymI4TlGdhe/0bciyC5KvVNpqENrKDenTn6wastyMpk54EJzWwAnJTv4Xj3mojsroZE6RPiMvAMW3qX7/E/5DYy/uXOwp4vKLGzT+14xFjwYK0osIoF+2m0RqVbleRCV6jWsaIKof90uRS6M+xNAnzlFe8XKL31O6EBd6E2Ssoc9BTrkjKi278NwHDx3H5jSJARXe0LY4vcJGmIzbRCvzJFPIS1dvzfEg1BK8m5D19OVgdh0IYklBHYwbByiv0mnOhZ41M7a2J5aLSZIYts4VGVLrWWk/FZkRQk9bCrUyxZT8d6y2KQ7tar/GMILlNW3S988YDa/3wmYUv1l8Nz0VPZkKymPRft1mVfY6ues0dROIW6YbLC44DK7WDUZXvMYY+NouXLom4TvhUO8jad+JvnJIBKWgY9erVUDaR1V9cWWoP5iamWcK9X9ZL4xXzRxAdi8AD7t9eCiZuaCglKnSn603SeHwYjx4uOV/coYqvMTXsQHcKtDitLwMTz/FLtXe2EGEh9dccLptHZ++giyhjggEH81H1tkk04x3JZzx6iLVSQI1rCwmAy0SLuXIBVtgw52B8Z9QxHTQkTbgX7D0Uijtq/ez6o1yRpENcYCVcGKLArB69st5oYI9xtPgzgtCgp1qJDF23Iwy5r3EWcgCPloy8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxbcb1722c-1d05-a5cb-11b7-604f6a3d8c33" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxbcb1722c-1d05-a5cb-11b7-604f6a3d8c33"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ea7ZreE6rg8rFXxx3zdXmE0/m28=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>NJ0KROV0LBU/no6q0Zo8Pm4oiUeNchYwduyFroQwITM4DRqHBcjxrLQocy4ePVOKY8tNydjaKBxCTvzGjvVHi/IvGiIb7PYNkJYwJTArbTEmLUzLCtH8to5XLOTZFajPByJe7t1VMHXOp9urFe3oDnXcTFhirCE5JcVRruF/yQo=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>cEUQt5DbJOm++qGxOcVaCGoNsBiPy5y9pmWjsvIp3B9vBfNS1QFCqUwknh/GMF1G+t//RbJlKfkfuCt4KPjn23aDIaJ/1Kj4flIm3VLELgh4nZMIU5LcJV1gwny162s/y4NJl3Jj6ofHVuMssjxuXkNd0Dg2oxGqkf5foFqmJb4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Kz0jcEEO48LYASxluJZdJmugKHUAzzMkyszjR9iP4rceLXnvOfpA8147ThOo6l3gjRFUPQgRoxdBgm2eKkZg9IT5P0sHure8OF9Rx683sDVMsYFCYmkOUAzJqn+f1CPcvSifMH7nhC45llgEzyWzLA3TKnvsS/avwIGDAaRqjuU0lRnhhOJ4eyNka4Ryi2++ltWTqo9ppMpSkXGL19JUKlJroEyiedNilKimWx1uScaJxjrfjeB5vMD7fKjjIWbm75XuMk3krV0Rcna1W4//AaGrPGRr4pPAPZdpCW/5N9zfV3gte6HeiqX3a+tNqKI7d6UxpOySJ/Me4rxuLk7he1tes2mZqbFBsCbhR5b6B0brgz+vQrZMpRhndogW+rzp19QfO2L6qSbfI6kZwKkD1jUqNJ0kJ0ZrnuBFB4z+IsnT7O3AkQ4Oqy4eUROW1AW2oDRMME25FenUbs+HCUH2NlgdzbQQks0BrK+eDxT8CWAqhpyUeFlc+JpxolVatzfgzroRqiA93CHTV8/LfBf6rfEnDks5Gxp+gRbumTvpyd4aP358Cae7glKIZL9BFPjTJaOsDnuvzxZP27HtaMKDYnh/avf0Un0C8IbXHukrBek45jFv/gbt07R/e8LfsXdyXqLns7EO9Su+h25txJKzYHp/Yy+iAJA0IAKeu6UeMCWHuazmllXXaOV/cU4qiX7GBrbW5v2Ie8ravwjiSOITmJUn+/ayOJ16zsXD+yCgemMeedoVoOy5lL40ZjKmE/4K3qX7cL8HJV7gUMmU3Tg94EjdNr99Rnz9LA6FV+s5T/HGWYHSJOgMBgd84+eBHeReQvZMjhFcs5Rzk2tMb001AmWGXCn7q755r0rxO0DZgtAVfaU75o3y5x8pvZnBZdxjYFUYQJRyhHzrClw8rcoDd6NnuBphlypuWZBwg+053dSPJwpQmvM0+LerOssHfXnaAjyAPGKiHvNFTkKRkRE9TNvQRRNqmUIxGuMTA0/W0BhMZ6cUOjG7Q7YuvszWO3qPNOAUZrvFsHGYAARy+5G3g0HIEd9Jwz9wtDQ6GzMK0nqLJfPBtJOZ15nfIpCle+epdLuXaJrzFAngKlGyCPMkW+02w3q1xqiCSF16DPYclcotb30ob82OX5iy3OibnpGVLbaT9hCR1ACAjSub3/AbQ+dEhB+UoWKO4+5x1254RCUsoHFRgZCR4x/kUo9RnQ5qul7HtcjYC2MQwIC5JwmPZF3i8ftOVPS5qe+gYnqdBYO+NPlMFB4r8NaVwBoF0MOZTkRaDmBgepUb1lKKKIiwMV/6EtYMKPaCWMItE5ONU9StRC7hj4H0wULWqubC5Qt/niTOMBtK8WOmnt06isWyHyFzjRAOQ450SKR1oWyAiwqBcPBY4nYFW2Cdsgf+xWxfC8LJkelwWtlK4p+YcePZO0KdrZgPVgjWW/gnOffXn1IN9w5s/HRnrEXwSeIwcfvruiDDSmAlTeljv3jhh2Dx9Vf/al6PZMg7U4Kpod9YypbYivMPwA0RWZP5BZaB1fvc7OjY8we3VrhyF96vFtVrt28DliNb1pKlQiYh0gS1my9HfpZfWl91qVkyhpGt3PcJ6yvYyPmbj9x5VW1ko7m2gSf3pipGcA/6y8CNHcWBeWZY9vSZEEDES5Kw/4wNbVPq9SUywE28v44esn7HECOuZ6UW6+lXj+VD2rRHlDvRL+d8PR5Y/kmAOtjBSSObsC5Mj0CMrkxmrcLXCpj6xNXSRQXeHPXD7hjR38t1Xk/++w3Z+NF2yTbRf+ogzdkIP9JxkZC7ul4XPoV8rKrRnZazc0eNsh0i1MtCjK7CXVmkPXH3fmqKeKivhq5iXP91W2+LvUJVIHnbSnLUe3gmS+eJQ7zQz2VFkLYwl/3yTGz8b/aywSvz9vLHHXlxijyyK1Rue6f7W1gVEcoQ6uYAI9Mgq/tPrLHgmAk3+Yh3OyZcuOagAG2/udfEx4BJ4qG4jD5PbOAXGrh3lL5DnKPVw17B0KzJSWvzv8ZsXigujmzAjL4duLYPc2LPOSYanpi5DLvXtD71iFUOAUfvW1bMR8c400MfghGg+ln0zjx8J8+1I3VLH77zbh7Ym7qjxh4ovoaGzIHRx8C8C3UzhsJOz0bdv2l0IyLnJDJ2FEu3Hwo+XnN2pg7bZwLSbMaefnHohGnLo1hhl9ONUe6chGFeqaX2MBgx6I7R0Lg+66EnNeXa7nE2l021BiYGpq7COBjkM3SkvZzvt7Ay1vWn/U3SvwvgIOfKgdIIB36hd01nt+kLl7f9ab6DLixI3A27jQztLcC1s0/h1oMNLNJw+xz4+knPUDbYjfncYU7kTMuelgrMwbbS3z55FITOJWpw/c/B7fBCRskHRjTWDC/8wETAVDfZF98rnyBXXf9q7ZNwXOGLOI0BPP9KSOHiLSp5fZWo3LD3ZP7A/a24cQFWMPsPIuXyp0A60zZmu6/LjLbDIErYkzXDRUSpYLvCKhPvdLs00QRis332r+woj8bpFHeJL5NCq5w7hBPXlYPOg2fGzjydOQDVAtqYO7pSxFoQweYF8U8Nd9OdK6CVpEEgHKaiUTlFpGrt+NimyHXuUGMplzdNvoZtX6AbriqDj31UkXARVqqpiw1JOdAdy97/Dk62Mc+JdmicLDdRQvUZw5aW3Cdj4SWk9dG7kfq5mhjlcxM0wxAUYKiKER6PJi9Xg85h4I6kCpnVr12vQHAQVF4oX1tMvE4NtdjKl8TLxYgyYm3PR53maNq+rdryw6MTmj4FxGIf1ijW1DJaQlPo3ZGC9yOdynU+sYaNRXZcNfUpwH8qY38c5tj35aE2KKl4Eqjd4Tnbw5oYMpc0lTxC34LEIEwBrb65EfZ4GrPhsmeIazq8TsaWgBhHg4Qk7VzvolyYTQoFg7zwivdK5mxW4cJ+WsRaKuEng0PVzw5WO+rxYNtV+93XnQ58imXSP3neaqVwmy1N4Qiy5t+gy0XmsHVZ3NcTaYEa6aKf66e3T0f47oSs6m0CeiYxCtjOX0MzgwT5odxAx36Dpj670EnTiY60EJ/lKVthegPp7uRR8aKn44v5xBFnwHGLLzitBPsn9un8R5vgSA0kLSSv05S8MRZoUFbXZR5SObLvHmfeEs9cTKcgw6BjKF4Foi8YoH3O7/6TKqxn/HPIRLOUPWqDeYeR5IMGLUsmZ1noEVmOItNGd0hkAZYNBTgH+F3P49IMZWu5cjhqE/7sU7EKhuUcMjEvX763aOvHPp1sx/hS4tcFNoaggZium15/9hLid3lS8RRFgHibrn1PhdCac/GgHxdRX4m6H1AyjKxdhERa8pI/19E+6xv6CSz1Y0VUfZWybCA0AWk1MyDbEbDHRWdsaWvAOGjpwlIX0qn2tfRGb/EpIgXFO9i+0txdX3xs99NrcHTUP9ImfrILXpE+C0nH8mGzv8c5FL9da1BC4Bcz8G4fJ6QuWdQl8y0GB/dgX3LXl6rGTz/z0ywZjPuri0qDnW8wKohgdPWgB2tpTjuZKDbqijgQGMpvR+nfVam36zGRNxCgaAoTDLlJ5bKY94p4/TYNLG3GXD2LRBnw7bZTlI2P8mC5u0RAFCIA8ZSCDx/tGN2JHJBM/69v2CYJFjkLLhg1OjnfZgdeelWIUlhdLD79JZvOxgAfgrWGH7scxGeiFLgUZCr6/8Eg7ak/q1CWYNz+juqcspCTkvbiQPH6qLnZeFfplW+buqy9j6hYCRK6eGO057QlTKC/XWjqmXnAg3c4Ow5H9ErICA8Tb6b/vBXYA9eX+leEk3OJ86hOUhD2fuGQY/beJyaCvC4RP9tDbw/ZO6k+PQW3nOzWFBuyDEr/oLIg9Q/QImxBv16VCTMPB6B+IdLXDfvKQQnjbYpdBNwV0/D5dKuM+hX/5UfLojLgEJwgmj6rdE3ZUi8tphc69//hIEcKQrQRCHkXhhPpL0FIpoPUvQm0gpdw97RpSBbADkLpLfAOEyAz9gwkTn2Y2hKdt0vgjzKp8xAjuM4tuWzlohdsjqYk3//nxocFwdpes9TzARga7BsKcPccGUMUVRMVOn0xi93XVyC8j0zIinvf3tZREpoRRjlzEhDinVnqpSfKVtdp1fqXJFZCLfi5l1fv1JZE6I4dxHyJs6hU2d+59v2KHnyU165CYXVhbhkM8Zh5/ncIhne/SB9l56RL4wi6y2ahEr1GVO9Z7YqA07ByEpw5XDhpqynkOSWimn9cTZwbn1zCZFUYgyzxt7ai2c7C/WbOsjIfy9OvKdM3yL3jlSCCXvTcXTDSPxE63XKO9aAJnBaO2VcMKTnzBEfnpYToLqB0QUwsnLCAMdx1+ShTJkWFKqh/VoWe3CHt4qlmx6s3/d4LtXp65mnm5VpQVpV6PeI095OYoQeQcCYgfjxPaXAtlHtrgeS72O4dPiN0YxIqwkYVijkKShR/6vaSDajbZHCvaz4HQkrkLhi1TVMukqE2YByVvBvlv5xnNRfdI1tAlMsexL2yhriP3aB9d7yivtMOlyFCltq5m6mMEdpieOlhy4zzrCQe2b0dGiWrNoTfeRvAgvr7S/qBFYcsvPWp5B+zRpEQngAD/6bzJRqS3+ziFdbfriV30UnYJbY+kohzwQolqZzv/pQV9eK6PEaM/0/M+NeqSgrGjLtJbPWi5oCkhcnCibHJiceQiGcZjT8k+p6LdsogWR2zH4JkhGp1H1jYW1ho6oZaNZn0Hdm0o/Wxat4hNk+W9TRcQgO5Dhj4eaCYFw19lp+5vZUsibOcvK+cRN/Nvn9FZAeVr8deSXnE3N3kfXbQWEzxLKLfhb3eytPN19TwnUTa9ehWZ65IN86jBbbn6dq6viCQ7Zv8RBcfoRDLrde8uKvQ8pd9tMVn2oHpd70u+CrLvUfFA+N13NwhtD/A3+dCYgajebvf8lj29Kl60+lVsolYzJLsk4fipK5nADS9KtqyrQhgvDHv/LGoVlSNxTK/DPdSIvOblBy91UEP4uifCOS1icmkQSHaRft5oy5k4FT9OKSUooFAr8DWjiruBoNYQtGICDs93z9osFiiExLZRuB/14hxGD028sw+AzNmBGHhPsSeRoFl6mCcmsLaZzhMcFuT2vFM4y02BwCg1wRw/QSM9EMp9J3wZsLFqwVT6WVbup1gSGSfEwdZ4RXuNiLs1Rq/UoOadpmNemeXvcHDuBP2Op1V06f8jF6BQdBYDAo0dvkT+70GeXb1L2ejeR+87dvdLKOip/p1Z04fuPzP2V09seQuYXpsJvLxQgajqF8qH6HsovGXXa4hqQe59Ql+C8hHFv0Tg4BnOhJ2Zpq29HQUuWRQhzwh1WmFHq+E/F4zlNMujm+bSqrC7eobZD9b/OFVZPlnDbed5MZpoxAI0VLPcK2zkpePM+iebNEmYjx5Yanv3MTrfDMqmKK6DsLm38sV5I4/YqJDB0iytOdCcwAtA7m6ue6cuG+f80yNmEkZYi22iI94JBUIK42WnIILyM8GeSFivREUqFo=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>