Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx3f555493-8e3e-8b88-883a-70cebaff72db" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx3f555493-8e3e-8b88-883a-70cebaff72db"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>mIMYGrEY9oFJJMn3SNfRkidwc7Q=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Ct+QOybb08pau0uCkz3o/GZoQOcNCue8hxsO9HrRWMrUdbwdsFO7yW7/LAi1xT9ZVR4T67dHVlX4VQgb/mxxuYeqdSA7CTeQ6REGZDPd42biiOhLKFuyW0pV0L2FjW7a0nh1Bb2tsoZPV19W/zlHViLhCkDtZpoZnxe3hJYb2y0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx7bc9ecd8-6a7d-f99c-e3c3-650571f7929d" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx7bc9ecd8-6a7d-f99c-e3c3-650571f7929d"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>c9hc+FTmp54u6mA9QzYibsysHsU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>bhsyY4b3wZLUthfH3wH58V4QJbXMDmp0tAw8rtg9u3MBCIYTwVZpKY49NN+puke5HUTanRGAhvRON9hhQ1oneG9OFyPXw1oM6B+Ax+OfknLXi5J5YaBE5qcnqF4k5vTWXfRH2LxJHiGItHL7qAeXFAwgtAsohhxcGwdo9q44Fgs=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx01e69cb9-50de-a85c-9c93-f5f307aadd98" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx01e69cb9-50de-a85c-9c93-f5f307aadd98"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>OHQtrQh/lEE8peik+/oewUodi3g=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>YGx6O+y4VE9Ik5LNkE5j8Re+KSp9pUwfuooe8S9Zmkwk9FzHBucVg5mVeQh1AMHhA4HnJ0dRD45W3ER59oXoPepf+uBaZAAnlymQGNkLCg7vHvF2ItrAQdPfpvyZSxmhAyF+GfgxlgqgW2zEIICvYySvJCm1v13jNlPGT2he398=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxe782ae4d-9939-d0e7-f19c-64d51700eda5" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxe782ae4d-9939-d0e7-f19c-64d51700eda5"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>P2zLIP4K/vewlfcNOv/G15HxWWM=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>cWlnH8jZzNIna0sdtBIB3q69/AJLSqMD0uu59J8hdpfoMFROcrK4YfXyNxh/7S70puALNmFjQKaR9hMrbTQt0TS2ey8DogwSjUwa2SG/vNvhj/lts3De6wDe56xp0Ogs95aq6RHD2UDpsf/fVgsm6RiLyzRqEZTxenGAvmx0X9U=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>s8a6/jZ/YoJdHqTaglx8aF4g84vmvkFBQw8wnrEgnwwHKkC2kW4bCIOGVzHO9iXaEQhc1R3NNUWqcyGeogGRs8X4HF8bTzw92/qooNxYCrlxGoaJgDha/z8xoDOgga+XmW6bFLdOKb5TVPME4ZPNmFk70dbKWGOD08JAUaibsXc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Ph0VLHYDZprQrE3RjjyYPM0aD1OJUDxN6FcTZo7CXdWthweaV7wV3PUI0OgwpSZQMwROv+rVLdgIGfjgKi86LVxMJnBB/emeDh1CwlxfHxezE2z1BxiohWP8idXKBU0WYsvPShYrPhHdmakqKjbQh5Ur/9im7yltuKn4DAsv0Np9vMXEAFj5aH+8wpuIQIK51dhM8TLcUZOKDnAcB0fEHh/QFudFqgjkjKivay5QfpGW52mDhsr70pi0cxxyJZegsriEUMWKDAJf1a+e7NXmuq/+rmS/at3u7yiow4AshA/n0UlWoAvh4Dt8k0I2HNLiffyPj3ch20av/EusSquH3grXuQ30mqvT80ePANvBurkCROheRpDDaJsXUTLf4Z27etX5Dhg1M2fhyfhp0Vdg6SfxepZk3X5AMw03JV73LMwub9h3rCvAwJ9zKErA+RTa7CFK9KeDXSjarfd9I7Si/yXrjCWNjmd3UqseCksL2I9hXw6555yF4l+Cxqti1aecOb3FcCqURULng2uOF+E4KlRPj+aDu+FP5FGroAtT7qGm1ETJdXRLpNfPpgxNIX7mB0RydzUGLrNN2aJma8FBkC8fX8xt4uWPj6Ont5+2dQohBQB4Ul5xXjb+XHEksCUYVoorPxSez94R+W/3eNTeL1xBBIGv/D40a2ISWPSGkDekIsKE/G/4QiiMo2epxM9y+es0B5cZzCBF+3xRiwIcLwwup7wrC/kve4mYUfeKKaipbQ1AXsngDAtE2JHyZyBBviLB9z2Gkp70n2vZhgjZImizHEWvVxcwfd/air1gnFvv6bU6nNNGVX2fHEqBmoA/9WGS1BugI92ktajjqj8LjWbVpbxZ3dEsgkMA5wNVEzBnNyNPeNEtRL0o4pRqG1KyYJUs66R6HixB3AlZyhYv6oF2gpo2Shj4lgyNdGurOp+hHIVuKhR3Z9KRHyn2oDJV94WUpcWmpj8BJliangWUyFnyGs9BsAQLRhRFZ7zE2L2mD+WsmbEvyukmH6WKURwo069Ep10t7HCU5aRUbmLxbgBhslkIF9cdi9EtsrA40moAtauwtI7VFlvI2c/1OeqoC26vE45SSj6X2FP2w71FMbAyPP7mIqLG1A5LivrIVrDkvza+u0iVwg3kzUqM5ng/FqQXJQidIub/H0RyCinOpR+IOzli7IhHcklQP+1tSTunqunrO380f6G6d9MY6A2n66/KCNdmRFGTk6t2PzQHjmbMuHu2byShgJ06qITZTIYklexeEgS2+TRiZq/zodLROSvY2/gU2y79TzRuADSQlQb0VP+mWNX714oceM5GKwE4/y2kV24LoFn+30Y7oo5b2EAeYfB5t+blnrs2qGDurz8lifJwl5qdvE6THT1tUGArpDJpBiQbeMVVQigiGOh8FLqon8ectEywwVI63XNJ/TKXSG0n8NbnAg5/MoCnQ3pvbekEI8WlTkmRs5WyAhaGV7b9Uv3SiWILQObnewFPFrUtpIKzQZAPUmD+376QhQ5Uj2OqzO0o57oR9kngZ9timfL8k+phTwoAFldoFeHOaSXvEcXLp36HG6RyIoilPYFPmOTrv2v8+AYM6FFVN/N5kdujmHWLRW2abVdupCIhJDYWfy93Ajt8IcZabzpuv/mCCsTgyx8B+yuLgj8EMXR0/bdjzZpQdMpJvqsi5EYsQagcTBQArJDj5dAQ0nSE6Mdvzzu6I4YN635wSfQNr8Z9Vqqmgv6TIDBboAjSdjGM7PCqJmThpvrLCKvdt9ZmGCOfiqsbD0BaFU/vFJ7TxnDLQ2CSSJYj2cK6fJlhhopVvsWKYGN8LOGldlZ6R6gRXOl7tMJ890rvbbdLpGBEq6HuZZJt63QrzSLvDLO5Wtjxj6KF0l8H7WKdPm4ej8Jukf0MblLyBPUZ1r2B4W6glq4kJnH6NzCO4o7LoIOse+g6SdiJY/ZQMHYVwVuz91/KmGUPEnS3xmmrVU/TGHWDg4kitXZo4bDMpA346pCCi5i1mczScLx3SLmBCwiUN44gOPukw0JOMmgLvGNvGEHErMyK5FbhlCbafPu8tlvlMC0/OqnA5l8B2VbnFEsyd+bAsmzQ129DV2TUHxbMc/9H3dbohnOop3AwtHIaOKz0xbmAj6Kkb3MSAfUSN1I14RvS+je3byLxCToGlBjcXe+KmsY0jpXYXqaAYJYY06qYK9iH/atr0RmuX8P1FBoKWqwM6j6mf33gpBZIQN8OJeJgKar/mPsumPAy/GZrcmvdyA+r3IVik9tBniWE9Puaw0JfLe2D80h0cLLOh+vIpbq1Wv/Ipihc1qYs0bfBfL7KOjt5NDHSjiM8YRgCYDYlOzQGrs6XU/2KMoka9dHS0sTqJo8Igi5MQNu6twW2xB4gSZ0xJp5QxH2HcJLxGsjvOhdB0AUmkR4ZPztZLC6qw981MgIW/Xdoa3W9x8zFe+9tCUc6zLXWVRyscPI8ZlFJWrp8vqj7B/lTy0Q0CiN2HtednOeDZHkhkjDVkSeUDqXnpnsnzx3ivIHWX1teN5RRdpPwZ1DLQtmeDFTHjRnja4IF2vKG4yH8udxY92IigPwItBdAYMFsc7Y1V110msocEQpAsdxfg0KA/FWbJNGa0CqpPVjQOY/m++uzSsNBtYzhodwF0PUD1OCw7604Y0b0lbSwg64vm2JTGcq9MQxnocLRxEDXjI9KdbhMIEle6/xIrimw5GLmjFZXQxBql9KInX8Pii4MWN5fb3IBwfqS2VlnSgmfvzd2UqXTVean1ha/v5GweA/eK+tkhuMjUsqkZ8gLuyOsnDwTPRWEu3G6JPprKDxPPGVkxUNhkRbUKeleyI55PLMzuMo8ieZaLU617AG3RIUdqT+7dyUahqMB9OuKExu42lhL7iuSVPrGmVakbME87zC+NmDECPTgOJQIlNG8ScI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>kZcvHknm6upE+s4ebt0/tDyARL4wBgdjie+UKFs+ynOrF9DO0c9NYxf6UJKLjuFdPzo4xRW0jCClKm3DvsSHJ5NOGRx5b6xwYXdZVPcbkiM4wD+ea4HixjG9C1aD4IKcxVj5FaiBl/tuggLVdejd6s2lBE/gYSyekP2aD1sNBZg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>LAZY7zEZPEwUoZ1nDkGo9t2OqR5jfhuHp3rvAyLsS1TyxIr4jeeP0rh6UQF3vmvVbAmb3aB9Z/pCgZyN8jr+InfHEXmndlxh6rQy4dca0p9dx5chLFtQxvVKuC7tBcBzEweX+tYejnjW66PZiehCFK349M1380YbexKfCiCiFCTKuom4W7NQJJPSmgjoDpv7ImLgbAxZa6cNnmsBeGSVqtnaCwiKlaunC2CVsFwSKGqKfEcHe5W+Mec2C1LT4Elbb/ujMEYQRVY55+/sZT3Im+J170HzxYgNHwta7TzzllDjndjmK0+mgtNbG9FEQdo0OSMciP2fIDUo9HuJS+7dz7eSzshEbzu/BdozWhNPgkTsR9IDn1KFOUZ9sHxqUBqWyoWzsc9/Pw0URO6wbQG4cde/q+it7/TaMPF4pFqpMEiJozUAb3aCCvVvdHc7NCR1g3jn2oXmDelzTHCvmms4PXyayuhTis5sgPIAk7wswzkLp/tedVdYysvRPya/ajjqJAWH8e2O5K84/umhZMudy+0N6DkCl11cSrKP67ObCTZPRokMu/xGY3wc1d5WoiuanG/kTpbYv4jABMvTknq+M04I7O57r3VuUizkxxBWF0qQe0E7B8PcHMQjcta95Sg7UmSHGguMshQjYXF5Kj8ZmgpjrkSFDQIAMF286XkkYAqkpzehyuI6qA5QFs1+d++nrtOlyQs/3t05Xu+4zDK+ehINIy8Y5nKaC7T9YkZYu/F5nUF67I6ACzDbxe+/DXOK0WAKrMXB1b6l3Ho+kxZJ2KWeO6kcRMyLNfr5v/CB/CSkXMreQhqSdlabloGxhA0rhVgkt0EFUYTNs45eXzKs9f6VgpbRc8yaoJaRf2NM/z63xYo6x7i3V0TADGyo61P7okthABll9MttEFargKHD6Hd+ZDWz0NDFCbbD/F413jCNv3q5oO0wAXgh5oF7mxTHqox8SdaCGe6oHOncSZnbYsJXn3Pm7rFgZqXKqc7DusZyNeoG2N8aSmIWR6lWgR7WJZyudkFtIXq6rsIxubosoJznCQxk97ubL2iRNq39kxGqmUIbtzru1itlQJC4qYKSYMUkYEdtw5k5we+PM6zFeGXVJVqui2sQEha6A+3BqjzHpJcLQRlYkXV2myMbTpQnIYaJkUb56oN3EoOE4Wh/iKWM1PPcrUGp/ZZy1N9iagQ29HxyJ2OyYxrmeZX60JsVcV+SSmMMTfnDkgTP+jSvTQ5OwJFDdwHZZs+wM+5kYrkQJGURA1lzVHQS2aw+ZcpKiRFexrr8E+jTr44kZHcuPqV/V0Xde+XqL2eBnO9tgV6MlGJO9agCDftAr4pH4Xb9C1pWeGMcKGd4XHPCNgqK/2+r3IkYePaP0Ppwld6pzHham287liqMYrmsOg/vGmVCJK9M/n0k2z2pf04I5t6Oj0nynzjemzrifxe/iQvM8QWGypkC1YJqHOCEpQ7OMQgy+EVzQjEJ3C0pk0MysHDxGXXSYUJMG68jBqFl57NTVuN37VMUFqk7B13pIRl5JVAmVQMb8naRfYkzblFwd0Iq+pZi5R97obASVjqunKoHK7vsyDzGc+u8Hd14+39xiQQjZcmNaAa6XeYN4yx83NS1MVaqYpcFA2JxgR9jBvZEDmaCZ0buLu7s3WnQcaK5/54KNd0e3WTMj8/73TB7jLP9KpYFOqosEb5vZ3yP6PaQhY238fYzxqlFcTSUeYIKKvAJApftN4xEksDyomLWmgM2QEgagZZ72ffVI+WYB+ctPKx5881ujWDa6w9zQhR/fbEreYHw9WelquRlw+U/0qccy43h93OMjOuiYUfAG1/8cSQn+jY5fQuAcW+2dTPtV5b4zdfkgOy0+8nn2IJigrO/dSNZIX8QPphkVzhBx/p6op6hUJIWNs1VZXlAfba1it74dj3goWX3kJO+Hr2JT3n+DRrGp+f10tTwenlrRMMYnHAFeR5FapgHcWIT4zDUHQyJ3sWg9aSkwcYCyUCFY2D409kA5e6Qs6anzFRdsul+51jwil5GYeuz6vevHqTWN/WEyf5qlfBUk5OsZdKa1CJkKLIbSbnu0dDECSeUZ8r+BZT2obP+goP8QaPuRiN981Mzgb5Pt6mTP17peShBj8NkVwl1b1IdC9L9U/vuzGuyw9crwJiG0p/zf63qaTqf7E80cNVH8QPT/rH6eGNdCypJbSS7KNbqdqOFte72rOemL9Qft1QLq7xZZiU4cg2PI5F9DnDXAvMoZGXl4SMTz/rhpdT/eeM6RqLDNqR11rxGXCdhkDAYA8xKp5xEvSY9SiqOK42/nqSFuvORBVApfvtkKGOLa03t7+fnLOranQq9t/zOMtTK5wxWkz4whTh39qUQfLkwEGVgQSEh8/eYCRzi7E5qQfkrsWNstMJ/u+fvDKi9ZqagyvJKakXSbXw4yqNQZeH191vdBT8YrbhCy5hTfKc9ircNhasrp68yA6+CfIjU3GEJWCUeQjYFE8glg7EngDWlKMcYbDtDurMxNGcRDNBegdwJDXkoCIEqzx5Kw1rpU9uEIr7L22Q4Auv366av+ogRDOHzb9lH07BK7a/231g9708d+FDuWQBI2BbyQZ0YdEEXPHfRxFH619jIgStU9Szke02ZC9FU3B/Qbdr6FNCV6G8RN6p1IipTJ3F0UTdTjr+Yco9oFUsAuXTIk3DbbnBcpy3qt6UqhA54is8CEzz4APrF9Z6AufSObOdVm8GE/JMRANf/z19R15I0XM60bK8AWPL5DPo9vmR7kIrjlrqyiDdKOI26Fx8PyocNLve2vdXfnIgdN1ICSELZB8RtUg1yCoHZj9kMpWlO0kn6Fz+HckM/enXjauPTNrMuEA5uNmud4/W8ZTDjhp3CVq2nGMGhu+dX8Rwa0rbS3tSjcZXYBHmyArYyVr1VPltOQE1KliTTIfUPMftAyZYoGjfaO3qhSCx5zEE+48hGwoUbEnFon9l3wtSgOib2YTBfFKhERRgiN5oEvuEYH905hTwJYZce3psXw9e0OUuAhEAyR51y5QQtwRiBn6rmiCm3tjB7ABXdLJwi1B+RMKRG2KC+R6fYnJ6WdCBa6Ullzc7nL9UG9Aj5qi7a2BWJILuwucjE8JYUdU+Lh4YkeQ5wAeLmf0c5HNTTw0gn9YCXzLt96AG+n/uFAEO99Ybw0YohMXMV/kEA2uHjM0P07e3LBtBcwNuFe9qwSsWth1LTHAS767xCj8Zy3AEexs1jzI6/HNoOWAHKxQUfhFZ0J0Virgq+PEmDCslYAow2V1TJ9ag8y0+COstdIUWMALb88S6NyfzWeyg1ea6LYhIrVHfnerz9U7cW7vewSJIWTuu8Pi3E+9ksMwvawD5QjORwBQCwrd00J1rxavlOR/AeaFy7Eu0A9IplQXcn0e2GpVno1Rl+HZdZ/PA2Jyiq2sEH5nTFDvZm0OmDfh2RxRkCOXy4DZ9cnI6+oGMRwjj7v7sFFEDqeXLXGnEpaMbyGtOs1XxBiiSb9kamyijrch5XZpgQdSYQpLJbE8+j6n6lUJvRFrs17yy3fva6M/bpNGjEXfR0JryacXWjT7Uf16/l5+8jub6xUp+icnYMTCSp9hwgJtUvnTlMtXX1l1XqJHNZN1+k/7aa6lHNnLtyh7HaVu9EiRrfTGU466hqTsM1zxTYAcPoQLi2V5atd54EcZGuaIPitSrj724LdwCcsZY3jxHDWISLiQikZyOpgjbTJv05tgBMwKC5kJGXzg60aSMG6jfJvJeYLvlYbDR97XnyUxVhWnsCfh2H8bnHEWIt/3uso8HTWb6qp99JQbpxq0bm3Drv1MIGsMIirUuSVVkscjXmqu6Es6yqhaefhVCENeeQkwtCzq96d6AQ0HpoeUgmSoGs1VYGyKf8+59yOWupPgWc2QrzY50FmMY3ZkseOkVDaXILrYZ3OarLckVixTzYIpsGbLMgGzmnyvbQGdkeGBXG5EwJVaSfNUcVpuiUmPp8ZAB81gTxN49zalPFLWYE98kK+u9sscvY3+eTX1uDRER+cro0a3iCn9+iVhmpSTfHMqJhVholaBFPfeOyq0AcDyVDvIy/GxMx34gM4zfT6i9FL2YR2EBN51L/CXxpIGcM4ZJ5/lvBRItsJbdtE3959S/3wgXPnsmjRzYc5+QOPcGfDYlGihNYpSe9LutQfoSf1AP6+nnx2RaPh8Hx7oC1Tu9R5EXxOyvtottXyy/6AEQBZ44vUxJS8LmzhYXhjuTLP+MOfjiXrD2GDRR3hA/xwySIc68mVQ2XocqgsVKfUkrmALPIBrJy7C2fgRXsNhxR4aRBH4CKmqBSjP9A+x1Tpo/u/oZ/RMx0plmDbkkr56jDYENmFilsH3TKfeiW0QLaTor6bQ4ajFd9wsLbMzptg2C14ONqehqVEYV1bmw8pqWUpeRlfqgQBW5ZcGs7UUWUM9zEsBD+Lrpz0rwarXN8nAo+Cz6QZcOVnhNcCkWzufjSLeXONATFNgHMNV1c7gaiJzjEOWjoDCXPLKMDJYnjvu1WYIbraIwxRiwPYCJXz2K5aylbAD7gDLzpfIQyXuwj03tNEYIN1hPC8mJdd87q4LhAIUTSefc5bIfoUO91UXQgmrHkCVufH0HNZbv/98kb1lH6CQ8iKR70iYi9Lnot+cGlgZRs84vkbdEdw0aOl2VyRoS1VCuuxTpNZ4A2p4Q3GjN8Rh21X1uJnwBIa3Qx3/C1pCf6DyzqIeFtZIjkfKv3mjYeSu3Szlsw+jpA1bE5a5f/WiXjm2Y58jeuyOn8jGWL6mNy5Uelypw50bMdONgSsYkgnPO3C1mVCS4XrBH4WbIS9TjYUup9tszayUJDIACJ0fcNSvcIas/beHeqMeRipVih8kEoOxbD+ng/Dq+tNBmKoDxfJ6NQ+Jtrx6j93gSgozQOrXvvo8JufzH2JFSR4o4uZaBzK69qByTdfcpAHnohF4QuWezF/2ghtHB7b4mal/EgeqgSm+Y7a7YNhjwet8eyrvwiGWnoWuKT3irFap7gqZb0xBE1JDT9SUNon9kH6W6N4fnJmR3ESRn0VyJa5SE2aC5EmT/tAEpd8NPfnImbdLBAQ4KZKsj8wHDk1KHkvDs118AsL0Tq00IowhnlNsrT1+0fMHLs7zYBA6b8+rn+To1D36sVCjYquDSXNvEf/315CjvcjtcQZsbiMEHHU0CUk83rojAPcYIP5/fjsSm+k5KebdH8CU5KaHNMLL0qxgk6bWYkEnQzHhLxEs9wqA6rUMM8POZx3CWdqQeKXXCGnisTHOCX8iUUnA5+HH8R3Sm44Z16/p8Dat2L+n+IybL0TnTOqYf65Gwx1Shy9UFrGGD/PVY45JJ65sO3uCKmI1hrSyPMmB+6IF34INd/50zcoPUHFUtZ65qzFzGUpV62PRPV+N3WTIE+C+QLJyAKmbzqYoDeK1VjLeLrWFt98CA/Cfq0SCTvF80yOgV6fNYU6KwqwUYUWDxrwVOgVj9/SOk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx34dbd048-9339-4872-4442-23737e6c1fcd" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx34dbd048-9339-4872-4442-23737e6c1fcd"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>JHkLgzEJ4OoZHg0N0m0hjX3Umwc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>iqTVW1maE3O71Dxs87LO/qWAGs5xyuEWw44rRXiIZ9u3Elw/F5jCGdH0W8PuRqu48DFFI6GWOTh2WLxJAAZj8504R7xOaP93QeRXyzYY8UCN9kNJH0blac+0t8luGkg0fbVDg1VtZmAM3hEa4GXKJ3iFmnT+VClK03Ynif+lzp8=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>s8a6/jZ/YoJdHqTaglx8aF4g84vmvkFBQw8wnrEgnwwHKkC2kW4bCIOGVzHO9iXaEQhc1R3NNUWqcyGeogGRs8X4HF8bTzw92/qooNxYCrlxGoaJgDha/z8xoDOgga+XmW6bFLdOKb5TVPME4ZPNmFk70dbKWGOD08JAUaibsXc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Ph0VLHYDZprQrE3RjjyYPM0aD1OJUDxN6FcTZo7CXdWthweaV7wV3PUI0OgwpSZQMwROv+rVLdgIGfjgKi86LVxMJnBB/emeDh1CwlxfHxezE2z1BxiohWP8idXKBU0WYsvPShYrPhHdmakqKjbQh5Ur/9im7yltuKn4DAsv0Np9vMXEAFj5aH+8wpuIQIK51dhM8TLcUZOKDnAcB0fEHh/QFudFqgjkjKivay5QfpGW52mDhsr70pi0cxxyJZegsriEUMWKDAJf1a+e7NXmuq/+rmS/at3u7yiow4AshA/n0UlWoAvh4Dt8k0I2HNLiffyPj3ch20av/EusSquH3grXuQ30mqvT80ePANvBurkCROheRpDDaJsXUTLf4Z27etX5Dhg1M2fhyfhp0Vdg6SfxepZk3X5AMw03JV73LMwub9h3rCvAwJ9zKErA+RTa7CFK9KeDXSjarfd9I7Si/yXrjCWNjmd3UqseCksL2I9hXw6555yF4l+Cxqti1aecOb3FcCqURULng2uOF+E4KlRPj+aDu+FP5FGroAtT7qGm1ETJdXRLpNfPpgxNIX7mB0RydzUGLrNN2aJma8FBkC8fX8xt4uWPj6Ont5+2dQohBQB4Ul5xXjb+XHEksCUYVoorPxSez94R+W/3eNTeL1xBBIGv/D40a2ISWPSGkDekIsKE/G/4QiiMo2epxM9y+es0B5cZzCBF+3xRiwIcLwwup7wrC/kve4mYUfeKKaipbQ1AXsngDAtE2JHyZyBBviLB9z2Gkp70n2vZhgjZImizHEWvVxcwfd/air1gnFvv6bU6nNNGVX2fHEqBmoA/9WGS1BugI92ktajjqj8LjWbVpbxZ3dEsgkMA5wNVEzBnNyNPeNEtRL0o4pRqG1KyYJUs66R6HixB3AlZyhYv6oF2gpo2Shj4lgyNdGurOp+hHIVuKhR3Z9KRHyn2oDJV94WUpcWmpj8BJliangWUyFnyGs9BsAQLRhRFZ7zE2L2mD+WsmbEvyukmH6WKURwo069Ep10t7HCU5aRUbmLxbgBhslkIF9cdi9EtsrA40moAtauwtI7VFlvI2c/1OeqoC26vE45SSj6X2FP2w71FMbAyPP7mIqLG1A5LivrIVrDkvza+u0iVwg3kzUqM5ng/FqQXJQidIub/H0RyCinOpR+IOzli7IhHcklQP+1tSTunqunrO380f6G6d9MY6A2n66/KCNdmRFGTk6t2PzQHjmbMuHu2byShgJ06qITZTIYklexeEgS2+TRiZq/zodLROSvY2/gU2y79TzRuADSQlQb0VP+mWNX714oceM5GKwE4/y2kV24LoFn+30Y7oo5b2EAeYfB5t+blnrs2qGDurz8lifJwl5qdvE6THT1tUGArpDJpBiQbeMVVQigiGOh8FLqon8ectEywwVI63XNJ/TKXSG0n8NbnAg5/MoCnQ3pvbekEI8WlTkmRs5WyAhaGV7b9Uv3SiWILQObnewFPFrUtpIKzQZAPUmD+376QhQ5Uj2OqzO0o57oR9kngZ9timfL8k+phTwoAFldoFeHOaSXvEcXLp36HG6RyIoilPYFPmOTrv2v8+AYM6FFVN/N5kdujmHWLRW2abVdupCIhJDYWfy93Ajt8IcZabzpuv/mCCsTgyx8B+yuLgj8EMXR0/bdjzZpQdMpJvqsi5EYsQagcTBQArJDj5dAQ0nSE6Mdvzzu6I4YN635wSfQNr8Z9Vqqmgv6TIDBboAjSdjGM7PCqJmThpvrLCKvdt9ZmGCOfiqsbD0BaFU/vFJ7TxnDLQ2CSSJYj2cK6fJlhhopVvsWKYGN8LOGldlZ6R6gRXOl7tMJ890rvbbdLpGBEq6HuZZJt63QrzSLvDLO5Wtjxj6KF0l8H7WKdPm4ej8Jukf0MblLyBPUZ1r2B4W6glq4kJnH6NzCO4o7LoIOse+g6SdiJY/ZQMHYVwVuz91/KmGUPEnS3xmmrVU/TGHWDg4kitXZo4bDMpA346pCCi5i1mczScLx3SLmBCwiUN44gOPukw0JOMmgLvGNvGEHErMyK5FbhlCbafPu8tlvlMC0/OqnA5l8B2VbnFEsyd+bAsmzQ129DV2TUHxbMc/9H3dbohnOop3AwtHIaOKz0xbmAj6Kkb3MSAfUSN1I14RvS+je3byLxCToGlBjcXe+KmsY0jpXYXqaAYJYY06qYK9iH/atr0RmuX8P1FBoKWqwM6j6mf33gpBZIQN8OJeJgKar/mPsumPAy/GZrcmvdyA+r3IVik9tBniWE9Puaw0JfLe2D80h0cLLOh+vIpbq1Wv/Ipihc1qYs0bfBfL7KOjt5NDHSjiM8YRgCYDYlOzQGrs6XU/2KMoka9dHS0sTqJo8Igi5MQNu6twW2xB4gSZ0xJp5QxH2HcJLxGsjvOhdB0AUmkR4ZPztZLC6qw981MgIW/Xdoa3W9x8zFe+9tCUc6zLXWVRyscPI8ZlFJWrp8vqj7B/lTy0Q0CiN2HtednOeDZHkhkjDVkSeUDqXnpnsnzx3ivIHWX1teN5RRdpPwZ1DLQtmeDFTHjRnja4IF2vKG4yH8udxY92IigPwItBdAYMFsc7Y1V110msocEQpAsdxfg0KA/FWbJNGa0CqpPVjQOY/m++uzSsNBtYzhodwF0PUD1OCw7604Y0b0lbSwg64vm2JTGcq9MQxnocLRxEDXjI9KdbhMIEle6/xIrimw5GLmjFZXQxBql9KInX8Pii4MWN5fb3IBwfqS2VlnSgmfvzd2UqXTVean1ha/v5GweA/eK+tkhuMjUsqkZ8gLuyOsnDwTPRWEu3G6JPprKDxPPGVkxUNhkRbUKeleyI55PLMzuMo8ieZaLU617AG3RIUdqT+7dyUahqMB9OuKExu42lhL7iuSVPrGmVakbME87zC+NmDECPTgOJQIlNG8ScI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1d8e684d-87c5-5391-5403-969059700f0d" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1d8e684d-87c5-5391-5403-969059700f0d"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>99OUI/0MNpBvLxiqGRBMEKZ+tzw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>BzoE2Vc6rwjQaPzVBM+bUfftv1LwkUqFuT24O2gZH29q8o1dpIn54PZfnL9n9uwYyp3TKE+YKx9V/Mt9wxPE2/oueZ8iVMeSU9nd+P1JWS3Nt4I78wpd7lt6xmkC1YMOqcS9R0ICkX83teyA1yCUGoZBHiWnwBcySC3dl9QiXHg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>kZcvHknm6upE+s4ebt0/tDyARL4wBgdjie+UKFs+ynOrF9DO0c9NYxf6UJKLjuFdPzo4xRW0jCClKm3DvsSHJ5NOGRx5b6xwYXdZVPcbkiM4wD+ea4HixjG9C1aD4IKcxVj5FaiBl/tuggLVdejd6s2lBE/gYSyekP2aD1sNBZg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>LAZY7zEZPEwUoZ1nDkGo9t2OqR5jfhuHp3rvAyLsS1TyxIr4jeeP0rh6UQF3vmvVbAmb3aB9Z/pCgZyN8jr+InfHEXmndlxh6rQy4dca0p9dx5chLFtQxvVKuC7tBcBzEweX+tYejnjW66PZiehCFK349M1380YbexKfCiCiFCTKuom4W7NQJJPSmgjoDpv7ImLgbAxZa6cNnmsBeGSVqtnaCwiKlaunC2CVsFwSKGqKfEcHe5W+Mec2C1LT4Elbb/ujMEYQRVY55+/sZT3Im+J170HzxYgNHwta7TzzllDjndjmK0+mgtNbG9FEQdo0OSMciP2fIDUo9HuJS+7dz7eSzshEbzu/BdozWhNPgkTsR9IDn1KFOUZ9sHxqUBqWyoWzsc9/Pw0URO6wbQG4cde/q+it7/TaMPF4pFqpMEiJozUAb3aCCvVvdHc7NCR1g3jn2oXmDelzTHCvmms4PXyayuhTis5sgPIAk7wswzkLp/tedVdYysvRPya/ajjqJAWH8e2O5K84/umhZMudy+0N6DkCl11cSrKP67ObCTZPRokMu/xGY3wc1d5WoiuanG/kTpbYv4jABMvTknq+M04I7O57r3VuUizkxxBWF0qQe0E7B8PcHMQjcta95Sg7UmSHGguMshQjYXF5Kj8ZmgpjrkSFDQIAMF286XkkYAqkpzehyuI6qA5QFs1+d++nrtOlyQs/3t05Xu+4zDK+ehINIy8Y5nKaC7T9YkZYu/F5nUF67I6ACzDbxe+/DXOK0WAKrMXB1b6l3Ho+kxZJ2KWeO6kcRMyLNfr5v/CB/CSkXMreQhqSdlabloGxhA0rhVgkt0EFUYTNs45eXzKs9f6VgpbRc8yaoJaRf2NM/z63xYo6x7i3V0TADGyo61P7okthABll9MttEFargKHD6Hd+ZDWz0NDFCbbD/F413jCNv3q5oO0wAXgh5oF7mxTHqox8SdaCGe6oHOncSZnbYsJXn3Pm7rFgZqXKqc7DusZyNeoG2N8aSmIWR6lWgR7WJZyudkFtIXq6rsIxubosoJznCQxk97ubL2iRNq39kxGqmUIbtzru1itlQJC4qYKSYMUkYEdtw5k5we+PM6zFeGXVJVqui2sQEha6A+3BqjzHpJcLQRlYkXV2myMbTpQnIYaJkUb56oN3EoOE4Wh/iKWM1PPcrUGp/ZZy1N9iagQ29HxyJ2OyYxrmeZX60JsVcV+SSmMMTfnDkgTP+jSvTQ5OwJFDdwHZZs+wM+5kYrkQJGURA1lzVHQS2aw+ZcpKiRFexrr8E+jTr44kZHcuPqV/V0Xde+XqL2eBnO9tgV6MlGJO9agCDftAr4pH4Xb9C1pWeGMcKGd4XHPCNgqK/2+r3IkYePaP0Ppwld6pzHham287liqMYrmsOg/vGmVCJK9M/n0k2z2pf04I5t6Oj0nynzjemzrifxe/iQvM8QWGypkC1YJqHOCEpQ7OMQgy+EVzQjEJ3C0pk0MysHDxGXXSYUJMG68jBqFl57NTVuN37VMUFqk7B13pIRl5JVAmVQMb8naRfYkzblFwd0Iq+pZi5R97obASVjqunKoHK7vsyDzGc+u8Hd14+39xiQQjZcmNaAa6XeYN4yx83NS1MVaqYpcFA2JxgR9jBvZEDmaCZ0buLu7s3WnQcaK5/54KNd0e3WTMj8/73TB7jLP9KpYFOqosEb5vZ3yP6PaQhY238fYzxqlFcTSUeYIKKvAJApftN4xEksDyomLWmgM2QEgagZZ72ffVI+WYB+ctPKx5881ujWDa6w9zQhR/fbEreYHw9WelquRlw+U/0qccy43h93OMjOuiYUfAG1/8cSQn+jY5fQuAcW+2dTPtV5b4zdfkgOy0+8nn2IJigrO/dSNZIX8QPphkVzhBx/p6op6hUJIWNs1VZXlAfba1it74dj3goWX3kJO+Hr2JT3n+DRrGp+f10tTwenlrRMMYnHAFeR5FapgHcWIT4zDUHQyJ3sWg9aSkwcYCyUCFY2D409kA5e6Qs6anzFRdsul+51jwil5GYeuz6vevHqTWN/WEyf5qlfBUk5OsZdKa1CJkKLIbSbnu0dDECSeUZ8r+BZT2obP+goP8QaPuRiN981Mzgb5Pt6mTP17peShBj8NkVwl1b1IdC9L9U/vuzGuyw9crwJiG0p/zf63qaTqf7E80cNVH8QPT/rH6eGNdCypJbSS7KNbqdqOFte72rOemL9Qft1QLq7xZZiU4cg2PI5F9DnDXAvMoZGXl4SMTz/rhpdT/eeM6RqLDNqR11rxGXCdhkDAYA8xKp5xEvSY9SiqOK42/nqSFuvORBVApfvtkKGOLa03t7+fnLOranQq9t/zOMtTK5wxWkz4whTh39qUQfLkwEGVgQSEh8/eYCRzi7E5qQfkrsWNstMJ/u+fvDKi9ZqagyvJKakXSbXw4yqNQZeH191vdBT8YrbhCy5hTfKc9ircNhasrp68yA6+CfIjU3GEJWCUeQjYFE8glg7EngDWlKMcYbDtDurMxNGcRDNBegdwJDXkoCIEqzx5Kw1rpU9uEIr7L22Q4Auv366av+ogRDOHzb9lH07BK7a/231g9708d+FDuWQBI2BbyQZ0YdEEXPHfRxFH619jIgStU9Szke02ZC9FU3B/Qbdr6FNCV6G8RN6p1IipTJ3F0UTdTjr+Yco9oFUsAuXTIk3DbbnBcpy3qt6UqhA54is8CEzz4APrF9Z6AufSObOdVm8GE/JMRANf/z19R15I0XM60bK8AWPL5DPo9vmR7kIrjlrqyiDdKOI26Fx8PyocNLve2vdXfnIgdN1ICSELZB8RtUg1yCoHZj9kMpWlO0kn6Fz+HckM/enXjauPTNrMuEA5uNmud4/W8ZTDjhp3CVq2nGMGhu+dX8Rwa0rbS3tSjcZXYBHmyArYyVr1VPltOQE1KliTTIfUPMftAyZYoGjfaO3qhSCx5zEE+48hGwoUbEnFon9l3wtSgOib2YTBfFKhERRgiN5oEvuEYH905hTwJYZce3psXw9e0OUuAhEAyR51y5QQtwRiBn6rmiCm3tjB7ABXdLJwi1B+RMKRG2KC+R6fYnJ6WdCBa6Ullzc7nL9UG9Aj5qi7a2BWJILuwucjE8JYUdU+Lh4YkeQ5wAeLmf0c5HNTTw0gn9YCXzLt96AG+n/uFAEO99Ybw0YohMXMV/kEA2uHjM0P07e3LBtBcwNuFe9qwSsWth1LTHAS767xCj8Zy3AEexs1jzI6/HNoOWAHKxQUfhFZ0J0Virgq+PEmDCslYAow2V1TJ9ag8y0+COstdIUWMALb88S6NyfzWeyg1ea6LYhIrVHfnerz9U7cW7vewSJIWTuu8Pi3E+9ksMwvawD5QjORwBQCwrd00J1rxavlOR/AeaFy7Eu0A9IplQXcn0e2GpVno1Rl+HZdZ/PA2Jyiq2sEH5nTFDvZm0OmDfh2RxRkCOXy4DZ9cnI6+oGMRwjj7v7sFFEDqeXLXGnEpaMbyGtOs1XxBiiSb9kamyijrch5XZpgQdSYQpLJbE8+j6n6lUJvRFrs17yy3fva6M/bpNGjEXfR0JryacXWjT7Uf16/l5+8jub6xUp+icnYMTCSp9hwgJtUvnTlMtXX1l1XqJHNZN1+k/7aa6lHNnLtyh7HaVu9EiRrfTGU466hqTsM1zxTYAcPoQLi2V5atd54EcZGuaIPitSrj724LdwCcsZY3jxHDWISLiQikZyOpgjbTJv05tgBMwKC5kJGXzg60aSMG6jfJvJeYLvlYbDR97XnyUxVhWnsCfh2H8bnHEWIt/3uso8HTWb6qp99JQbpxq0bm3Drv1MIGsMIirUuSVVkscjXmqu6Es6yqhaefhVCENeeQkwtCzq96d6AQ0HpoeUgmSoGs1VYGyKf8+59yOWupPgWc2QrzY50FmMY3ZkseOkVDaXILrYZ3OarLckVixTzYIpsGbLMgGzmnyvbQGdkeGBXG5EwJVaSfNUcVpuiUmPp8ZAB81gTxN49zalPFLWYE98kK+u9sscvY3+eTX1uDRER+cro0a3iCn9+iVhmpSTfHMqJhVholaBFPfeOyq0AcDyVDvIy/GxMx34gM4zfT6i9FL2YR2EBN51L/CXxpIGcM4ZJ5/lvBRItsJbdtE3959S/3wgXPnsmjRzYc5+QOPcGfDYlGihNYpSe9LutQfoSf1AP6+nnx2RaPh8Hx7oC1Tu9R5EXxOyvtottXyy/6AEQBZ44vUxJS8LmzhYXhjuTLP+MOfjiXrD2GDRR3hA/xwySIc68mVQ2XocqgsVKfUkrmALPIBrJy7C2fgRXsNhxR4aRBH4CKmqBSjP9A+x1Tpo/u/oZ/RMx0plmDbkkr56jDYENmFilsH3TKfeiW0QLaTor6bQ4ajFd9wsLbMzptg2C14ONqehqVEYV1bmw8pqWUpeRlfqgQBW5ZcGs7UUWUM9zEsBD+Lrpz0rwarXN8nAo+Cz6QZcOVnhNcCkWzufjSLeXONATFNgHMNV1c7gaiJzjEOWjoDCXPLKMDJYnjvu1WYIbraIwxRiwPYCJXz2K5aylbAD7gDLzpfIQyXuwj03tNEYIN1hPC8mJdd87q4LhAIUTSefc5bIfoUO91UXQgmrHkCVufH0HNZbv/98kb1lH6CQ8iKR70iYi9Lnot+cGlgZRs84vkbdEdw0aOl2VyRoS1VCuuxTpNZ4A2p4Q3GjN8Rh21X1uJnwBIa3Qx3/C1pCf6DyzqIeFtZIjkfKv3mjYeSu3Szlsw+jpA1bE5a5f/WiXjm2Y58jeuyOn8jGWL6mNy5Uelypw50bMdONgSsYkgnPO3C1mVCS4XrBH4WbIS9TjYUup9tszayUJDIACJ0fcNSvcIas/beHeqMeRipVih8kEoOxbD+ng/Dq+tNBmKoDxfJ6NQ+Jtrx6j93gSgozQOrXvvo8JufzH2JFSR4o4uZaBzK69qByTdfcpAHnohF4QuWezF/2ghtHB7b4mal/EgeqgSm+Y7a7YNhjwet8eyrvwiGWnoWuKT3irFap7gqZb0xBE1JDT9SUNon9kH6W6N4fnJmR3ESRn0VyJa5SE2aC5EmT/tAEpd8NPfnImbdLBAQ4KZKsj8wHDk1KHkvDs118AsL0Tq00IowhnlNsrT1+0fMHLs7zYBA6b8+rn+To1D36sVCjYquDSXNvEf/315CjvcjtcQZsbiMEHHU0CUk83rojAPcYIP5/fjsSm+k5KebdH8CU5KaHNMLL0qxgk6bWYkEnQzHhLxEs9wqA6rUMM8POZx3CWdqQeKXXCGnisTHOCX8iUUnA5+HH8R3Sm44Z16/p8Dat2L+n+IybL0TnTOqYf65Gwx1Shy9UFrGGD/PVY45JJ65sO3uCKmI1hrSyPMmB+6IF34INd/50zcoPUHFUtZ65qzFzGUpV62PRPV+N3WTIE+C+QLJyAKmbzqYoDeK1VjLeLrWFt98CA/Cfq0SCTvF80yOgV6fNYU6KwqwUYUWDxrwVOgVj9/SOk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>