Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxf569ba7f-c7af-c43e-bdee-6f7a6bb8c8cf" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxf569ba7f-c7af-c43e-bdee-6f7a6bb8c8cf"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ZWH/8RIA4cZO5fyBK+T4Buh/Sjs=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>LKwkLCpPock4vts9Lpe+KxfWVNS3pziSh/AUXHcp5FheyhiZDqEJLFcYMeqxVtker6XI9NuBgtlm++2/Gh6oMJZjHsC7JJ5P4vx9r+5ZjmS7ks02DhgaTMlbTBoGBHzzv7KBsMNT1N0Nk24DVTvFvqxGcQbzyffOBvAHyCzwekk=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxd437a5b2-7a40-f6fa-359c-42350abc47d0" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxd437a5b2-7a40-f6fa-359c-42350abc47d0"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ZUjNjXaKTftsU4Mxg56X0PPadmo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>RBmf7EZbF0c7A4XkBEOPHQQwNpltgnK5U3raFFEIu6oSyFovzdb/53FGYY2J6NigZxBDsC3OXlzoguLH4aqb1/9IXYbDpqmm0TBBMAy2Py57wg+JDg0H2d639MVT7UQJ0uXzSlDWhkZ/dD2gUS8Trn//I1h8j7R9IbKDpcXjOvI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx8b239027-ebdd-5bbe-2539-201b62e87599" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx8b239027-ebdd-5bbe-2539-201b62e87599"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>uPa+gC1Sc88ePVdd12xF1DktCuU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>IylAw41oDtEzQl1AnxtAeckUHjyE9eGrUCO10jaf8lL5NLM4ltaVmDWP2I2LxG10Trc+DaqcRLmbyo5Hb6m4msTkAcCRNPLpnwDZqFJqqTzTH/BnAKwDWZy5yYZaxBQXrUZbiCh/5Zer1mpA+VHwMKHNPbCnCZvrs8S9aOKZxUM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxede64fed-ef81-3542-2d2f-7ef21e4e4453" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxede64fed-ef81-3542-2d2f-7ef21e4e4453"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>VDne+SIq/VC9dUyw4yS9d8hzoIE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>yqYFZy5j+njKhzLRMxR5+HWtFszYChXvad5Fuh2HeO6oyvhxwlSpADLLK5JTyvadxGD2laz9sC69xzaQBE88LEVixJnmgNAoYgLxTmhjnzqtfYRGylk1DaG/QdAq4geVmKmKQMddCzdRo7QVlcsoEt/2ag0FmNhPwf8vPRItYXk=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>MhVPVuLfxaQ74BSiIA1U5qRACh+nc7B6i3hDF1S4mzV5TGrb3MhCr/jj6siDYswyTJIUqDs9k8wM9QDioKii/1sQhkVfydBi2cXfUC26dA05+SQMy17+OeHaOWsigO52DG5hJUJQXrILiMgkJqtqI5wKoiF+YK9+WNmCAyBW5Fw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Goyc2bZ4JJ+tnHnyY6eACLE6jDDKgCAbRjOcZ3LMP7NCCXTE5/aoBZpht1tsV0o+LnwvIL92Dd1QgbUgGAWm6/my9kVh5a5atkorqTSFA/LyFkd1a/xx3zYmefb2r4cghCSPe4FAfoehodjuXwFm2J3jeBw/9jPMNHWlZzStbZPxBxbk6AfzopkftJl+xlG3kH14RrMMyVDJxosyoRomJxsaN2x7H2zWbvmgDfj//4lPuIgekf4AA9mB9667nLarTEwuV5izFvveIE9ThvWc0KyztfRkS2HnxlPfa0Cgfq2K+UsqaOA9NyFgf1UCXkerzXNeAnjSpkBQLHvbN5/dl3b6q7Z9x2EEgF5wBB5nZOzdGOJ8NieBadVfiZ8wVC08do8FLKvLu9wEc3r+uOwdyPHwEeO/CC0rCK7juRt7Fj+g9+p1nufRyUSN0KPPYnzfF1wm16t3KlbZT88YoN4fPcTGP9k6TyI/xzvmbdxb/MWMPWovc8x6vlItR/yMXnBxO4E2/7RJHkkSzJmDahCiGwQL6kVMCmwk7wW/UlaLkU6beYdsdn/ozloYgMm/bHTpmlSd1ENAKJiv/MRVo5yZXVz0GXMC3wDGosTBRX2VKHauOtwgDqOZfZw/WNCC16MP95zdT8kTNRexnLlOUhRHvBeSZZBdW45yIOuv0noF654ama+9IXjXa5UnFsH2+ujQrxVmsji3eVoll8y/kyGncNxJkXcv8XS7UldSIZos/hZsXt8RGcxR2w4ZytNg0ZZPkCxJG+u+CKbKvqniDqVWMPRr+C2Mx+kvrFDRkYscrUhfvS6jinsKGj6jIJUthCJdBp+0KfZAbrBFqn0qSpp7V7LcK4Aof44rGaOtNks2gUntJ0dofv0AGpMFEvVkx9Pkn3xCX0Sk4Q72cOqrUauj01GfVx8HKs20UZMAeIZPTNn4KyY/OVnxBRyGJat/T9nR3O/j/VxI8GSl2a7m0QE5VQq1sM5x6z7N9VYz/l0lHqUiVTTnbD8x1NA64G4ZxZzxFHsioeanVZU+CtK8QPstPcTrNkeD5ZnwyEhsmqgh7XWDwqbHyYRwiU725osRyFl0z1YMhSgHhlSbyBS+JkgSIgxeGXP41qSmDAo1Mpwvas7DHCG1tZmeysP5hosHHEi2O1E2VegKTv8ybbjLgTUR6HN6ZzqOs27sn6w7ipX9+MU0M2yih3GYJkiW6gJsemQJABwDkLE7L6tHl/mAB5tsxTPuvlq6me91u8xr1zcjCGH1DZWApGgpXPYJOyLyc6Ojr/RkPAIqtSnTSqFkRfiUE7SfJLkSogSrPUsONlOkOoRaL9sMWEt2thdfjCBCQTwagbIV47iebd+ZpY3E0rj36Imohu+PBGEdiRj9d7ApvxCAy/tQQjpfNI++VZ39Gv/mvizJQLEpvncFlrX4XlZ8W/XZJIbd336jLQYtheyC85y9CjH2rMWOyPxzSe4bTUK+nbojS8ZoWzxG7NuRoPRfG5NRfiDrJf3vLMurQIV3EykdtcI98598zFjb2/BiIN9babD3JYCicTxlwLeSm5YDxrRcGATgH5bfHSlmuE/nVueT8KDt4Z9c2riRhZDXIQJqva2bXpDI56ETKmc4kDdkOD7cUheTm2LVA9Vy8FU0c7KPz69PYuLk/irJVx/ahEz5fSKQ3PLc6GFhWaF8MZ/3yAVT+NOPaJf/XOkTBEVyBQHB7tX7OCiea4BTuzqT7ASPNwAzh5cIlMHNEbNnKPASFK0VblxnJiDkK4aTpGE2xNze0+UJUp/9VVBNjLjecyeQRq8Biy+hM46d5dQKHgzDtl7DlLllRbQjTo7Pyy0LzDcquso9qX7bKwjbfnshtK2UKnVBx6CPVLP2G3iMTe4y/3xuPix06aavDBPrKJEsqu5gWqfk4+kad8ZI1SnSCsRKcrQEV9F8rA/va6MK14qlKisZr+4leoFPgdjQ/JLNrQQQVr3H3Amz7EtKMy1u9WdYY43d7s2T2N/Q6kfVh0IEadgI++RsM6daQhENigg2WY8FlvEmYQeE/Qq7XL8Jj3SGrClpC4upShOvLKlYJ5P+ZMpNKI5UnNm7wWTEtl4XIU397szNuHjmWFDgxWQSpq5iN8K3QTmWl4n3KMNCkvxuAA46O2JtVugIt7/MHIMHK3bCT4GiWRUy0ye+1ZSCov/bfprmi+S4PZ40RYHXw/tJBvA79s/7hcAxogC0btDO6z3gyXwPXRTW+PdoJe80Dv/ykr7k5r1pmi8TXPzafcSFcGSxL+Hzl9udoVAGWm2acMo2JYqEqmY9a0hcIOMFkgpxsJrhsIdYX7ZcciAkCCHpgDgoEkaFfVzp6NyPiK1h/vpZnGyYDxx7jF9wA8OE/4hlC8lqxNcDF4XPlnrEyTpLujbvtaxJ5IbX7tcnX4DpFKA/Nyxe+/RNatqvfEho2dU3RMKtBj4CWuwK+F7No1ks78VqRI52//m37xhb+1ziTH8apIP7aDRRJYWIa+cFWVWgPqAJFDZ1lUpBwJUyShuX82PCui/XaREKoDpPJvqtYycEDFjtMoHk5+1MPW8omZVX+cUFWSmPpNDO8OKRRB8ptjzRbJIfIdy8YAYDpFnHXdOBcuwd7RPi2LXlSIyutOPoEhyylhnCGVPIFs2W6fLr2WP4Jcf+edldRz2ldfHHD3gekjKPm3n8xbodTx8Sf3zu5/GDWmBSw6mH7SSwlthC36y+m+nHzpWQbO7DUptw7gNWp2Iu5dYHDEPMXVIgqAF+cQDe87drwRl79Vaud2qPMWnuwTAbqOn4ekP+Y7h6kCo7Slk8BRSFUxd8uJrR3Ipxj1egBZaOTTNjKLB2l8w7xwM4msfkFGZxaGhMW6lFtHvTdxO4Jm1wsMaihe9IDrlsDMyiDjdOrZ4sxW6mcW97cYm+bRCQpZS+Kjc3BYLnfGY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>bsfMtzU/ibzCc1oIZqoT1qZ2sLnBfB84pRLwZYQGyYFWYD7sM+m5HKc+l68vzrnyYFOu/SXBDSGbuFy6lz+yuxmVo4P9BFKrjAq/5C6LD0xBregiXQ6/bgxl/ziAJfZm0wrGae/kKR65wihHBJa9AwbmtXi+FnVbXOgGGYiVzPw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>6ii+4f2gIfcKij0+dw2FzRGcKW8VXf65VmHaTv3wvRr39EU9aDm/aplT5dwyj02zxzAeGz4j3Quu5pRlRmFulnK5RrxOJ3y1TCwtZV2RdqjnAtHc/8/j9OhSN5z3wank7i4zkLKSZyvN8ILy5R+uk991BzcEeRjTC/Wv2/dOCAduQ+I5VYdiYFxJ6DIQ3K/+RWWIlD1XLYcFKJYSbMIM/8U0BXLBbn1kSeEDuiKnf2rLrrsmub9n0Axyz+9Dsm4dOiY8hg4mnTazu1ujuC3UgzpRGb/PHUH+CgI/e6BvKTX48hfgUFcw4HHrhfWK0pEI4E2xLnQ+pBvN/YdacEY73sJy0R6GQCagnu8YKPFHwzkuQzBQ8LGSG+ivoXIVAzv0z8MlywF0qcaArXxEQ5tEo0Iyfg35gUFLVekLD803VkwKJQkEROC4URQnP0d+BoFIkj2cwiuA9yp64AdXqB4NOgR3Thb5sOBrRd8MpAWZyb12Cwr2YrDvyRUPU84ZDOpwctATWpTv0kDX37hIN0Yn6XStu9+ZpqfEjd5USDYt/RD8zK0+brq1UB2X0GqptT1R3g8n/ekh23WhmX4T6bHk3n0fRIeqjzL4U9sZK28E1m/nsrvjyEUKGoD4ryKHkCP+7DAeKf1/rfKBcYKg4f0UhKb0GOSox2AV+l/7Diup8ew6DrS/GG5DpoZi70XikLL6fI6hdX8bYFkcgISAl5umA+j7YneWW+/LLdJLIgLuyqV8KQRF5JepKJaL9mJhLNPRdDBnDfHjpRKYCmQgYR9cQw2BImGyCQCEpPFWe4l8iWEH5SdoQKObOuhjYhbXkPI/8tN+IJ7hPMzG2RcXbEzuYxSVzdTW8RuDyAlXCt8UrveWlMm12QY7wf4uUGAXt8lyCyZ4/VjjFi3NGht3wGC/TG1aWfxqf0yo0uW4SV8ce7h+P2+eJNocjigeitvoP1lVvpfSZicICAMFw4UGp8BAavvGGXtAICgBVdWcQel+z1JyKAYGMMX2fU20pN7ZfNYyTKt1gJoIMllO7noU8Fa3WvUoFGMHjGx3iRAb8u8bNSzCalXNTIXrHJ7K/SGrW46ar5tmW7aiQr32z7EXobDr1VsB/ywFBhPXfCOjt4a7J3ezTj8KZKr69yUE7CRbF0rSqs/1rXEct/p59s/BI3hRFlxjopzOmL6iuhWrNn0mSQ33B0RhVMrgPSDPewlzD7AAxUZNi6ejIZVpHH1LLzpnnkvSF/OqNcrFwdgMLK0K2Tow3Q2oFNJk54hayX3tuRoZULhBJZkGs41sgPLU+clghhw0g2WLnGal4BdN9rgejD/OWFQ+drcA6ow8rmVbU4oMvIA1P1MK0Q3Xqd3srAAq6onqITXhwnYydhys/aivrT4JNTpX5Aub1fcvW/o531Y9lSFUEjIV5ILJvdsaCaCZK9MQay7+eyG8qQrW21fxJ0HVKvU1yq7AU9XqphZlATZIT1WkZqXRhMIORTzfe+UCPfqTR3Asmdk84mhD1NLRkBRvxp3uIysotBSynctgU6nJtwoFLeMIvMVLqB4kjg69hyjYjpExUq/2vN6WVNRf/4H0sk4OTJg4Y0VxaTse05v/JpbCv5aNsC8RqI4+2vb75ZQwNsphYqDNaEb7SmaBk/r/gSEwAzNNDwWXHrEC6iszhXhQrK5qNtgMy+3bhTJxIXGu4xsrP+oiyYca7qGx8/Q5SpgfDvbOiD6IX6+7ISxFMw5stiPWa88T2+IvRQN0wPiXHg+uqtX/d+uSk8wzNI7u6eV44nFQTzmmHtPmzkybti4YzgJxA87oG1qS9/xcbjaS9I4/LNkFW1J7AOn3TSDhLglbEHsYC2DJ1F8LgyimC19H8f3u1PJvLk2igIM2NsXTtdErsZi//3TQD9Xtdm6gmBPmh5os3o7SnZaeUaBeJuo1p2AQ3P6RDJLwUBgHs8d5XBzK4wnKzbBJrrux54C85GnQXbfJFSM7FIjRNI+GGBX41m7js43P24F1aYMC+Sl0FK0+jDSYzdLuLBV0Kb3uQjrrFg24QrAtEGh5MSqVNwQkeCchI4egCo2JORSqhwNWhOjg5nxgpIfQq9c0oUzuZFcaLchbQKtTjQaeS8urYepaRn8pV9btVq/7hcT7rth9HlqqkBSJdn/Yph0abvz6I89nYXxfjTdmiIi/y1NVHJrvmara6MiLHnQwrC3ngmVDZZEdxIYgjkrBcMvaZFor+aqjrk8cJs3CSfxviY/hZnP0aA/BCuvzDIAirW3cz9pJ5QelBYDrKQKAAS0DupJCKjX8G71ZPKhC2XEjiwO4i6RlIG4B7kJv4xOGY8rcXLyHdB19A5lzddEIp1qWqoK/+2JwdnDgvYixpYWZNlIIpYqHssTdfOa9U35c/cSKMPycm4XuEEHOeroliAwW/+QSAzvQmxm/dBqvJtRjXoRitLXb3ZGXHmyGbqqr5YvpfdxNvxozbug4QU4ienewiSawzj6ll/euhh6SGG9aTGrtjRZWjK9OiBOMabNMkcUcqs4yUXb7xl8JEueUN4PSmlC9/0QOfWza3lqNNIoFnjBKZ33+o4NmIFO4TcX/ENXAziCRXDWcYgWHs3/nDGPDcwKQv72pE1xf6NfagcT0oTl33ywML3npf9DWo+UBuj5JjYq2KlN0sVcfWT5IVPL7J+zSNrNSv5XACfbkaWsAw54qS3iGd8nsywJuo9k1j8t9hikXhxTzbAuuBHhwhuJchdbuDbgM2kom1EEPEcSis2CsNqAY5xSx5Ce8QWtdBys7/oGLeRIGN0qKjQI2vF3m5SxalHnloP2n5akGCjBO7ZHhcEptEtW1j3C/WAHc5zjiVzrJK6hj3hVUUGr8TS8FnOkFTQSxxaoZ7QtLI938AJsjhLEN6wa9PMZNtCmRh/RzHI6iSbbvpVXB4WF2KvysXRrJ4ecIT74mKIJC/rEhMhVhBAJYphA6pivVbfHySZxAooS04vlHRBpP2BspgNKdybE993gLDpQWhLQa9cGRdzGGQ/GoCH6lpOvHF3Ie1fiswOMvyRKz5dc1z1RTAvFxxF2B3go+t9h8admWjNTIXUTMcDiSh1IytUjwmo5mXeKFAuyoKTWmq+hcioaPs/K5KPZYest5tjZTc+KvKXzrKdlcwJcTKtgVuEQ/A85EzMoUscV3ctKD0mv2vNycMGZQ7kjHsZzlx2Qzap8z93H4zx80SwBGnXjcbD4MGyhPvAcRU4GFZmacQn3SSgcYkn3BW1sRJjYgpCQ3a3oSeK/s4bCYTT4g1ju0Uu/x8NuhNdu0A06b33QE5W7cDy7V8aReGzhjv9QmlipOyiJwaPBw6NCLdWy9jrjpkrvAvh8XMhkyuGoiydJ7jJutgyBhetY12qJ/qV92niUfNhHC6MUH37fTkdE7/dFq7ufMietSb+Uey7zvpMwnYStPkilQFieO/haGhv8oIKEgT+PLCJntp9lTQVFuQ7VC7GN/QSND0PY+W8BINVgFhLJ09Qvpi8EdNwY1C+i2aiiUdnaV8D5Qb4Q/RA0tAK5q/PdFgZA1tN6VpvJRHfrI/PHG2+IuIRIlkkM1yAvvpuS5cXzOYKBWE7wE3Cn4aCfaVG+8KEZUyO2MfetYZlLbHKodlsK0XF5xe5wmCCnuCJocO9nrq3cDmo6Q1lx0fDoOEBpv1cUnztoTu/MBeVAZiwB7cVFUejv8xz7ZP6V3Wjqs/W6UpdgAksZTp1NvQiQZ0W0Ha/+lnvtWghqgwu7gXlwogjnIg/x/9Oe2u3ecohR14rss8QCOkKIcV4NPMLdf+y3yz+uTj8aKiTnWovDnuTaOE2UTzcQATPDmkQZ0oMjeXJt1vCjH5PVu9AWX3vy56B5PrVwsp4RPZUl2TWjayrltdhWpsUd9f/goFJR1cp0WpVOavbhKpU9YSvUt+VqyXR4SOOHY8dG+Xp96GQvEzjKZmXVRl55elnEJbMaBneXBK91Zh05pD0fplX9r8q2Exgx2aW2I9eTLFkqEA07MiFI7QAvvCReq0cGXZdUj5x+tYEzmWo/YJCoGqDEX3pUtc4egPcfzR6MepJ7bDkJHUgsvFXkud2bf9cZMfbT9F/a/75LbCx9UB7I3AqhppCAw8aFKaN27bvF0/qpmcK/3cKPWRuPPYagTlkZ/Oark+ifOJpHLOyGliTm0QYfWheb4/FhdZZRJmo6n5HywQb/fk4+mp+9S+c3dF4FVWNJxR957hQPULPMZHNzbc4CMv7/R7WIzbfF1nRKreAO05YDY8KLP9Xczq5R+imP4WE67NJwdA8dmyoMwpNVcQmndT2WdF564MNlti9SLIfNoNCuXmXgfwq0WonaAwH/Fdz7xf3vYER6gYK21A+nKAkZJwofzFLkhB7JQYi1IEAjHV3jGWIDGDgH9u7qntvUXXrAgMzwhu8DLgbXhMMlIds6MSQtHrUl+hmOzpJDRIIo/FcPBCYJiGe5NQMAe6mXIyKv/3ZmAXZg91FI1Au8MnGDSyGAQT8NjWnSx9MYuLX/cVJ6NmuTtuwm3SmOHnoSqGuG4sTYN9opkqFL1EF3do9DiTqi5GWHklUys0s80yThPSTDtRliT+Kv4C8IuAwWLud4saGMO7pAZf9IZgp+77eldjhVrf7iSU1oqh6/zHvoG2zEXNw7N+4eGv3LhYn+S3X5RS9D3IulSAtbnn4e1FSNw5bjntkIJuiN1EFY6ZOBnpAEfRBvlLWva8vnu08wOhnLZhF4hlgE/gc1nHRJrFnIfdFTwYf50dJI7sn3MyPFeDNV3cVlQIdCI3C2rm//iznyv4PRszoKQOjA9x8xhkpJOfFV6ryeFyNrpT5NzmxgVtQXsCckBtgmsOkMZZvcZa0/JhbYkQAcDq1CLuQdLm4z7qQMpx0oYCLLn7jS8cCtsRKXJhCuuAVD919SzZ8CvX4MaVyJCojpnOEVHgsn88vYtGUWnJKAfHCmrAw0+6Sw6zrLd93UFROZtOXQVmxyKESnAmsrSWg6rf/CCml4y2dwxfPnHbKCni16qto4GfygfR0y8ouIyjFS3rNNZjn4wwqX14dT4ml1DUZSCx45IJ68IzdWi8OzT1jz5EEicDu8O0sOuitILtasXSdvI7a1mQuC3dHC/LHD1SEzDRNSo13xwR0X5LN4qgEL5BIGA9A+Pp4Hbx65PDodSJsAe2NvNcEvx8BdztGYMcbPv9IrLjTO+TW7BUL3UWxogMdqspn2eIf6+eVuhCUqZQf55sfs7woHEor7/PpA+7yPAtnsku9Uw2V9oNv3+wWtYixP/YwmnO7nfOt/8bP1m03Egk+eRe2npRLLt+worX/xZLbmyiuYSUg+HzDVMdocE33b7S5z0Jve74DN4hA+10HLEo4dg3/LsMtAlYPqk2Oo6Ixr259GfKub2X4bZ9hFG8lwBYJZOFWOIq88UH2KfGrS+chqGAF1xp1YS+o8ROCayn178APMzGG73Yka5k7gSEUt9BSMtxiCFmrKw/gqQPFSumk8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx062d22ec-d9e2-5420-6f51-72c41bf35ecd" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx062d22ec-d9e2-5420-6f51-72c41bf35ecd"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>65ZrEmnvU6S0CHWPBM4MI981L5g=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TA1gl0/3sP+nN6Xg0iNKy/nX/USCko9vtzO+Na05Ln7y0CBnZtPQnTZa0MK074A81OUTLsF7+Ne94BtpHyNu+dIJ6U+MaeqDjykD4Ui9nWh4/+QAOcs2xW9H1oPvMNtWRXQ17tEHRDYwIIyE271Bsp5QrK+6BpZTaqMH+GkpEBw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>MhVPVuLfxaQ74BSiIA1U5qRACh+nc7B6i3hDF1S4mzV5TGrb3MhCr/jj6siDYswyTJIUqDs9k8wM9QDioKii/1sQhkVfydBi2cXfUC26dA05+SQMy17+OeHaOWsigO52DG5hJUJQXrILiMgkJqtqI5wKoiF+YK9+WNmCAyBW5Fw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Goyc2bZ4JJ+tnHnyY6eACLE6jDDKgCAbRjOcZ3LMP7NCCXTE5/aoBZpht1tsV0o+LnwvIL92Dd1QgbUgGAWm6/my9kVh5a5atkorqTSFA/LyFkd1a/xx3zYmefb2r4cghCSPe4FAfoehodjuXwFm2J3jeBw/9jPMNHWlZzStbZPxBxbk6AfzopkftJl+xlG3kH14RrMMyVDJxosyoRomJxsaN2x7H2zWbvmgDfj//4lPuIgekf4AA9mB9667nLarTEwuV5izFvveIE9ThvWc0KyztfRkS2HnxlPfa0Cgfq2K+UsqaOA9NyFgf1UCXkerzXNeAnjSpkBQLHvbN5/dl3b6q7Z9x2EEgF5wBB5nZOzdGOJ8NieBadVfiZ8wVC08do8FLKvLu9wEc3r+uOwdyPHwEeO/CC0rCK7juRt7Fj+g9+p1nufRyUSN0KPPYnzfF1wm16t3KlbZT88YoN4fPcTGP9k6TyI/xzvmbdxb/MWMPWovc8x6vlItR/yMXnBxO4E2/7RJHkkSzJmDahCiGwQL6kVMCmwk7wW/UlaLkU6beYdsdn/ozloYgMm/bHTpmlSd1ENAKJiv/MRVo5yZXVz0GXMC3wDGosTBRX2VKHauOtwgDqOZfZw/WNCC16MP95zdT8kTNRexnLlOUhRHvBeSZZBdW45yIOuv0noF654ama+9IXjXa5UnFsH2+ujQrxVmsji3eVoll8y/kyGncNxJkXcv8XS7UldSIZos/hZsXt8RGcxR2w4ZytNg0ZZPkCxJG+u+CKbKvqniDqVWMPRr+C2Mx+kvrFDRkYscrUhfvS6jinsKGj6jIJUthCJdBp+0KfZAbrBFqn0qSpp7V7LcK4Aof44rGaOtNks2gUntJ0dofv0AGpMFEvVkx9Pkn3xCX0Sk4Q72cOqrUauj01GfVx8HKs20UZMAeIZPTNn4KyY/OVnxBRyGJat/T9nR3O/j/VxI8GSl2a7m0QE5VQq1sM5x6z7N9VYz/l0lHqUiVTTnbD8x1NA64G4ZxZzxFHsioeanVZU+CtK8QPstPcTrNkeD5ZnwyEhsmqgh7XWDwqbHyYRwiU725osRyFl0z1YMhSgHhlSbyBS+JkgSIgxeGXP41qSmDAo1Mpwvas7DHCG1tZmeysP5hosHHEi2O1E2VegKTv8ybbjLgTUR6HN6ZzqOs27sn6w7ipX9+MU0M2yih3GYJkiW6gJsemQJABwDkLE7L6tHl/mAB5tsxTPuvlq6me91u8xr1zcjCGH1DZWApGgpXPYJOyLyc6Ojr/RkPAIqtSnTSqFkRfiUE7SfJLkSogSrPUsONlOkOoRaL9sMWEt2thdfjCBCQTwagbIV47iebd+ZpY3E0rj36Imohu+PBGEdiRj9d7ApvxCAy/tQQjpfNI++VZ39Gv/mvizJQLEpvncFlrX4XlZ8W/XZJIbd336jLQYtheyC85y9CjH2rMWOyPxzSe4bTUK+nbojS8ZoWzxG7NuRoPRfG5NRfiDrJf3vLMurQIV3EykdtcI98598zFjb2/BiIN9babD3JYCicTxlwLeSm5YDxrRcGATgH5bfHSlmuE/nVueT8KDt4Z9c2riRhZDXIQJqva2bXpDI56ETKmc4kDdkOD7cUheTm2LVA9Vy8FU0c7KPz69PYuLk/irJVx/ahEz5fSKQ3PLc6GFhWaF8MZ/3yAVT+NOPaJf/XOkTBEVyBQHB7tX7OCiea4BTuzqT7ASPNwAzh5cIlMHNEbNnKPASFK0VblxnJiDkK4aTpGE2xNze0+UJUp/9VVBNjLjecyeQRq8Biy+hM46d5dQKHgzDtl7DlLllRbQjTo7Pyy0LzDcquso9qX7bKwjbfnshtK2UKnVBx6CPVLP2G3iMTe4y/3xuPix06aavDBPrKJEsqu5gWqfk4+kad8ZI1SnSCsRKcrQEV9F8rA/va6MK14qlKisZr+4leoFPgdjQ/JLNrQQQVr3H3Amz7EtKMy1u9WdYY43d7s2T2N/Q6kfVh0IEadgI++RsM6daQhENigg2WY8FlvEmYQeE/Qq7XL8Jj3SGrClpC4upShOvLKlYJ5P+ZMpNKI5UnNm7wWTEtl4XIU397szNuHjmWFDgxWQSpq5iN8K3QTmWl4n3KMNCkvxuAA46O2JtVugIt7/MHIMHK3bCT4GiWRUy0ye+1ZSCov/bfprmi+S4PZ40RYHXw/tJBvA79s/7hcAxogC0btDO6z3gyXwPXRTW+PdoJe80Dv/ykr7k5r1pmi8TXPzafcSFcGSxL+Hzl9udoVAGWm2acMo2JYqEqmY9a0hcIOMFkgpxsJrhsIdYX7ZcciAkCCHpgDgoEkaFfVzp6NyPiK1h/vpZnGyYDxx7jF9wA8OE/4hlC8lqxNcDF4XPlnrEyTpLujbvtaxJ5IbX7tcnX4DpFKA/Nyxe+/RNatqvfEho2dU3RMKtBj4CWuwK+F7No1ks78VqRI52//m37xhb+1ziTH8apIP7aDRRJYWIa+cFWVWgPqAJFDZ1lUpBwJUyShuX82PCui/XaREKoDpPJvqtYycEDFjtMoHk5+1MPW8omZVX+cUFWSmPpNDO8OKRRB8ptjzRbJIfIdy8YAYDpFnHXdOBcuwd7RPi2LXlSIyutOPoEhyylhnCGVPIFs2W6fLr2WP4Jcf+edldRz2ldfHHD3gekjKPm3n8xbodTx8Sf3zu5/GDWmBSw6mH7SSwlthC36y+m+nHzpWQbO7DUptw7gNWp2Iu5dYHDEPMXVIgqAF+cQDe87drwRl79Vaud2qPMWnuwTAbqOn4ekP+Y7h6kCo7Slk8BRSFUxd8uJrR3Ipxj1egBZaOTTNjKLB2l8w7xwM4msfkFGZxaGhMW6lFtHvTdxO4Jm1wsMaihe9IDrlsDMyiDjdOrZ4sxW6mcW97cYm+bRCQpZS+Kjc3BYLnfGY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx29135802-7577-36c8-9ef1-728bb4ba801c" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx29135802-7577-36c8-9ef1-728bb4ba801c"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>MEjZXaIlEiRkTIUL/Has82VPJw4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>P8QKA54sP1tsbG5xJ3Hn3DAykzbBR5iN/QrvyIjHRkQYV53RhxsAnjmU7MiZNUMEp7YN7jg4Znq6fqpoRPxvEtZ4rvHELyFRbySUF4Az4H6MH9Co6gIg1DfPTKEcxi16wFgV9FdiRIorcby9TB7C+JH0zewPSwX7O+pImLhSTSk=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>bsfMtzU/ibzCc1oIZqoT1qZ2sLnBfB84pRLwZYQGyYFWYD7sM+m5HKc+l68vzrnyYFOu/SXBDSGbuFy6lz+yuxmVo4P9BFKrjAq/5C6LD0xBregiXQ6/bgxl/ziAJfZm0wrGae/kKR65wihHBJa9AwbmtXi+FnVbXOgGGYiVzPw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>6ii+4f2gIfcKij0+dw2FzRGcKW8VXf65VmHaTv3wvRr39EU9aDm/aplT5dwyj02zxzAeGz4j3Quu5pRlRmFulnK5RrxOJ3y1TCwtZV2RdqjnAtHc/8/j9OhSN5z3wank7i4zkLKSZyvN8ILy5R+uk991BzcEeRjTC/Wv2/dOCAduQ+I5VYdiYFxJ6DIQ3K/+RWWIlD1XLYcFKJYSbMIM/8U0BXLBbn1kSeEDuiKnf2rLrrsmub9n0Axyz+9Dsm4dOiY8hg4mnTazu1ujuC3UgzpRGb/PHUH+CgI/e6BvKTX48hfgUFcw4HHrhfWK0pEI4E2xLnQ+pBvN/YdacEY73sJy0R6GQCagnu8YKPFHwzkuQzBQ8LGSG+ivoXIVAzv0z8MlywF0qcaArXxEQ5tEo0Iyfg35gUFLVekLD803VkwKJQkEROC4URQnP0d+BoFIkj2cwiuA9yp64AdXqB4NOgR3Thb5sOBrRd8MpAWZyb12Cwr2YrDvyRUPU84ZDOpwctATWpTv0kDX37hIN0Yn6XStu9+ZpqfEjd5USDYt/RD8zK0+brq1UB2X0GqptT1R3g8n/ekh23WhmX4T6bHk3n0fRIeqjzL4U9sZK28E1m/nsrvjyEUKGoD4ryKHkCP+7DAeKf1/rfKBcYKg4f0UhKb0GOSox2AV+l/7Diup8ew6DrS/GG5DpoZi70XikLL6fI6hdX8bYFkcgISAl5umA+j7YneWW+/LLdJLIgLuyqV8KQRF5JepKJaL9mJhLNPRdDBnDfHjpRKYCmQgYR9cQw2BImGyCQCEpPFWe4l8iWEH5SdoQKObOuhjYhbXkPI/8tN+IJ7hPMzG2RcXbEzuYxSVzdTW8RuDyAlXCt8UrveWlMm12QY7wf4uUGAXt8lyCyZ4/VjjFi3NGht3wGC/TG1aWfxqf0yo0uW4SV8ce7h+P2+eJNocjigeitvoP1lVvpfSZicICAMFw4UGp8BAavvGGXtAICgBVdWcQel+z1JyKAYGMMX2fU20pN7ZfNYyTKt1gJoIMllO7noU8Fa3WvUoFGMHjGx3iRAb8u8bNSzCalXNTIXrHJ7K/SGrW46ar5tmW7aiQr32z7EXobDr1VsB/ywFBhPXfCOjt4a7J3ezTj8KZKr69yUE7CRbF0rSqs/1rXEct/p59s/BI3hRFlxjopzOmL6iuhWrNn0mSQ33B0RhVMrgPSDPewlzD7AAxUZNi6ejIZVpHH1LLzpnnkvSF/OqNcrFwdgMLK0K2Tow3Q2oFNJk54hayX3tuRoZULhBJZkGs41sgPLU+clghhw0g2WLnGal4BdN9rgejD/OWFQ+drcA6ow8rmVbU4oMvIA1P1MK0Q3Xqd3srAAq6onqITXhwnYydhys/aivrT4JNTpX5Aub1fcvW/o531Y9lSFUEjIV5ILJvdsaCaCZK9MQay7+eyG8qQrW21fxJ0HVKvU1yq7AU9XqphZlATZIT1WkZqXRhMIORTzfe+UCPfqTR3Asmdk84mhD1NLRkBRvxp3uIysotBSynctgU6nJtwoFLeMIvMVLqB4kjg69hyjYjpExUq/2vN6WVNRf/4H0sk4OTJg4Y0VxaTse05v/JpbCv5aNsC8RqI4+2vb75ZQwNsphYqDNaEb7SmaBk/r/gSEwAzNNDwWXHrEC6iszhXhQrK5qNtgMy+3bhTJxIXGu4xsrP+oiyYca7qGx8/Q5SpgfDvbOiD6IX6+7ISxFMw5stiPWa88T2+IvRQN0wPiXHg+uqtX/d+uSk8wzNI7u6eV44nFQTzmmHtPmzkybti4YzgJxA87oG1qS9/xcbjaS9I4/LNkFW1J7AOn3TSDhLglbEHsYC2DJ1F8LgyimC19H8f3u1PJvLk2igIM2NsXTtdErsZi//3TQD9Xtdm6gmBPmh5os3o7SnZaeUaBeJuo1p2AQ3P6RDJLwUBgHs8d5XBzK4wnKzbBJrrux54C85GnQXbfJFSM7FIjRNI+GGBX41m7js43P24F1aYMC+Sl0FK0+jDSYzdLuLBV0Kb3uQjrrFg24QrAtEGh5MSqVNwQkeCchI4egCo2JORSqhwNWhOjg5nxgpIfQq9c0oUzuZFcaLchbQKtTjQaeS8urYepaRn8pV9btVq/7hcT7rth9HlqqkBSJdn/Yph0abvz6I89nYXxfjTdmiIi/y1NVHJrvmara6MiLHnQwrC3ngmVDZZEdxIYgjkrBcMvaZFor+aqjrk8cJs3CSfxviY/hZnP0aA/BCuvzDIAirW3cz9pJ5QelBYDrKQKAAS0DupJCKjX8G71ZPKhC2XEjiwO4i6RlIG4B7kJv4xOGY8rcXLyHdB19A5lzddEIp1qWqoK/+2JwdnDgvYixpYWZNlIIpYqHssTdfOa9U35c/cSKMPycm4XuEEHOeroliAwW/+QSAzvQmxm/dBqvJtRjXoRitLXb3ZGXHmyGbqqr5YvpfdxNvxozbug4QU4ienewiSawzj6ll/euhh6SGG9aTGrtjRZWjK9OiBOMabNMkcUcqs4yUXb7xl8JEueUN4PSmlC9/0QOfWza3lqNNIoFnjBKZ33+o4NmIFO4TcX/ENXAziCRXDWcYgWHs3/nDGPDcwKQv72pE1xf6NfagcT0oTl33ywML3npf9DWo+UBuj5JjYq2KlN0sVcfWT5IVPL7J+zSNrNSv5XACfbkaWsAw54qS3iGd8nsywJuo9k1j8t9hikXhxTzbAuuBHhwhuJchdbuDbgM2kom1EEPEcSis2CsNqAY5xSx5Ce8QWtdBys7/oGLeRIGN0qKjQI2vF3m5SxalHnloP2n5akGCjBO7ZHhcEptEtW1j3C/WAHc5zjiVzrJK6hj3hVUUGr8TS8FnOkFTQSxxaoZ7QtLI938AJsjhLEN6wa9PMZNtCmRh/RzHI6iSbbvpVXB4WF2KvysXRrJ4ecIT74mKIJC/rEhMhVhBAJYphA6pivVbfHySZxAooS04vlHRBpP2BspgNKdybE993gLDpQWhLQa9cGRdzGGQ/GoCH6lpOvHF3Ie1fiswOMvyRKz5dc1z1RTAvFxxF2B3go+t9h8admWjNTIXUTMcDiSh1IytUjwmo5mXeKFAuyoKTWmq+hcioaPs/K5KPZYest5tjZTc+KvKXzrKdlcwJcTKtgVuEQ/A85EzMoUscV3ctKD0mv2vNycMGZQ7kjHsZzlx2Qzap8z93H4zx80SwBGnXjcbD4MGyhPvAcRU4GFZmacQn3SSgcYkn3BW1sRJjYgpCQ3a3oSeK/s4bCYTT4g1ju0Uu/x8NuhNdu0A06b33QE5W7cDy7V8aReGzhjv9QmlipOyiJwaPBw6NCLdWy9jrjpkrvAvh8XMhkyuGoiydJ7jJutgyBhetY12qJ/qV92niUfNhHC6MUH37fTkdE7/dFq7ufMietSb+Uey7zvpMwnYStPkilQFieO/haGhv8oIKEgT+PLCJntp9lTQVFuQ7VC7GN/QSND0PY+W8BINVgFhLJ09Qvpi8EdNwY1C+i2aiiUdnaV8D5Qb4Q/RA0tAK5q/PdFgZA1tN6VpvJRHfrI/PHG2+IuIRIlkkM1yAvvpuS5cXzOYKBWE7wE3Cn4aCfaVG+8KEZUyO2MfetYZlLbHKodlsK0XF5xe5wmCCnuCJocO9nrq3cDmo6Q1lx0fDoOEBpv1cUnztoTu/MBeVAZiwB7cVFUejv8xz7ZP6V3Wjqs/W6UpdgAksZTp1NvQiQZ0W0Ha/+lnvtWghqgwu7gXlwogjnIg/x/9Oe2u3ecohR14rss8QCOkKIcV4NPMLdf+y3yz+uTj8aKiTnWovDnuTaOE2UTzcQATPDmkQZ0oMjeXJt1vCjH5PVu9AWX3vy56B5PrVwsp4RPZUl2TWjayrltdhWpsUd9f/goFJR1cp0WpVOavbhKpU9YSvUt+VqyXR4SOOHY8dG+Xp96GQvEzjKZmXVRl55elnEJbMaBneXBK91Zh05pD0fplX9r8q2Exgx2aW2I9eTLFkqEA07MiFI7QAvvCReq0cGXZdUj5x+tYEzmWo/YJCoGqDEX3pUtc4egPcfzR6MepJ7bDkJHUgsvFXkud2bf9cZMfbT9F/a/75LbCx9UB7I3AqhppCAw8aFKaN27bvF0/qpmcK/3cKPWRuPPYagTlkZ/Oark+ifOJpHLOyGliTm0QYfWheb4/FhdZZRJmo6n5HywQb/fk4+mp+9S+c3dF4FVWNJxR957hQPULPMZHNzbc4CMv7/R7WIzbfF1nRKreAO05YDY8KLP9Xczq5R+imP4WE67NJwdA8dmyoMwpNVcQmndT2WdF564MNlti9SLIfNoNCuXmXgfwq0WonaAwH/Fdz7xf3vYER6gYK21A+nKAkZJwofzFLkhB7JQYi1IEAjHV3jGWIDGDgH9u7qntvUXXrAgMzwhu8DLgbXhMMlIds6MSQtHrUl+hmOzpJDRIIo/FcPBCYJiGe5NQMAe6mXIyKv/3ZmAXZg91FI1Au8MnGDSyGAQT8NjWnSx9MYuLX/cVJ6NmuTtuwm3SmOHnoSqGuG4sTYN9opkqFL1EF3do9DiTqi5GWHklUys0s80yThPSTDtRliT+Kv4C8IuAwWLud4saGMO7pAZf9IZgp+77eldjhVrf7iSU1oqh6/zHvoG2zEXNw7N+4eGv3LhYn+S3X5RS9D3IulSAtbnn4e1FSNw5bjntkIJuiN1EFY6ZOBnpAEfRBvlLWva8vnu08wOhnLZhF4hlgE/gc1nHRJrFnIfdFTwYf50dJI7sn3MyPFeDNV3cVlQIdCI3C2rm//iznyv4PRszoKQOjA9x8xhkpJOfFV6ryeFyNrpT5NzmxgVtQXsCckBtgmsOkMZZvcZa0/JhbYkQAcDq1CLuQdLm4z7qQMpx0oYCLLn7jS8cCtsRKXJhCuuAVD919SzZ8CvX4MaVyJCojpnOEVHgsn88vYtGUWnJKAfHCmrAw0+6Sw6zrLd93UFROZtOXQVmxyKESnAmsrSWg6rf/CCml4y2dwxfPnHbKCni16qto4GfygfR0y8ouIyjFS3rNNZjn4wwqX14dT4ml1DUZSCx45IJ68IzdWi8OzT1jz5EEicDu8O0sOuitILtasXSdvI7a1mQuC3dHC/LHD1SEzDRNSo13xwR0X5LN4qgEL5BIGA9A+Pp4Hbx65PDodSJsAe2NvNcEvx8BdztGYMcbPv9IrLjTO+TW7BUL3UWxogMdqspn2eIf6+eVuhCUqZQf55sfs7woHEor7/PpA+7yPAtnsku9Uw2V9oNv3+wWtYixP/YwmnO7nfOt/8bP1m03Egk+eRe2npRLLt+worX/xZLbmyiuYSUg+HzDVMdocE33b7S5z0Jve74DN4hA+10HLEo4dg3/LsMtAlYPqk2Oo6Ixr259GfKub2X4bZ9hFG8lwBYJZOFWOIq88UH2KfGrS+chqGAF1xp1YS+o8ROCayn178APMzGG73Yka5k7gSEUt9BSMtxiCFmrKw/gqQPFSumk8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>