Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxf34c0bde-2c83-5898-a70e-9ccc137458ab" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxf34c0bde-2c83-5898-a70e-9ccc137458ab"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>6SVaKZ6qUaFLnmMH7OZFtI8BHWU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>p053cXmOqcqnj3au20SzsjAxRgJJxa3ofg++hgQibiIsqNsFEaGFM3QqXoPcemj52QMYl73Qg65KET6BSZ8RIyxm0LUqs0nWlGI5PJkBB4+Oub+uKB5wNnbPo8GkLC+R3ZgLhi+XIRGATwSXnCy6yZDtd1rBvHav4ak7aNUuA28=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx2dcc911b-4ef1-b2a4-e4ff-86435ff1d028" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2dcc911b-4ef1-b2a4-e4ff-86435ff1d028"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>blVMQbOYjrV++dTV5Tq22ABjRaM=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SCteSt8woLSOWZ7aL++IWhk3YrbxrGuxpyjqkzKRz0H4rDd3Nb3B4c2Klblrxy+F7nMg1hPP5NLWyeNWFtwtg03vmvdu/uCXHzSbUV+I0mYe9eYpO6jJN8tPHvoTwWFfOJQigv+i/3Dd76AWoACLuswyZ/zEbHLqZpT1556+FRw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx89e68aca-ceab-d7c2-0b27-cdb5109cbff2" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx89e68aca-ceab-d7c2-0b27-cdb5109cbff2"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>hE3j0//blB5KOvVlwCbtQWtiRIw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>JtVD7hXTlOIMiK+cTsWgSKhkwQjII2wBGNUPae4QPvb1wq3eNKwbVYUEjxN8uUiWDGLXaTBTxiKCs97+ls8f0rOSdj09HA+SaJwcGM9mjqloJPgu7l6lo5YhIGRWpN3ad65PXuS3Zv7vPbCWU28A5nPHMnlIEvi5xWugc63esQY=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx90646a16-7389-5918-4871-38c23a4ada4e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx90646a16-7389-5918-4871-38c23a4ada4e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>487SC4y98QyMSBgZVCaNGOWSbi8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>n7dbjdbGShIbEOTbEFMKWNuMCbZnWJFT3wrfqUC3gPDY76wPn8C3puZ0hSkyBrYcYCLORcECLO6H0EuZdLOZyhpu4GrfwmsTuECvFzgLQghdp4bhxIiH/bsfj/iqikvoVl7OvRlNsy36gBaZ8hiU/QV5h0KWmmsooGR1iJHl0gI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>BfFCoFIGRHDbC4Yze7Oicb7bRKnUQfHyAd0eXMGAhf8simUpmGN8ehn7QytE+ZMIp/C782Ilp2OmH0mkg9fgzj/rHDDJgDKSdlSoSeirJNK86XAOLvn8Fgijk2oem5v0dmQpOhlZSdWzubx6J2hTaTPz4WxkcG6yJuy1yIE1Rpg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>xJozutd5RvmDFzd4YdzS/UTrOXIAyJnUL9b2dQrPBs/ydBcNjF4NCFTDfXdfYmfRCgSC1PEbpbaCLNtUxVEfcspm1rV3PmMkjLJm1SQ/xZL8CIumKfsHxlSY1pmAUUII9lV4VZpUL9gdP8sVWrpE0iC2nmahYaQWahAIMaFkbfDYrdQUX8QMVSH3260d1md36t7Uz8EVoOIGZgtWJu0e7ZKP4xtdqJCjT+83op4EkDKJAtATfgk6lOSbz80+jI18FvHtJ26BDPPgTZMz1amLeotjlypJSZo4aPmnAHq0bAg5l67Is/DX8tcHXMFuaHsIRW1q+8Ofz4tDc6SkARRc0yCuDuFGcn+ld0P4UzdiHFTmLH/5Xfxnjtl6R1ZWwmsJJxQNDk84yYY+xhIN/+zGWE3TWszJJE/2U+g70J1FSxfiBKXp88BsiVsc3KgXgtAtGxbtpIWFEVgru08BWPp84tqvixkqQIuE/6Ty63KZMzbPHziM0x7rnQ0UN75VOKntCQJwiZxCMeZaA7S5A3v7mcWw0xH3lenCU6zujzHxiK65CuysvhH6KFARy+YfusGva2Z7MVhsAjD6SUcUnPpbnXCRQrLa/CchgNWG48OBstXQmpRwt0JSZ08TK6v3c8ZbCUAHRfJoOvrltceEcCzEA/uxRxplOmiYxVvdTfKGefkoxQ/ezJtEvyoYJklRUYWC3E7SQmDBXcIJ2Qmwz8475HgH8iXb/kC77pH6iWzjW+/Vt/g9118UlDYkX14SFVh5Z33WgmAGNHtpGsJv2g5ZbPyv5S44pVNBw5oofEk/2A2ir8spL1Oc/w9IB0iULMgWj3HUtdcUZZRjeL1Q4vu0JIRoTM7LxE3HW2ch5DMKONU/V7oWCDxVQzPri13mlUFpedAZoqkzA2CtT8MsrapSwlveJ1ZToFI3rymO2f2QiOtTnwtu5HpUkOXhIKzS796JWAiq7ny9Ox/6okahnkZnrgSFHfm1K5qg4yByAXGMjSe3ShmI+Xm22iPcHbSMMVyblpJi9KiTmTaXhlzsfeJCDIb8WEtIDmX8RCkh50Q6X9O5Vp5TAe5LokdmfwCL7fwUhnbzedDZR7IsA2VaDV3H/THUzaoMGSIpr9EXZdMkI82bPn0Zg6Z6qmxiAMlljHnvkxp+e4EPiFOdcwGO2JXFMKt1uegn81fEGUQl9RGyERQrB04r383WlwhF0yZJaIjhRQG56gXK5lEjLVzSI0Y/pYOKVo5jLVlBBJSg6V50XTJ0gttss+XClgpCxvYwW5PBoXjlW/vvwRaS+bGD+hER8IUhNdNsoM3pul8TAo3yQS0Nf74hyVcNy7009eVIUM5fjkIGZLdx1RatSPkKKriq1lkV6mJVfW5GNruuJirGrxLxtrml6ueJquWMiQeZ23xgzsehAqYC/hpjCY8rAsOXlmswnRmxjq3OhjdAukouBK0DwqFThIWIBdgneeTXdCyH35ZFb71Q8l0kxCe7zLHXiAFq+sa970kTaOoc50Z8/hWwVuXTiw09ASEwmV4rICvxZmqYfXfpRfCYJGbFjDOHIrv1b+2/MQ8NqmgtN3PPnj8yLfc5gFUjSDvW8pY1m2raCBnZkc1YW3qQM5xZn8ouIx8Es/tyMVBDY7kNpeVZzHrmXYvX9EW8Za820VcQzNiTBUUWvzTbeYSAy3QsqTXM7GSzsXKEiN5Q+aXMT2JsJOEWa4RHVCgFsRxEBWWsL3hTLqbFGbQi8Av3dcgBteBqD1+48dh7R+azc58wsbHUbFEJKrvYGfANGAlZQSdKBo/6cAFZppYXeELOETNSNs/pTLjmm15j2M7hz/LIvSNq9Vj84aZYkhT6sAOrcX03fkGygKrwowK1Gnn0c96PB45P95iabvo3yfsQ4c3xT8WxfNdw+sPnT242ib+vvEcXffFqPR4vheOYcvSdfcALiez207bCq3qqXOkfeY656ItOTJzWQIYKaTjnHeNG+En3gUQsUmPioojYw3GsLndATTKoAP6AkQ8OqKHI3emH/6uplRpe9zqqPwhQCh89pIkXZHxyEFwJ6FO7LusqVC8j+NNSFAfU3bEVHOFxNgtPaQzNrwMJiIoxK1USs4nUPdp901dQEl79tEnaYX58nRboiFehYA/VHEwHiz0eYDV3AAyX3sMd9Y8yJ+UswW3yUyB5yH6avI7/QJNVAfZPctsIgU3fXWWZHWYtcKxjPoav29xsQrLDQibZIsDVyJclTN8fI0+ls8PwqCTk3/Dx1x7Awa1UxJcaHV7GRn/t6mxKwwbFBwuq5gfzHjL2X8xThZeVhuXcRvOt4WRyNXWv4qR85yrf/BvhjGnf7QxVW+f/UQk0/lFuobs5VHAf5gKs6oJxycudywEr720eAJnfm+QCZIDyD70O/EJgwf9klXVb8KES1EwJ5Ib21bj/d9hSoZh0YP/iNAP+GCWHSoMQ9WikiurWvlmYUieWGDcrJPHN/zVHVgXOGqubjvGQkV2+sUJibyST+32XlxKJaMf3QzKGrHXftZyDwwqsLPfrjZQt6U35f05LbbP4aqf8iCo+CkSZegHZY8cW4beJL5RV6g6bki7xWDOv29QCs7E4hVbzYpiU8oAZzrJlU3YRmRkdKCYb3PH2Xy7zWHEqC6jjtVc63yoA4HPacQsfRK+9Yg+J8DH7BmJ1e2lNom9JAyXpiDKhvp2j33E7u9G/fIr1/xXOJUFq1J84n4rSI9L6+uDPoP+DgeEUhzQqAdzUaZ6xAOTIwUo2mX9AUUnU90y4iz7x8UB2OI5K4pMD5sHV0JblLdgHvdWsga1lSh56mVbnEcLnNoputh+2NWUPpAHJpJLSOtVnSlEAHmgfAc89mQaqz4PILU9k5zW3b4Gej/7ohoEcHUdh5nk+9xbHUGdX/omrxhZXCw1NZ0BdXI1cLm+BL/sx0IQ=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>CbhxDZSJsbd6ywzBb64JUpllLehK2tRZV8pu19F89Ybr2RiDwHsVZYg4ewtVa2WeZcs8dvdCzm1GaXHMZiM5OnbP2HUrOTiumUoOLTW9nr4JLJLrWfVatA9XpMLRMblO6Vpg8qpwqSLBDCarakl/Dza4ZFEAO/4g6UKbG7BW3JQ=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>GY6pG7LkCgrq7frZ37o8j6gSgmi1TJUhxi9pINFuusC/fnoGT3utExRBjVQqxwRf3enUznzdV5d66KbaaLHy2yoBH/Dzwk5Z0eytPcuDEOwVMIa1q5T1ydzwZoSNIMnPC2LbmblW+Dhm8Jwy99ww/XlYw0qEf9t9NvYHYEDdDbgh/kxYiTYGL7uWyCZ2RBnntt9NvN8HrJQy99CD4Q7r3SxO6MSAD2uA/w1ipW7xDWJPEB3bsBdPzRZH/hFW8K3pZ6B2l6X7DgM4b3/vc3dBAqsfu5iREWPe57WngQkfQQEEtoLVzDIVevN51ouVbv+m5ILyJMr4N8osiJmrDa3Qw+FQuyi9HCN0MdgQRhQSKhptinYJqE940OJKAltLRh2B0kmKoCIsLiUeVbqTvS9XpxKaXCyEWJV3zjdWdW5bVOC7EqkdBPrgLhhuxgdEixMOVU53Qpqrf88xXxg0fdSkqmqvtkQ/3HuoECZgU/CDE2QoFIShvpX9mFTQXbpddqU0HtRgRAQIKF0ORrBJ8tdn/dtHt+AEFxls5LrMwyysvNlNgl42neQDz1gqCr6N+4Hxu6R0SSy1G1wfDRKpKH0cJJOSMSQuvDzyiE8D+G6WTZdWO1yE0LjHfW27GiF/Z/j9q1s69hl7yP5TwLkOUFfQpsvCjcUYgN2KGpu02IC0CX47kEXhZODB1T0skv3+MiOXrvhlwpp8slMyn7zGJFDBUlpFebEu9kd1qDIuJpENRsCO+1GmZi57e05uYrYRFPZ0rvrG2zoxD+UIiVVSReEczkBKxX7BE+uumUINxCj9VvMe6hYtHp+c56byp7fVyZ7t8FOvpMEC6CmrTu0JeHzCL8Ry3nhOjUm8+IM1OEo9lTCVegWmbtTp8LU8limwd05yojSngKxPZXmOyNVAnGDPFH1eowx80aEobrfIi6inRiCSrTsGgcosGuberGx2asN0xsafN26t3CQ8sUB+Ycl4+U8x3kZcHiAf6KNX+jWsBiKc+z8ILO3EAnL7wNfS6qN5e0+/GN7sNIjvGUgNqFtPFmdk6FrL4fWeIGQ7DmdrreeNvkoxm5iRMhVn1yDVIIV2CzBKz3nAVSolDv5UtbdknV9DwHxmstfxbduXhIDvw4e0OQX+WtZYdvAw4yZU/3maTLYtMQgmxw6kLK0apShWF0RX6jB5GC/G8yYyjjOJF8fxBkM1IHiU6gsD0KY9VtsAiXHAf14EvZxfX/ngYIIs6E71JNx5vaN8zgOidmxCvu4TpEMObJbozBFZo8Cv15AepO/4svjmrNsiofmDU4BVcDj6nTzCsV+qbgLosCUZ8v5lcey7zYVdtxGnctlcQC1LsOwDJjmGxJq/6Wr6SA8NZs4wZKui7Uf/qMAOOr8aNNfumdEmnj5ojlfvrAmx2xpvgiJCgB70jrEni99+QISZ3/khb0e/rvuTuyzbhMEhvX7uvAltFU6x1wOMqQ4B+kkYfQ4E2IetM/hPSesCE/lJrOt3z/HMZNJj0y2V/2PiAlyTXOSzuOMOSPnKj/LZv9r6ylcloJOA4de3SqQ4AeCzjBqpBHLxmvtl+PA7XPwTMZuT+0nadQOcdIkiNuvMdUscAwhdtM0pigZqFRcHyUWrFTt6vViH6qe/Id4+mWjxGLHCcmqCyH8fpEGR0BMHUNwnM7vaDryNt+pTF42oHZ2X67X/tYwDr0aTB+E9boxAhBFsSJlJ+eSGs1Ie/neqh256Z8hLrvejfjVLuqwuIv3xq0z8Ccky+JCJrRqhM5uBtI9sEfzZBGJjAndm+51ySSyhWVD1mFe6u8EdzATUTIckHA+LU/YnsoLWLvT8iCuDJFgyFy0Zi11VuA7hl5khCh/WiSK4XdRcZJyup0qbe3W5wPeXKlkz3bHUct+VJjN1E338ZOgvDNHhX2y7Dd4fE4N8UOTxRxZdStKOp07L/XjN1PPy8OVfQMtbxXDr+Pglp4K9dbJLulRaqImzOZ9Xopl3o013cT/wP+rfHOAEJ9rAFpDqnRR9a1yiqy17UJXKT5lYzILciXYuCgKKW+H6bCCDg43owcdTRCZ1zDesfFl7k5Xx9CpkBZyxYce2+Mxg9jyTVBZCzD3VMpzwyZ+uFDJ5uSmNGbMXodUxdMbwbpUc10DFsOZFy8EkynzQly0RwBjlQPxSzEn+V578omWxnOFs7EXUApoHjtdHvbC7yErSeG90GfipvYCeWkX+UljO2EzztqN0MXPSFl/yslx7rSpxppcIwn1KfImg9REcSlIIv/j29r24wNmJXgGEbIaClOpgK1ebzGdgIaIp/m+su3M5pH95ebipJ3wo24BnACWa2OIUbBtAxFdmnt79oC4E2yROAMAe1QKBL7GMFHv+4HCP1Mrv8BKusC8gEjP2NIBvFxHTQfjWWR/4wVk2OgCxlwP0ZBYO0TLbGGzwOBLB7jTmKydmh0/NKhpwP2/AhocMZg8GDncLg2OjX/0PXhtqRo0ZkDD/JAgGdY1mEQed+DluwXmbgkCJdptIJV0HZD43g/4nuXVlSg80b65Pf096LwTMFchH7ZwMQCwWZtbQR2ZTEwE021sAt9I3SAEBT6oOgkgQZ0dbyWfAPQiLkf/4bEaKrT2J3d7fUYlvrWes7RPKjpGSaJE1zhPZ8YYwdPHEbbgNq/2FPzflLYPPw0XIatWkjbKfL7pp3VwHdVMqo8Pge+rpXrTZ7GKp7qQoCbx7zCmxEzX+r5dNHu3ArM6voWiLQRSSDxYD3YZX3mfcYauSBUSFW9LsjJGVCZPGYR9WM7Dc7sUct+SrYQogi4De0lPrdeHrdGlu3BuUafglDt62ZHukM7hK9e4y04ouyS2VAFS1jfjExEqKgAovBDy7psmn817gFvZIwpzAShpqpop4TiDX945BpQnmJPh03/fMKIxcliKYzrlWk88pmBbHFj9isW4K0gNLnZvnAv/QrBuxrFi1Xi5wKMtE2U3rVzq5HV5V3cQE6CGhAa2lsMZvadZOQvJuAC76e43kTcyOALSuuo3eOOnACissvYnY4fvDVg6C9QlVK0czhdNVRNPPEgqa80Sl2qO9Jt13KQxGsKcPHSxx/Hr9ehymZx7/a1o9ioQLIHQGtfeh27ZhaXVbQEI01mAtbfqEYvudAhHvGpQg//dVHwMSj5kkMBwFxPtmMvG3wQt4KOsKOjq3bi2A34F/+YMQXJddMPHxt3m2YSN+TFfwrXnh5AcUZ056P6Jq8IU9HqgCoJlwtlMO+PsfddxrpGsjXmvGxCxf7Vgn974pnjgr7sxD44fCRf1v+UeN7/EuJUfAO9BfCsGI5sIA9XKmQikic18KVnx92lDXg6/b0vkPkvBGmrzBRRP0x4KaYFzCKZ7LDTu1FLUpO22MzVMaXoJHMTNeXnfYXtJKFIq7VMRjOOgdTgVVk22YmQXl5sF8e1J2J92AXk8anEsZYFFIizdoBrYg7IbGt2rLEIBl8oJeq0HWUv7r+5BnnEADCH4o7/BA5VmM6WPtShEsNOGLsjsTxWavp/C2msreDTilbQbG61Vufkm7sBvtRXhG5PFJXsRW+N7CD7yoDGSakOT2dGFPd5lpVsN7EYbOMnrAprlsJ2IV2no/5KD3EAH8G0lw7JB78ZX7jWpqWTS2RG93egGCIrex/LHVWh7bXpWxHjHR06y0WA2sJJ8swf1vwO6zbTwpmnGJjEehFsRY1uSlFGBxJ0TRj681xiweUKfItdo40jAG/xOfxdwu/feyJJuqm/1v2H7cqMBWgGI08Evbu2XJ0Wad4lprVnhQsdarDTVL7OAXTz/G5PiB2Rn+jIcho3LiNPG4W2DVEry5IbDLxnjkydEY4u58OcENFrGoxx8gMiHNyRlofyodcRS9xE0t7YgJUahcMzd8yHsMf4rAT8QtlYDNE6W8+EmSUooWON7Ray7/BzwW3j4gtsOyUxerK6TXeGxP+c0ActxaMOaW1+TOecIfu1fWzL9QrG1t36N2hWEQZa+JmFfWfGpI5equKLGbXLCtWoswydPQbYAubPrZLpgv3ggHBy6th7+QIH4VitC5FEDtPujxCBiYEXVX04540JZerx/JNV2SFJ+JEip/+0pJuTYJO1+Vu2r9+9ve8YlMl+UNzI5yx9ZiSun9t4uxGuQhnhW4RlSKmqukCW0HapRtbTf81UqW3O4cGRoKkR4diJxTozvW9uHTxTnHORvOUQa4zZEKL44+HZsr9ExuSEiQ8Sbc0JlDDfo4gKhYF+E6pKU+FMm5QT4wFgOaqYbbiCKfasBvcA6xXlwaMRVxV9smc4YU8oaZAxBMeN3Gw0USDMf/cPiF/yEDdQugtX/1OtxFkbh34a/0k9SeXPyAlrw/CHLbi9EY8fMWBhq1PmVKN0xRJEPP1pybIt/N8KTehenUm95BeNYF+F7cpvNc7vNjGFlqUSNNKDlwgtEV7sUgPYHJKzU14akGx1xVo2Fl0tHSJuW+aksntC6xYS0SSlLIglRcEfAEnahtGaavaUaxL+t3CcgOl2SDBH1bSdvibpIAAHK8HqC0v3GQD1mS5mmV4oaMC1u1B8ZlUtqykA6kP997cpWmjti7DwQh6n2BBUYxC76cU7RZV1VV+S83U95EjjzRZvkbV+Vze8NCXSofPvnylViUdPJCVr6SaLXT2WJFaZOrDViFHfOKKj1i8ptOuJwvqx9g950fhMaQb6n8FR/JNLYj8Yg7h5PGRRv2RXpO7ALZUqAOaPe9B5zkO3FoZaUl3nA1AtC3jUb5P+5CX4v13Ef9a4KXG+MzNLj6zoSQsQOiF7UsSJ23PYM0pmffD4zK5rAOK6S6q4/iX0dEfLdlL/Vm4n6a8/o2s7/SO0N4x1xBQowowMsl9ave4gUBmO2bDzNmmzTH1le+ewCsCixMBDvFiQLQS0UgEIaX8QVbNHpNwUFCJBdrr/KFRtkWSagR/4miRZj66fzON+hN49LcRNc1erKNwEbnEBZyJXO3wAdxVZ6H9UfG6udI5kL2akVeT0lVytBQCVuE6uU3S0c+zR21r1gBDf3S3F/RIQVlW2dFXbKzqsE5RT3rXpW+kFpGThAD9vSD+9qBkth6oubrrf7ZN0cltoukH7O/r+wbJXkgnQRoWzaJRLhkI7+g2EA9VDWGFqRaXXegi8Jxzu11Q03bHrVSw9efpPA4L5Z4E8vGXZzAFtmWJDJFbdjDoTaJHV4A7MAaAU4xLdEHwnM8xnBm4/EEzDDqssQDUiTMqSf1eVNqun5Q5xkDqEIu3uZWM33Z8wqc9s0eTXhXnnEHvmbFxgRgm67CYz/6FU9ujVasSntUyceWurcALGqbv7d0FDAClyXq2xNsunqYw0GI2y5FA8OglRAppV4By0sjoa/wpKtog6Xny2T69u4DFxe6XqvS7N96/xkagdgoA34cC7uKRN43SVxxT7eTnca2bacVN5sI3wm/hOizGQcTu34+2aHTfLsuAMKe9HBvLs9WMEgODBvIiubZ+fF3Xzc8AoNLKmyxUyY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx514b4032-27a6-6e1a-064a-33a923f22e52" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx514b4032-27a6-6e1a-064a-33a923f22e52"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>SNY0M531EXmC6nMzAaKdHJERpfo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>BCsr0VtViI3JlaAcLJ6vM3G011TYjbcEPQ/oryFXksakshPYmgQJ6AgM0LhUKpRJyG4FU8oVM2J5Ukxj0tbFIaOvtcU+id+fDRiEVUgKS0jUm5n9YvlL6dnTGZBBatdR6P5QAdvWVZu/Tn5ZysNwOleuesuajb1xKkvQMjWSSw0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>BfFCoFIGRHDbC4Yze7Oicb7bRKnUQfHyAd0eXMGAhf8simUpmGN8ehn7QytE+ZMIp/C782Ilp2OmH0mkg9fgzj/rHDDJgDKSdlSoSeirJNK86XAOLvn8Fgijk2oem5v0dmQpOhlZSdWzubx6J2hTaTPz4WxkcG6yJuy1yIE1Rpg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>xJozutd5RvmDFzd4YdzS/UTrOXIAyJnUL9b2dQrPBs/ydBcNjF4NCFTDfXdfYmfRCgSC1PEbpbaCLNtUxVEfcspm1rV3PmMkjLJm1SQ/xZL8CIumKfsHxlSY1pmAUUII9lV4VZpUL9gdP8sVWrpE0iC2nmahYaQWahAIMaFkbfDYrdQUX8QMVSH3260d1md36t7Uz8EVoOIGZgtWJu0e7ZKP4xtdqJCjT+83op4EkDKJAtATfgk6lOSbz80+jI18FvHtJ26BDPPgTZMz1amLeotjlypJSZo4aPmnAHq0bAg5l67Is/DX8tcHXMFuaHsIRW1q+8Ofz4tDc6SkARRc0yCuDuFGcn+ld0P4UzdiHFTmLH/5Xfxnjtl6R1ZWwmsJJxQNDk84yYY+xhIN/+zGWE3TWszJJE/2U+g70J1FSxfiBKXp88BsiVsc3KgXgtAtGxbtpIWFEVgru08BWPp84tqvixkqQIuE/6Ty63KZMzbPHziM0x7rnQ0UN75VOKntCQJwiZxCMeZaA7S5A3v7mcWw0xH3lenCU6zujzHxiK65CuysvhH6KFARy+YfusGva2Z7MVhsAjD6SUcUnPpbnXCRQrLa/CchgNWG48OBstXQmpRwt0JSZ08TK6v3c8ZbCUAHRfJoOvrltceEcCzEA/uxRxplOmiYxVvdTfKGefkoxQ/ezJtEvyoYJklRUYWC3E7SQmDBXcIJ2Qmwz8475HgH8iXb/kC77pH6iWzjW+/Vt/g9118UlDYkX14SFVh5Z33WgmAGNHtpGsJv2g5ZbPyv5S44pVNBw5oofEk/2A2ir8spL1Oc/w9IB0iULMgWj3HUtdcUZZRjeL1Q4vu0JIRoTM7LxE3HW2ch5DMKONU/V7oWCDxVQzPri13mlUFpedAZoqkzA2CtT8MsrapSwlveJ1ZToFI3rymO2f2QiOtTnwtu5HpUkOXhIKzS796JWAiq7ny9Ox/6okahnkZnrgSFHfm1K5qg4yByAXGMjSe3ShmI+Xm22iPcHbSMMVyblpJi9KiTmTaXhlzsfeJCDIb8WEtIDmX8RCkh50Q6X9O5Vp5TAe5LokdmfwCL7fwUhnbzedDZR7IsA2VaDV3H/THUzaoMGSIpr9EXZdMkI82bPn0Zg6Z6qmxiAMlljHnvkxp+e4EPiFOdcwGO2JXFMKt1uegn81fEGUQl9RGyERQrB04r383WlwhF0yZJaIjhRQG56gXK5lEjLVzSI0Y/pYOKVo5jLVlBBJSg6V50XTJ0gttss+XClgpCxvYwW5PBoXjlW/vvwRaS+bGD+hER8IUhNdNsoM3pul8TAo3yQS0Nf74hyVcNy7009eVIUM5fjkIGZLdx1RatSPkKKriq1lkV6mJVfW5GNruuJirGrxLxtrml6ueJquWMiQeZ23xgzsehAqYC/hpjCY8rAsOXlmswnRmxjq3OhjdAukouBK0DwqFThIWIBdgneeTXdCyH35ZFb71Q8l0kxCe7zLHXiAFq+sa970kTaOoc50Z8/hWwVuXTiw09ASEwmV4rICvxZmqYfXfpRfCYJGbFjDOHIrv1b+2/MQ8NqmgtN3PPnj8yLfc5gFUjSDvW8pY1m2raCBnZkc1YW3qQM5xZn8ouIx8Es/tyMVBDY7kNpeVZzHrmXYvX9EW8Za820VcQzNiTBUUWvzTbeYSAy3QsqTXM7GSzsXKEiN5Q+aXMT2JsJOEWa4RHVCgFsRxEBWWsL3hTLqbFGbQi8Av3dcgBteBqD1+48dh7R+azc58wsbHUbFEJKrvYGfANGAlZQSdKBo/6cAFZppYXeELOETNSNs/pTLjmm15j2M7hz/LIvSNq9Vj84aZYkhT6sAOrcX03fkGygKrwowK1Gnn0c96PB45P95iabvo3yfsQ4c3xT8WxfNdw+sPnT242ib+vvEcXffFqPR4vheOYcvSdfcALiez207bCq3qqXOkfeY656ItOTJzWQIYKaTjnHeNG+En3gUQsUmPioojYw3GsLndATTKoAP6AkQ8OqKHI3emH/6uplRpe9zqqPwhQCh89pIkXZHxyEFwJ6FO7LusqVC8j+NNSFAfU3bEVHOFxNgtPaQzNrwMJiIoxK1USs4nUPdp901dQEl79tEnaYX58nRboiFehYA/VHEwHiz0eYDV3AAyX3sMd9Y8yJ+UswW3yUyB5yH6avI7/QJNVAfZPctsIgU3fXWWZHWYtcKxjPoav29xsQrLDQibZIsDVyJclTN8fI0+ls8PwqCTk3/Dx1x7Awa1UxJcaHV7GRn/t6mxKwwbFBwuq5gfzHjL2X8xThZeVhuXcRvOt4WRyNXWv4qR85yrf/BvhjGnf7QxVW+f/UQk0/lFuobs5VHAf5gKs6oJxycudywEr720eAJnfm+QCZIDyD70O/EJgwf9klXVb8KES1EwJ5Ib21bj/d9hSoZh0YP/iNAP+GCWHSoMQ9WikiurWvlmYUieWGDcrJPHN/zVHVgXOGqubjvGQkV2+sUJibyST+32XlxKJaMf3QzKGrHXftZyDwwqsLPfrjZQt6U35f05LbbP4aqf8iCo+CkSZegHZY8cW4beJL5RV6g6bki7xWDOv29QCs7E4hVbzYpiU8oAZzrJlU3YRmRkdKCYb3PH2Xy7zWHEqC6jjtVc63yoA4HPacQsfRK+9Yg+J8DH7BmJ1e2lNom9JAyXpiDKhvp2j33E7u9G/fIr1/xXOJUFq1J84n4rSI9L6+uDPoP+DgeEUhzQqAdzUaZ6xAOTIwUo2mX9AUUnU90y4iz7x8UB2OI5K4pMD5sHV0JblLdgHvdWsga1lSh56mVbnEcLnNoputh+2NWUPpAHJpJLSOtVnSlEAHmgfAc89mQaqz4PILU9k5zW3b4Gej/7ohoEcHUdh5nk+9xbHUGdX/omrxhZXCw1NZ0BdXI1cLm+BL/sx0IQ=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx3f10bc53-fb09-c1c8-406d-6a930afca558" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx3f10bc53-fb09-c1c8-406d-6a930afca558"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>nNA/uxUY9pmce3wsGm9BAoVDm50=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ALmg8LBRtcPDif//K0z90J4gEjlgq7gdo2R/EYaI0uTHu7cALQcXneAyAY/U8++GKumT3qfpBQM/gCMfvz8mWzo6+kuAqGiBU2fADi+YX2Me67Umhg2XwWfBqQ5QwP44HueIl9c/H1/utumIJ/B9sp9fny7gSjLhrpzap2qDdfE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>CbhxDZSJsbd6ywzBb64JUpllLehK2tRZV8pu19F89Ybr2RiDwHsVZYg4ewtVa2WeZcs8dvdCzm1GaXHMZiM5OnbP2HUrOTiumUoOLTW9nr4JLJLrWfVatA9XpMLRMblO6Vpg8qpwqSLBDCarakl/Dza4ZFEAO/4g6UKbG7BW3JQ=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>GY6pG7LkCgrq7frZ37o8j6gSgmi1TJUhxi9pINFuusC/fnoGT3utExRBjVQqxwRf3enUznzdV5d66KbaaLHy2yoBH/Dzwk5Z0eytPcuDEOwVMIa1q5T1ydzwZoSNIMnPC2LbmblW+Dhm8Jwy99ww/XlYw0qEf9t9NvYHYEDdDbgh/kxYiTYGL7uWyCZ2RBnntt9NvN8HrJQy99CD4Q7r3SxO6MSAD2uA/w1ipW7xDWJPEB3bsBdPzRZH/hFW8K3pZ6B2l6X7DgM4b3/vc3dBAqsfu5iREWPe57WngQkfQQEEtoLVzDIVevN51ouVbv+m5ILyJMr4N8osiJmrDa3Qw+FQuyi9HCN0MdgQRhQSKhptinYJqE940OJKAltLRh2B0kmKoCIsLiUeVbqTvS9XpxKaXCyEWJV3zjdWdW5bVOC7EqkdBPrgLhhuxgdEixMOVU53Qpqrf88xXxg0fdSkqmqvtkQ/3HuoECZgU/CDE2QoFIShvpX9mFTQXbpddqU0HtRgRAQIKF0ORrBJ8tdn/dtHt+AEFxls5LrMwyysvNlNgl42neQDz1gqCr6N+4Hxu6R0SSy1G1wfDRKpKH0cJJOSMSQuvDzyiE8D+G6WTZdWO1yE0LjHfW27GiF/Z/j9q1s69hl7yP5TwLkOUFfQpsvCjcUYgN2KGpu02IC0CX47kEXhZODB1T0skv3+MiOXrvhlwpp8slMyn7zGJFDBUlpFebEu9kd1qDIuJpENRsCO+1GmZi57e05uYrYRFPZ0rvrG2zoxD+UIiVVSReEczkBKxX7BE+uumUINxCj9VvMe6hYtHp+c56byp7fVyZ7t8FOvpMEC6CmrTu0JeHzCL8Ry3nhOjUm8+IM1OEo9lTCVegWmbtTp8LU8limwd05yojSngKxPZXmOyNVAnGDPFH1eowx80aEobrfIi6inRiCSrTsGgcosGuberGx2asN0xsafN26t3CQ8sUB+Ycl4+U8x3kZcHiAf6KNX+jWsBiKc+z8ILO3EAnL7wNfS6qN5e0+/GN7sNIjvGUgNqFtPFmdk6FrL4fWeIGQ7DmdrreeNvkoxm5iRMhVn1yDVIIV2CzBKz3nAVSolDv5UtbdknV9DwHxmstfxbduXhIDvw4e0OQX+WtZYdvAw4yZU/3maTLYtMQgmxw6kLK0apShWF0RX6jB5GC/G8yYyjjOJF8fxBkM1IHiU6gsD0KY9VtsAiXHAf14EvZxfX/ngYIIs6E71JNx5vaN8zgOidmxCvu4TpEMObJbozBFZo8Cv15AepO/4svjmrNsiofmDU4BVcDj6nTzCsV+qbgLosCUZ8v5lcey7zYVdtxGnctlcQC1LsOwDJjmGxJq/6Wr6SA8NZs4wZKui7Uf/qMAOOr8aNNfumdEmnj5ojlfvrAmx2xpvgiJCgB70jrEni99+QISZ3/khb0e/rvuTuyzbhMEhvX7uvAltFU6x1wOMqQ4B+kkYfQ4E2IetM/hPSesCE/lJrOt3z/HMZNJj0y2V/2PiAlyTXOSzuOMOSPnKj/LZv9r6ylcloJOA4de3SqQ4AeCzjBqpBHLxmvtl+PA7XPwTMZuT+0nadQOcdIkiNuvMdUscAwhdtM0pigZqFRcHyUWrFTt6vViH6qe/Id4+mWjxGLHCcmqCyH8fpEGR0BMHUNwnM7vaDryNt+pTF42oHZ2X67X/tYwDr0aTB+E9boxAhBFsSJlJ+eSGs1Ie/neqh256Z8hLrvejfjVLuqwuIv3xq0z8Ccky+JCJrRqhM5uBtI9sEfzZBGJjAndm+51ySSyhWVD1mFe6u8EdzATUTIckHA+LU/YnsoLWLvT8iCuDJFgyFy0Zi11VuA7hl5khCh/WiSK4XdRcZJyup0qbe3W5wPeXKlkz3bHUct+VJjN1E338ZOgvDNHhX2y7Dd4fE4N8UOTxRxZdStKOp07L/XjN1PPy8OVfQMtbxXDr+Pglp4K9dbJLulRaqImzOZ9Xopl3o013cT/wP+rfHOAEJ9rAFpDqnRR9a1yiqy17UJXKT5lYzILciXYuCgKKW+H6bCCDg43owcdTRCZ1zDesfFl7k5Xx9CpkBZyxYce2+Mxg9jyTVBZCzD3VMpzwyZ+uFDJ5uSmNGbMXodUxdMbwbpUc10DFsOZFy8EkynzQly0RwBjlQPxSzEn+V578omWxnOFs7EXUApoHjtdHvbC7yErSeG90GfipvYCeWkX+UljO2EzztqN0MXPSFl/yslx7rSpxppcIwn1KfImg9REcSlIIv/j29r24wNmJXgGEbIaClOpgK1ebzGdgIaIp/m+su3M5pH95ebipJ3wo24BnACWa2OIUbBtAxFdmnt79oC4E2yROAMAe1QKBL7GMFHv+4HCP1Mrv8BKusC8gEjP2NIBvFxHTQfjWWR/4wVk2OgCxlwP0ZBYO0TLbGGzwOBLB7jTmKydmh0/NKhpwP2/AhocMZg8GDncLg2OjX/0PXhtqRo0ZkDD/JAgGdY1mEQed+DluwXmbgkCJdptIJV0HZD43g/4nuXVlSg80b65Pf096LwTMFchH7ZwMQCwWZtbQR2ZTEwE021sAt9I3SAEBT6oOgkgQZ0dbyWfAPQiLkf/4bEaKrT2J3d7fUYlvrWes7RPKjpGSaJE1zhPZ8YYwdPHEbbgNq/2FPzflLYPPw0XIatWkjbKfL7pp3VwHdVMqo8Pge+rpXrTZ7GKp7qQoCbx7zCmxEzX+r5dNHu3ArM6voWiLQRSSDxYD3YZX3mfcYauSBUSFW9LsjJGVCZPGYR9WM7Dc7sUct+SrYQogi4De0lPrdeHrdGlu3BuUafglDt62ZHukM7hK9e4y04ouyS2VAFS1jfjExEqKgAovBDy7psmn817gFvZIwpzAShpqpop4TiDX945BpQnmJPh03/fMKIxcliKYzrlWk88pmBbHFj9isW4K0gNLnZvnAv/QrBuxrFi1Xi5wKMtE2U3rVzq5HV5V3cQE6CGhAa2lsMZvadZOQvJuAC76e43kTcyOALSuuo3eOOnACissvYnY4fvDVg6C9QlVK0czhdNVRNPPEgqa80Sl2qO9Jt13KQxGsKcPHSxx/Hr9ehymZx7/a1o9ioQLIHQGtfeh27ZhaXVbQEI01mAtbfqEYvudAhHvGpQg//dVHwMSj5kkMBwFxPtmMvG3wQt4KOsKOjq3bi2A34F/+YMQXJddMPHxt3m2YSN+TFfwrXnh5AcUZ056P6Jq8IU9HqgCoJlwtlMO+PsfddxrpGsjXmvGxCxf7Vgn974pnjgr7sxD44fCRf1v+UeN7/EuJUfAO9BfCsGI5sIA9XKmQikic18KVnx92lDXg6/b0vkPkvBGmrzBRRP0x4KaYFzCKZ7LDTu1FLUpO22MzVMaXoJHMTNeXnfYXtJKFIq7VMRjOOgdTgVVk22YmQXl5sF8e1J2J92AXk8anEsZYFFIizdoBrYg7IbGt2rLEIBl8oJeq0HWUv7r+5BnnEADCH4o7/BA5VmM6WPtShEsNOGLsjsTxWavp/C2msreDTilbQbG61Vufkm7sBvtRXhG5PFJXsRW+N7CD7yoDGSakOT2dGFPd5lpVsN7EYbOMnrAprlsJ2IV2no/5KD3EAH8G0lw7JB78ZX7jWpqWTS2RG93egGCIrex/LHVWh7bXpWxHjHR06y0WA2sJJ8swf1vwO6zbTwpmnGJjEehFsRY1uSlFGBxJ0TRj681xiweUKfItdo40jAG/xOfxdwu/feyJJuqm/1v2H7cqMBWgGI08Evbu2XJ0Wad4lprVnhQsdarDTVL7OAXTz/G5PiB2Rn+jIcho3LiNPG4W2DVEry5IbDLxnjkydEY4u58OcENFrGoxx8gMiHNyRlofyodcRS9xE0t7YgJUahcMzd8yHsMf4rAT8QtlYDNE6W8+EmSUooWON7Ray7/BzwW3j4gtsOyUxerK6TXeGxP+c0ActxaMOaW1+TOecIfu1fWzL9QrG1t36N2hWEQZa+JmFfWfGpI5equKLGbXLCtWoswydPQbYAubPrZLpgv3ggHBy6th7+QIH4VitC5FEDtPujxCBiYEXVX04540JZerx/JNV2SFJ+JEip/+0pJuTYJO1+Vu2r9+9ve8YlMl+UNzI5yx9ZiSun9t4uxGuQhnhW4RlSKmqukCW0HapRtbTf81UqW3O4cGRoKkR4diJxTozvW9uHTxTnHORvOUQa4zZEKL44+HZsr9ExuSEiQ8Sbc0JlDDfo4gKhYF+E6pKU+FMm5QT4wFgOaqYbbiCKfasBvcA6xXlwaMRVxV9smc4YU8oaZAxBMeN3Gw0USDMf/cPiF/yEDdQugtX/1OtxFkbh34a/0k9SeXPyAlrw/CHLbi9EY8fMWBhq1PmVKN0xRJEPP1pybIt/N8KTehenUm95BeNYF+F7cpvNc7vNjGFlqUSNNKDlwgtEV7sUgPYHJKzU14akGx1xVo2Fl0tHSJuW+aksntC6xYS0SSlLIglRcEfAEnahtGaavaUaxL+t3CcgOl2SDBH1bSdvibpIAAHK8HqC0v3GQD1mS5mmV4oaMC1u1B8ZlUtqykA6kP997cpWmjti7DwQh6n2BBUYxC76cU7RZV1VV+S83U95EjjzRZvkbV+Vze8NCXSofPvnylViUdPJCVr6SaLXT2WJFaZOrDViFHfOKKj1i8ptOuJwvqx9g950fhMaQb6n8FR/JNLYj8Yg7h5PGRRv2RXpO7ALZUqAOaPe9B5zkO3FoZaUl3nA1AtC3jUb5P+5CX4v13Ef9a4KXG+MzNLj6zoSQsQOiF7UsSJ23PYM0pmffD4zK5rAOK6S6q4/iX0dEfLdlL/Vm4n6a8/o2s7/SO0N4x1xBQowowMsl9ave4gUBmO2bDzNmmzTH1le+ewCsCixMBDvFiQLQS0UgEIaX8QVbNHpNwUFCJBdrr/KFRtkWSagR/4miRZj66fzON+hN49LcRNc1erKNwEbnEBZyJXO3wAdxVZ6H9UfG6udI5kL2akVeT0lVytBQCVuE6uU3S0c+zR21r1gBDf3S3F/RIQVlW2dFXbKzqsE5RT3rXpW+kFpGThAD9vSD+9qBkth6oubrrf7ZN0cltoukH7O/r+wbJXkgnQRoWzaJRLhkI7+g2EA9VDWGFqRaXXegi8Jxzu11Q03bHrVSw9efpPA4L5Z4E8vGXZzAFtmWJDJFbdjDoTaJHV4A7MAaAU4xLdEHwnM8xnBm4/EEzDDqssQDUiTMqSf1eVNqun5Q5xkDqEIu3uZWM33Z8wqc9s0eTXhXnnEHvmbFxgRgm67CYz/6FU9ujVasSntUyceWurcALGqbv7d0FDAClyXq2xNsunqYw0GI2y5FA8OglRAppV4By0sjoa/wpKtog6Xny2T69u4DFxe6XqvS7N96/xkagdgoA34cC7uKRN43SVxxT7eTnca2bacVN5sI3wm/hOizGQcTu34+2aHTfLsuAMKe9HBvLs9WMEgODBvIiubZ+fF3Xzc8AoNLKmyxUyY=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>