Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx3fe54bfb-a159-acf6-650e-08e3b2b9308e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx3fe54bfb-a159-acf6-650e-08e3b2b9308e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>hHfJGdhgzN2fcoGRaSFEBwrOuFo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>c2en0okGHrFUu3uuAgU39EuxbCK+FrWxRPg9z+L8z5I8pnUWwZdaaSN1nt0Y954kT7aC1CUVztkcRz8HgI94Hx92vc+F1OuJu/CdepVmDoxgv9KElk08YovefLHOH/swALQH8lIfzDwmNoa8XhbAQhsvYfXVbsdQChCpIGcdgnE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx82624ed4-65af-358a-8638-6a0597b6ce9b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx82624ed4-65af-358a-8638-6a0597b6ce9b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>tYYzV/aoBWDH2HYNyK+cJWz+EPE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>pUNVbIFmJSenVDBPPdSQ0QP+hF/baxG/JFekZVg6Dn7/r7jP420QwZo+zoNUjJegVXOM/f/wK3rc7N0JhbkC0QupltKOSld84YhT6t77yd0duE0gWRt0JpD8pt/y9ISR3NXtLSwvcA5eqT5+0HEt5gEyyIEnc7UpW/ctpbPs4CY=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxd13d4930-e6d0-877e-5b06-371fdcd0e099" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxd13d4930-e6d0-877e-5b06-371fdcd0e099"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Vkn7jKqURsP9++9GrUB4uMl3LrY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>P2fHmcw+HIBtcXftcwfRv5m3wNePWkSyVFDBMhmBCDkP4TXQf4coUhNrYzicYobiBf1XIiTJy6KCgzs3DW/a6dI87SN4MsoxUEVEZ818HXNehgRHxIZSTs6NdZQ5Nk/0Q+gL///ZHl2lj1HeGhZ3IkDoXSCo8DPpS3B0lRMXUQE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxf48d00c1-2d79-2d8f-23b6-4ae4888e2ded" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxf48d00c1-2d79-2d8f-23b6-4ae4888e2ded"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>QJJAqpWtH1LQfuZQHnaBdam3vVM=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>WNOmjw9cXO6XZrDc1427n+HwegPCn5juDfgKF6GqqhOGBhPne8/9Knl48MI3pe5FCLOkldJfmjdT60aqZ6Zf2kKE1c9UxNEyb8nxth2rnZWYVarxULKpnveIi3B7DVFcNrryzEyKs1IIXIjjglNEyx+nID0nEFSMUqy2cSd1/mo=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>0PSokQezOwNyDarX0+qz3YJUGFLQT8OxaZN+eZGd6tACUBVGxQ8HI9lOkktzexhjCnvAcnEuxe5bghBkEsj6HxQ1EgH0jI2I9uCjLHkfno9TuzKPwHCsMhV83iURQ0q/EbYdKijUu6LU5JCb9bBw0Lh6rwpWlzdMy78/JO/w6j8=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Xrv94NqzQ4CUI2XTZjCECr9v+GoK5eCe7lTtEA/kQ04WzcVn+FOSL0yl5g6XG2edKJutbjnqAeB05QiIygTgCCeHCcYWB2BVVFhMIGDEYHy/jpoorUNM2nndwC6q4v4t3A0oPb5EgCoBp3BDsigiMCZT0lYcZgMz3dYGWgbPZzv05LdIP+34ClZ+auv2b4oDa7TbKIkCvBtM2ilDiOqp4Xm774m0085gPvaW5Oy3Xld/jNJWjf+mWNfzw4N9CwEqRUxOBFj2dtW1J8JVdVhz/XU+CXerJFs1nsXbimvXuHImAuxrhb7kyluJhRWqGdwxjXxeG9zXiFDRUkta3F2j1LxUOhs2q8ZEOiy4pamBVfetweXK4PEa1kBol9CkkqjCyhZ4QO2m7PuQV825oewTW3jQLQCa/42a1Nz3M5LrcQb6sqa5J5lU5ttBqWASgW1lLtShwk92z4xdidGUCa5TnrpdMBMqipRje190oQlamdkdi+fY+BDshqzv4SP95Mq5eT97UiQ2WgfeSVjE4w8ThAJKLZCb2kkE+jHjfPW9o8W+h7pR35SlpJGfRKf6oybeN1mN8CbZ32G6RudnWgwDvPq/8292MCSPawzaFTOu98EXPS+X6BcnMPySJF6g0jBbChI9RrTE0BnF5JEU50bTwyBMPnXsTIx6bSmONn34b9YoXbiV999p14lssQuaZl+7cZbAK0nSokSiLpWHlXi5pj4f6ZPg5GjT/gG3hUPgLp0BhbM4pFWTONMqD3L9sFgse46mAy0lXh6oYuq9wZyTbBIbwQsPX8zsgvGXPaOM9ENYwI0cjnnk0Lq6/WiLaqnpUlE9iLcbpe5/nvrE+H08xT3lxvJkzwePFdCHUyDITHD3CUJMJcJzjUD1WapG03+LPqJab25YgC/7lupZcs2zM4Ad4QMQO7EckwTgaU8CMTFwcUJ+GjcFr4wjgeQo1lqrWF/0PSk6Q8FWtu3jYTQDZiNy5QnkymFDKnzSIt7/H4OrkiQKbz+2b7yLPv3q8yHgKuVu8uq3HgsqI3aGK+IYt+9bniHMrBFws/DOA2+TQhVMG8kkuzGRuE6ibI1WPHRyYjMuhk0d5Aa831EZd01/FKYD/gvx25Zl/It2ls/fc5UbBD+XQvJnppR969rLW9qYQSWRMBlWKbzXAQg2dQUlu78DhslrDCDXGQunjmSknrKVmJAzT3Q+ERGTKip59wa3N5V9HPjycCOtlliEhWI0qPSR/obaGNijkETWcHhcfYxSVTaIK3PXnbCkOUTA7iPN7BQoZSqhCgYG2GI/M5Czdn+zDtaj7tGGSSJd1ypLHGFABnWWbsQX9KPl/GuSWqRKUqrqlXtsvV5msPMdbMz+DY3XkmF6068adOnhxV+GVEzS5hL6e4bQAMxYzqZZ+5ihBO4xJbET1yFsaqTnZNHJ4s/9A7f8wR19Ko3g4J+B6+vfv83Or4HUGLmZe+THlxzkj7cC3rxH0L34HOJ+uNm05tdnZ5jwa1AWx2idO3FlNapIwYW/3WHXwMfd5sL8OaEI6HqRxqNLbd88FTB90cxUKZBgOrBDGGFjdL+l3e1DuiAsoppy88nuMj5vm65CDX6BDgFgJ/Wr6DRwdiwWTudGJMtt6FAHIfhMWksX/T6MyJ/9Dzi8F1+knVAL9nSr9H09xiLLjU8gkFaYf6CmtfhIDokBGF4Tx8STu0VTJTHT7Mp4RbqnVzPg1t47N4/fnkEbTKRlxEt5uUAwowZX5h0e0xLZMM2935NuIabCfxveQh4Dju+xYQhYNGbg6Kf2aEgo8ACQpcbq0RpAm3WLxgfVSZ6qfHVmdgZIG/4EVt5s/IO+53k36J/L6FRZ/diZkJcfi/T8+6KEtMdFxWgGID/lxf1wDfuK8m7U+pxuRD8grEnfFsVQ49polIy1lGuuY1jkany+Oiw1h6EIBkMolzIcep33CQLG/FwfLgqUxhUOriscHmCMaVslo9RbiUvCRRtqu1Te+4RMCrM9MfvjRAIZHxuZ2TSQqH8H3U7dwq782+A552rGd7ARDrwDBA9KPI9cJEYxczJ+ZNjObX/cxNSUjFxP3STARdY0Hl8USSuWAhelW0Ik/grwrdIu75cvwE+V/aDPXsWNQij2HToTMxzZ1GvHO33+2P7CKngleUbKMrgOs6alEhruRgJHBUMkWy3fvatbxuYWwrJz3jHPhVv/TH+fkMA+XC7ehZAZ4maha9/Jf6vQee3Ji+Jx9ii7Bymo9OhUxGOGZda7SM5EhT+Yf2yPToY5cDsfD29ZjlFvkB1IiY7Q0hGuELdL8Fjd9+j2dJaCXmQBmx5KOiUtVc5g/Cw/prBNxkRkZI8Gnsvvljv8gaI5RaB3waRcw7Ww8VJD37nFWUT5QiDzg3ezdxl8cQevmAupwEcwDaAPSL9TeYOM3PTOEJGffGMq0ArITUdBFdGUlKnUoS/VKGpMOhH/DqJjjWK+R0w6AsC3KdTmPujDSQFjlrx6CD6ACtMWFu09h1QkKQBs2hFMQ7A6FmgYTDYQPobWdwgHW2EZbvixBZ30Amnm9GDLMPKmuDb9i6P+npLJPT+6hb+254K6az1aBPQzoyRIKPGm0AG58b1fmq6n7pIm2lmfFLeGVw/wcm3Sq914sho9U+dA3VURmFBgRqfO6+hejtOjt6faQMwca+3IOYwe9JugD+WWiY0YlEi1tp+5J8bgK8Hc2Z9YkXZw712ki4M9xLhpPkHc6eKH2by73FTBdKJJws7agcoYpUMhxpe4ORMzgGw+gcOqgwcRTOcCirAn+U7qs2xwf9KK4A1FTvQZox+67D8o1HVRU8A0FfWPDkIu8cVqTwe+teL9ESnBFbcPUMp5122lRmXzwl7UTddRAJHMQb2EcUk4HaiNB/hTqvR4XeiugpU2U7WSj/1w/laFoPlcID+Owjeu8q4=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>F4Wxprk4k+ooUP+pkYy8AZ+iWyAR9cCtLuqkBuFjXZXzFnKYe4kCRl/7dAfATfccKkghl8HMyXHABYFBN66K1jg5vNIyKXO6N5SGBT9+GpS95k94a7gAsPaqP4KVIYJd1c4vl57AGzC4qqJ69v3IM9e1bvDT1b496u6gFDovx4I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>JCmMGaIxf/4iH+GPxQTIgwPPihMplvb4XGJWVtLMvhNsmPYR6A4MH5AYpftndVuil8fx0/KNiHolb5f6l2iZIybiq3KssF1d7k4jkpv+E3qE4E9dSw2+qt90PdOKVOjrolggdq2GL8OM9EK/iZZcIyIbQLgQC5qZz5VOQINoJhgQYZkP2farHOaK4ZJ67RxVNpT4ogguuDzQedZbt1eRo3dIo5RQqjKEwZcmGvlODxOso6wUE0H/o4HV9KFZQ6fsEh/QgTE4JShqYCPdwFA7ys8WFkU/P2bJnM3GRqWW0AfpeLfcmxt2gHdeEszk7Qo95L8zuEMBOHjLaDelwbncwJ8qYlHfrwesDv4x3r6dFmyuO41TW/ocxWrIgZWDNMSAFgHLxoIjcaISNup5GbwM+3urC+ab/ci/dvWm6dd5UkiWZ/1lcuMAfzECq13o/ztDmOkxCofDSRgEU5D+UegQjVh299Vgn7uwGXj1fUb1xUlnhdeBxdlc2S1yPR/kzflpXL1MMuChXl0X0Qts7DY1gYcL2IWQVht0biX4F4HquIRR379zjHs3dZ/xKDti6gicQVBelAlMZDdyd7YWLCOBctTIQWwet7QzQE9U9lAUHQ9M0TEb64Er/bJR7SPXlLmR8sXfM/kvVJeM2nmyZl+4BZV4jRB1RSBODgNCEQLHe1r6VMfu46d8HGDO9yWSWGLjIPKoBxA/4blQBgTfpilDYSLyvqKXaxzNs1ztrsQo/VJnAxSH3Bw0VBoBZLmJnaKxqJxTFc7UKSGvm7MWfjW5Teu5TQeyddXXfhhsU+n1WoeWFjS/bkqWa0NRu9ck7fm/SSWZOkDZDaenpUbCkYLnIOhsfOqAw20v89lOrzhneTeFMg9ooqJXoxFqGXoIlE6ka6zhU7WsSUYCTb025moDF8TAA/g1PKeQBt6gQOvINl1wC8PxG8oJ+GO3qfaXd4ENvVWhGtebTgEJjCTMBgmuWCiz8i/5DvVw8Jk/v8B3olpiDbExLc6Km4kB21tpiyqi1DpMDNUfeE6Kdpo848gJYflvnJBkBpXlB2QrGeO06fN9gvw64yWKX1fqKhWzV4VtuLZmFV+3XUBfyu78aBxPy0ikUjkdR6hqmbsLDJX/HdDbNUcmi9woRc7BtG/JUGGKcO6wybnKoM4V3UdeS+SCdm5lrauOiMSCQ82ERyxV5JeBf9yhVd09ftvwAvoeuY/b22Y9M37BxoZOI3WsJ8LmVCjUjlw9furIXsii3tieJL1TeU56dOaKpmANoNqJFLc04+vr9GrR3O7Szu/oj7mGeQSW+Z9EJvyU0CNFDbpm1KD7j4NcP5OhVoJFbcGtJUpQ0friciNDqouTZ4GK+BlJ2LVMxhgGuR9qD7MW6Nrspxe4ox7+ktPvtNdoidWijwT4a+1xVfL9/jrKrDuGjnxHyso6j8PMiLt4SeRoAxaWi65KU3Oh5C7Y0UlikIj1qE5x1uCe5kciZNh82An0m9affwGtHMqiJSE+aazGQzFzvfSM9TY542C08nYtYc3A4YjGElBf/6oLKepmNpDv/Lkp9RLma1du0/2BDUd6NJUwaAO0WsrnYaUCIKTtRx80Lc308/vGSaVZxYoqUVW4pFBfEjknNi88Nj8RF4sL6YdS5SXPa+5I+YK0qhfY3SPiYr874e3tdtlmdhFiMAIJaAQG7OrBVvVTv9xIhcmzbUZOW4KHkRXbzMvi4qRRFVRhYvPFJIR1AHLLFSCgUaTowafwj6REbcynfQbf5xtNMO7e57CjvpVS8Kh5ncD9Y8VphrSM1lRRX1F0dFka9fk4fp8OUiLkjfWLw9WBR3TarF1C1QhW1XTNmolcOZqFsGBZee73T0f7vyLSI8cLAjjxIk5UAz0XoZdb1vjpMQXmsSbc9R+tgKUx8vOtzTI8WwdMXlIHqaaj+S2lZHJdJwkTHnfhiBujQAghGgPk1ap2JT/GTJllAMyWsFhEazpkmm4KdHiQjUSMZxq5XBgGY74CV9XtOW6AZHX2lR3saSjY3MZNMSTckwC6dfQT0GWbdtHgJBNVV2g9si/6Y7W6Mdm9lTcM1/AXawil+U3IRTttyvas5fDo1or2oUNli6Ju0C81aAciJshIhTkRIMN1rvmF9ffPxc7QtiYTB339lvQH4F+OaRvCjP7YAfg2DGpD2M1uy4riG+76JH+JMpvFbSDG2ElCdbuKOT3fLycBUGDluPIWlYRkG2wK3zCkqkRM1vbyc/TXBhZ6ZSGgpmWYPF3UE8s8gRQkz4yzBy7BEvmURphF6VYLVnmxV0uM7AYnUEZ3bUXlsgi5nKMvhyeHUOeaR1iHocvnQm16lgQFnJDvNYg9Uw0g2hQaAAEqwBkrbVycNrVIbQAO01Ohrl6t2urg8DKzyBG4sNODxcbfIMknCKZ7Fr9lKEvis89vID5pi4PUXZvV/w09M4z1eWt/bWYqURLolWmroiU3w8eUeNgRr99A/R9lUd+SqPGpdHg0EVS4jFPTpWXa+nNjtFWvuS6xzuLzGB64rd5iRY572IP73Cc0Opyjq6Jg8K3PIwK6V/+VLNubw+3NyRHu+F4zbwcrhk5UcQECc1Cr3/5WS677LrMxB5cKo79sBTLBbzO7TPtmaYGhs37IaZxelNvq+Y73oEQtWuG86MnHCB4trl4DBvJsMxYDCn5+n3FvGpjqH0zj70wpVJTCUKc0iG2sZMflghjVE+tOvLXCsE+Wvofs6oG4P85yQcBJF46q8xd+RiBkis64r+LxVvrY03Q/C5XeEbbHGoQSy3ffYBSclQWpWPl9xlH3pH9WjFCAmdiW6F8F8Gtb8SRoyueJ4yB2Gs1tD7PUUDCTMmlFnlztUqyvDNrvv3FWTo0NSw7pI+d6XGHno/nNQa/nJISWC+dhqnVAb2qOPfXfT0KQjjaWE2IcPriXfSbjofcp4S7hirVNorf5TZoFdQI7eMmxjVNO/DV03TiM0Ffl7nBcRSeOeMhr3fyCib7rRLB+jKnyuCqs33ZHeSk9lSnND4CFchhQor/Jr+fZhQyc+BOel+7rPhk0QG5aexRwAMbZS262k/UTF2ce9ihf6cH2ZaKvg8rcJYKQBXLUm9PQS8s7bT549fzMCNRphlwlwDp+LAackOnkCYY9GkQUapPhJqna1g8+au0Y9PJL6ltCnmpkrYJPzq148UYQ9BYk73x1YXD++a3/WT3IUJPZ+C9nH+f2K+JN2PeRTVDiUkPaYH6dk6IJmHbCTKaJa7zyt2xCgcJaCQ3EoDAENH5y8KuE6/tbMQi0py7fFjFG7ovWx7erA51QD7NKTiFuU+z1/csGEIOqeKDYjKOkLUIHRryAVrDH+nYVYiBselhKsm9UZn9F92YnebC1ww4l/X1O4hSwcAi27N7IIRef3J6w8dh/EKq+VYAGBLCZqn2nYhgLGoh0kWEBdkCV0Bl2UkjBFeNnH7U1Qzpk8nmzFxNOBNRZbn6PZDfcQIQSO8zc3GSULc+WbdEU6va99WxEJmzwV56JZgmcsyFhHliij3VyZGkQh6yoUQ+267CfnE5l8KQlA7RyLGNrVzeAVA92akDy0MRodhrMRmuKuCZQ3WQYdKr7r96LDdr/JWriu3Vcio8W0k8odhXqOBvsEChpeNtaJX/BztE2uRrmQk0DR4z86+fu72DssL42OA16vK0n8NqvttcO64IIWcYX6XllhnwIpHV9Qo64G/meLV5irfQrk0q3t5PSuLrGQOcVNH8kvtNMd+E+TvgVR5c2yCeqJ9hsDnz9IUAJe1eaqf3cvnWfHu3arSgdR96QSVRlR4g2GPqim5wXvHqekGS9tRO2L2gbOL6RAtb7wx3TNYunIaZttaJxnIz7BIkLlp/qHVK/bpN9sb3xXDf/dGgL4lVjPpjg2E6UzInpLt/fHigi8dS60yHxCJToGIhzX5FVtacwu78ndNOrpqCsD/2SyPwwUyzW0n96GyBm5d44VjqX3Z393kgEuproPK8+pQxZzYOnBiQ01hnAr0J76ibtkC7JQjZaiZ/v6/3/zujeNNkr6NS7aLG3U3kMFufhpUvSxz8pSwR3SOytYLY6+H82mQ89JGRe4J4sHa8S8JNXC+mXwCgef4uS9E73K1iSA6QdJVZKtT+21yXFLwCZ7CEhttDZEvZCXBbrm387GHuvL28e9MjRBptAWDAjxiUris3y/8SkBs03y/HzBdPee1yPEJzjjj11upqTfiqI+0u4ovWX1uaqEBu3bfIVCt0CRRTLC8VLuDV+zb2Zh/jH9YdfdQ+lREuG0GvpISAi8dk0/0ZNmeK4+mYmV5LcKI+fHdTdS8FVm2T+5kYOntjaaIGx8stAD8E6zfTVcRJ0YTsV2jXAQmZjBkBZsH2fc2xK/obxUQR8P1BiaRc1vg9ZC2/qrwCcf6Y88UqnosufFHq4kLx55rpx+KIgYpVMYdcknwbVK8d+3eqBOl59niYoia5JfTSFtxz/mVL4lMeVJiIUPZKHzvu26V+C8FmnQCza2ky2dXHUgtXJq9PJyZNhZjE0Pv9ev2At6NMzMGr+vD38DXtlzkxVu2ZpIscnoNyNfTKOIqwfQW85LORgnmp1q4dtpVLlmsGxKgs+/hAYlsriWuWy0/fvwJ+N+oOFhRxPNzwk+is1qt11LZ0VkvorQu63nuREbsFNuaUYgmLX36sJDbK/wPJ1s9/NUuTRR+I3GUAeROdVExQegbMxR/7H0GV/AFtAhr6A0bHtaAuV3A+iuZKY04/l+iSyoGPHmKSUlMaVtquR3MdvywdZwOhKoRC+vUUQGaDLBypIooxfERlObwukcQs2oj9rlU4bFGXiZFku5D1JLGc9kmqp5bCHpBOd5+Q0ZqlCrRHZ3Dv0b+DuvmDtgH8vaYXEu9kL1CZ7yMa6OyJb2ye3GYpehCCI2G33l/v8HEBiTjyF8+P3Ma+H94ZC8nogXs1S8JK+BxUfZGA/i5UwUd7VOBhaqPvrgctoiGnUyiagR1wIWhNJTxdmOO5F8dw7ezOd4/qrtTgaq+jiIp2IeeGf6czEA5DmdP7JcOcN2Qin2TdfHx/n4Je6Dw2VFF4llttnBcH7e3iacnR8Lz4kOXUs4T1ByfKNN97VB3CVsuW/KdYb/IGrZvrdcbKUX1IjX/Q7zqXXl0Z3X6REiHmIER9yMcOjcdMerNbmcktWDYf7BmzW1Yb2EHKkfgfo7qGb28Dgf0l4WjJgXuVLxwMMIWnF5wnPB3eVTNr5fj5WMFWBCkaby+uCaQ4cAG9YH+Rn9zLmXeD0fnKdjKZqZtGD2A1T1ll6GlfkUvWMWUs3g97Vc2KRM48Bb/N27DvCrv60vnFCxZpueDpxssweYZGwWfD2fT+uaSVmF2uXwyF9zdZiSXzAinVPBDayrcQjJNYXj1rHrL/oXF2HThgfKoWlTp2jHIRqRvP4YnLwQp2zSmb4NhFGTFIo53nvtu1JWGEtTkAaWaDpQ7boJQnmRafK1AMPFFuYaS5YoIsHJchHzXo=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx86421efb-9610-389c-a92b-cae5dec1c065" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx86421efb-9610-389c-a92b-cae5dec1c065"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>RZlW1rp7vKkv70d4PXrmOrz8ppY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TpRMvajYEFejVVK8YS1t0D4/6zV9z/0BBquQmZULk9cJLp5UzRMnF4D8wvj69GI3AIgMHmDQBfcAz0AusnXWp5pMk7mj39OgtpUP3NYA+DkHlcGniWr7qJzDz1uzKji5Coa36P0BsNkcVBhdYX+fj9Dp2BzImudWdYO1YDeOs8A=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>0PSokQezOwNyDarX0+qz3YJUGFLQT8OxaZN+eZGd6tACUBVGxQ8HI9lOkktzexhjCnvAcnEuxe5bghBkEsj6HxQ1EgH0jI2I9uCjLHkfno9TuzKPwHCsMhV83iURQ0q/EbYdKijUu6LU5JCb9bBw0Lh6rwpWlzdMy78/JO/w6j8=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Xrv94NqzQ4CUI2XTZjCECr9v+GoK5eCe7lTtEA/kQ04WzcVn+FOSL0yl5g6XG2edKJutbjnqAeB05QiIygTgCCeHCcYWB2BVVFhMIGDEYHy/jpoorUNM2nndwC6q4v4t3A0oPb5EgCoBp3BDsigiMCZT0lYcZgMz3dYGWgbPZzv05LdIP+34ClZ+auv2b4oDa7TbKIkCvBtM2ilDiOqp4Xm774m0085gPvaW5Oy3Xld/jNJWjf+mWNfzw4N9CwEqRUxOBFj2dtW1J8JVdVhz/XU+CXerJFs1nsXbimvXuHImAuxrhb7kyluJhRWqGdwxjXxeG9zXiFDRUkta3F2j1LxUOhs2q8ZEOiy4pamBVfetweXK4PEa1kBol9CkkqjCyhZ4QO2m7PuQV825oewTW3jQLQCa/42a1Nz3M5LrcQb6sqa5J5lU5ttBqWASgW1lLtShwk92z4xdidGUCa5TnrpdMBMqipRje190oQlamdkdi+fY+BDshqzv4SP95Mq5eT97UiQ2WgfeSVjE4w8ThAJKLZCb2kkE+jHjfPW9o8W+h7pR35SlpJGfRKf6oybeN1mN8CbZ32G6RudnWgwDvPq/8292MCSPawzaFTOu98EXPS+X6BcnMPySJF6g0jBbChI9RrTE0BnF5JEU50bTwyBMPnXsTIx6bSmONn34b9YoXbiV999p14lssQuaZl+7cZbAK0nSokSiLpWHlXi5pj4f6ZPg5GjT/gG3hUPgLp0BhbM4pFWTONMqD3L9sFgse46mAy0lXh6oYuq9wZyTbBIbwQsPX8zsgvGXPaOM9ENYwI0cjnnk0Lq6/WiLaqnpUlE9iLcbpe5/nvrE+H08xT3lxvJkzwePFdCHUyDITHD3CUJMJcJzjUD1WapG03+LPqJab25YgC/7lupZcs2zM4Ad4QMQO7EckwTgaU8CMTFwcUJ+GjcFr4wjgeQo1lqrWF/0PSk6Q8FWtu3jYTQDZiNy5QnkymFDKnzSIt7/H4OrkiQKbz+2b7yLPv3q8yHgKuVu8uq3HgsqI3aGK+IYt+9bniHMrBFws/DOA2+TQhVMG8kkuzGRuE6ibI1WPHRyYjMuhk0d5Aa831EZd01/FKYD/gvx25Zl/It2ls/fc5UbBD+XQvJnppR969rLW9qYQSWRMBlWKbzXAQg2dQUlu78DhslrDCDXGQunjmSknrKVmJAzT3Q+ERGTKip59wa3N5V9HPjycCOtlliEhWI0qPSR/obaGNijkETWcHhcfYxSVTaIK3PXnbCkOUTA7iPN7BQoZSqhCgYG2GI/M5Czdn+zDtaj7tGGSSJd1ypLHGFABnWWbsQX9KPl/GuSWqRKUqrqlXtsvV5msPMdbMz+DY3XkmF6068adOnhxV+GVEzS5hL6e4bQAMxYzqZZ+5ihBO4xJbET1yFsaqTnZNHJ4s/9A7f8wR19Ko3g4J+B6+vfv83Or4HUGLmZe+THlxzkj7cC3rxH0L34HOJ+uNm05tdnZ5jwa1AWx2idO3FlNapIwYW/3WHXwMfd5sL8OaEI6HqRxqNLbd88FTB90cxUKZBgOrBDGGFjdL+l3e1DuiAsoppy88nuMj5vm65CDX6BDgFgJ/Wr6DRwdiwWTudGJMtt6FAHIfhMWksX/T6MyJ/9Dzi8F1+knVAL9nSr9H09xiLLjU8gkFaYf6CmtfhIDokBGF4Tx8STu0VTJTHT7Mp4RbqnVzPg1t47N4/fnkEbTKRlxEt5uUAwowZX5h0e0xLZMM2935NuIabCfxveQh4Dju+xYQhYNGbg6Kf2aEgo8ACQpcbq0RpAm3WLxgfVSZ6qfHVmdgZIG/4EVt5s/IO+53k36J/L6FRZ/diZkJcfi/T8+6KEtMdFxWgGID/lxf1wDfuK8m7U+pxuRD8grEnfFsVQ49polIy1lGuuY1jkany+Oiw1h6EIBkMolzIcep33CQLG/FwfLgqUxhUOriscHmCMaVslo9RbiUvCRRtqu1Te+4RMCrM9MfvjRAIZHxuZ2TSQqH8H3U7dwq782+A552rGd7ARDrwDBA9KPI9cJEYxczJ+ZNjObX/cxNSUjFxP3STARdY0Hl8USSuWAhelW0Ik/grwrdIu75cvwE+V/aDPXsWNQij2HToTMxzZ1GvHO33+2P7CKngleUbKMrgOs6alEhruRgJHBUMkWy3fvatbxuYWwrJz3jHPhVv/TH+fkMA+XC7ehZAZ4maha9/Jf6vQee3Ji+Jx9ii7Bymo9OhUxGOGZda7SM5EhT+Yf2yPToY5cDsfD29ZjlFvkB1IiY7Q0hGuELdL8Fjd9+j2dJaCXmQBmx5KOiUtVc5g/Cw/prBNxkRkZI8Gnsvvljv8gaI5RaB3waRcw7Ww8VJD37nFWUT5QiDzg3ezdxl8cQevmAupwEcwDaAPSL9TeYOM3PTOEJGffGMq0ArITUdBFdGUlKnUoS/VKGpMOhH/DqJjjWK+R0w6AsC3KdTmPujDSQFjlrx6CD6ACtMWFu09h1QkKQBs2hFMQ7A6FmgYTDYQPobWdwgHW2EZbvixBZ30Amnm9GDLMPKmuDb9i6P+npLJPT+6hb+254K6az1aBPQzoyRIKPGm0AG58b1fmq6n7pIm2lmfFLeGVw/wcm3Sq914sho9U+dA3VURmFBgRqfO6+hejtOjt6faQMwca+3IOYwe9JugD+WWiY0YlEi1tp+5J8bgK8Hc2Z9YkXZw712ki4M9xLhpPkHc6eKH2by73FTBdKJJws7agcoYpUMhxpe4ORMzgGw+gcOqgwcRTOcCirAn+U7qs2xwf9KK4A1FTvQZox+67D8o1HVRU8A0FfWPDkIu8cVqTwe+teL9ESnBFbcPUMp5122lRmXzwl7UTddRAJHMQb2EcUk4HaiNB/hTqvR4XeiugpU2U7WSj/1w/laFoPlcID+Owjeu8q4=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxfa1514a3-23e1-5b81-7a6a-36a5ea4a0e0f" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxfa1514a3-23e1-5b81-7a6a-36a5ea4a0e0f"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>8WEaGvjKov7EJHQuwAxzFL1MVNQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>MXd+KKaCsUVQ/eg72/5rIVGl7Vb6TTtrKhF04ZoIY51PpDO5vrRBK6U2Rhs6SULgOvt1p6LFs9SwBz6rye8Xplljx4uTDFJh84RRnQkAw3c3fvftgi92iIYf5wFT+Ca0EL0WCom6k25AiEnZ6jTqOLH7rVg7w4pVGAWwxUsc4Z4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>F4Wxprk4k+ooUP+pkYy8AZ+iWyAR9cCtLuqkBuFjXZXzFnKYe4kCRl/7dAfATfccKkghl8HMyXHABYFBN66K1jg5vNIyKXO6N5SGBT9+GpS95k94a7gAsPaqP4KVIYJd1c4vl57AGzC4qqJ69v3IM9e1bvDT1b496u6gFDovx4I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>JCmMGaIxf/4iH+GPxQTIgwPPihMplvb4XGJWVtLMvhNsmPYR6A4MH5AYpftndVuil8fx0/KNiHolb5f6l2iZIybiq3KssF1d7k4jkpv+E3qE4E9dSw2+qt90PdOKVOjrolggdq2GL8OM9EK/iZZcIyIbQLgQC5qZz5VOQINoJhgQYZkP2farHOaK4ZJ67RxVNpT4ogguuDzQedZbt1eRo3dIo5RQqjKEwZcmGvlODxOso6wUE0H/o4HV9KFZQ6fsEh/QgTE4JShqYCPdwFA7ys8WFkU/P2bJnM3GRqWW0AfpeLfcmxt2gHdeEszk7Qo95L8zuEMBOHjLaDelwbncwJ8qYlHfrwesDv4x3r6dFmyuO41TW/ocxWrIgZWDNMSAFgHLxoIjcaISNup5GbwM+3urC+ab/ci/dvWm6dd5UkiWZ/1lcuMAfzECq13o/ztDmOkxCofDSRgEU5D+UegQjVh299Vgn7uwGXj1fUb1xUlnhdeBxdlc2S1yPR/kzflpXL1MMuChXl0X0Qts7DY1gYcL2IWQVht0biX4F4HquIRR379zjHs3dZ/xKDti6gicQVBelAlMZDdyd7YWLCOBctTIQWwet7QzQE9U9lAUHQ9M0TEb64Er/bJR7SPXlLmR8sXfM/kvVJeM2nmyZl+4BZV4jRB1RSBODgNCEQLHe1r6VMfu46d8HGDO9yWSWGLjIPKoBxA/4blQBgTfpilDYSLyvqKXaxzNs1ztrsQo/VJnAxSH3Bw0VBoBZLmJnaKxqJxTFc7UKSGvm7MWfjW5Teu5TQeyddXXfhhsU+n1WoeWFjS/bkqWa0NRu9ck7fm/SSWZOkDZDaenpUbCkYLnIOhsfOqAw20v89lOrzhneTeFMg9ooqJXoxFqGXoIlE6ka6zhU7WsSUYCTb025moDF8TAA/g1PKeQBt6gQOvINl1wC8PxG8oJ+GO3qfaXd4ENvVWhGtebTgEJjCTMBgmuWCiz8i/5DvVw8Jk/v8B3olpiDbExLc6Km4kB21tpiyqi1DpMDNUfeE6Kdpo848gJYflvnJBkBpXlB2QrGeO06fN9gvw64yWKX1fqKhWzV4VtuLZmFV+3XUBfyu78aBxPy0ikUjkdR6hqmbsLDJX/HdDbNUcmi9woRc7BtG/JUGGKcO6wybnKoM4V3UdeS+SCdm5lrauOiMSCQ82ERyxV5JeBf9yhVd09ftvwAvoeuY/b22Y9M37BxoZOI3WsJ8LmVCjUjlw9furIXsii3tieJL1TeU56dOaKpmANoNqJFLc04+vr9GrR3O7Szu/oj7mGeQSW+Z9EJvyU0CNFDbpm1KD7j4NcP5OhVoJFbcGtJUpQ0friciNDqouTZ4GK+BlJ2LVMxhgGuR9qD7MW6Nrspxe4ox7+ktPvtNdoidWijwT4a+1xVfL9/jrKrDuGjnxHyso6j8PMiLt4SeRoAxaWi65KU3Oh5C7Y0UlikIj1qE5x1uCe5kciZNh82An0m9affwGtHMqiJSE+aazGQzFzvfSM9TY542C08nYtYc3A4YjGElBf/6oLKepmNpDv/Lkp9RLma1du0/2BDUd6NJUwaAO0WsrnYaUCIKTtRx80Lc308/vGSaVZxYoqUVW4pFBfEjknNi88Nj8RF4sL6YdS5SXPa+5I+YK0qhfY3SPiYr874e3tdtlmdhFiMAIJaAQG7OrBVvVTv9xIhcmzbUZOW4KHkRXbzMvi4qRRFVRhYvPFJIR1AHLLFSCgUaTowafwj6REbcynfQbf5xtNMO7e57CjvpVS8Kh5ncD9Y8VphrSM1lRRX1F0dFka9fk4fp8OUiLkjfWLw9WBR3TarF1C1QhW1XTNmolcOZqFsGBZee73T0f7vyLSI8cLAjjxIk5UAz0XoZdb1vjpMQXmsSbc9R+tgKUx8vOtzTI8WwdMXlIHqaaj+S2lZHJdJwkTHnfhiBujQAghGgPk1ap2JT/GTJllAMyWsFhEazpkmm4KdHiQjUSMZxq5XBgGY74CV9XtOW6AZHX2lR3saSjY3MZNMSTckwC6dfQT0GWbdtHgJBNVV2g9si/6Y7W6Mdm9lTcM1/AXawil+U3IRTttyvas5fDo1or2oUNli6Ju0C81aAciJshIhTkRIMN1rvmF9ffPxc7QtiYTB339lvQH4F+OaRvCjP7YAfg2DGpD2M1uy4riG+76JH+JMpvFbSDG2ElCdbuKOT3fLycBUGDluPIWlYRkG2wK3zCkqkRM1vbyc/TXBhZ6ZSGgpmWYPF3UE8s8gRQkz4yzBy7BEvmURphF6VYLVnmxV0uM7AYnUEZ3bUXlsgi5nKMvhyeHUOeaR1iHocvnQm16lgQFnJDvNYg9Uw0g2hQaAAEqwBkrbVycNrVIbQAO01Ohrl6t2urg8DKzyBG4sNODxcbfIMknCKZ7Fr9lKEvis89vID5pi4PUXZvV/w09M4z1eWt/bWYqURLolWmroiU3w8eUeNgRr99A/R9lUd+SqPGpdHg0EVS4jFPTpWXa+nNjtFWvuS6xzuLzGB64rd5iRY572IP73Cc0Opyjq6Jg8K3PIwK6V/+VLNubw+3NyRHu+F4zbwcrhk5UcQECc1Cr3/5WS677LrMxB5cKo79sBTLBbzO7TPtmaYGhs37IaZxelNvq+Y73oEQtWuG86MnHCB4trl4DBvJsMxYDCn5+n3FvGpjqH0zj70wpVJTCUKc0iG2sZMflghjVE+tOvLXCsE+Wvofs6oG4P85yQcBJF46q8xd+RiBkis64r+LxVvrY03Q/C5XeEbbHGoQSy3ffYBSclQWpWPl9xlH3pH9WjFCAmdiW6F8F8Gtb8SRoyueJ4yB2Gs1tD7PUUDCTMmlFnlztUqyvDNrvv3FWTo0NSw7pI+d6XGHno/nNQa/nJISWC+dhqnVAb2qOPfXfT0KQjjaWE2IcPriXfSbjofcp4S7hirVNorf5TZoFdQI7eMmxjVNO/DV03TiM0Ffl7nBcRSeOeMhr3fyCib7rRLB+jKnyuCqs33ZHeSk9lSnND4CFchhQor/Jr+fZhQyc+BOel+7rPhk0QG5aexRwAMbZS262k/UTF2ce9ihf6cH2ZaKvg8rcJYKQBXLUm9PQS8s7bT549fzMCNRphlwlwDp+LAackOnkCYY9GkQUapPhJqna1g8+au0Y9PJL6ltCnmpkrYJPzq148UYQ9BYk73x1YXD++a3/WT3IUJPZ+C9nH+f2K+JN2PeRTVDiUkPaYH6dk6IJmHbCTKaJa7zyt2xCgcJaCQ3EoDAENH5y8KuE6/tbMQi0py7fFjFG7ovWx7erA51QD7NKTiFuU+z1/csGEIOqeKDYjKOkLUIHRryAVrDH+nYVYiBselhKsm9UZn9F92YnebC1ww4l/X1O4hSwcAi27N7IIRef3J6w8dh/EKq+VYAGBLCZqn2nYhgLGoh0kWEBdkCV0Bl2UkjBFeNnH7U1Qzpk8nmzFxNOBNRZbn6PZDfcQIQSO8zc3GSULc+WbdEU6va99WxEJmzwV56JZgmcsyFhHliij3VyZGkQh6yoUQ+267CfnE5l8KQlA7RyLGNrVzeAVA92akDy0MRodhrMRmuKuCZQ3WQYdKr7r96LDdr/JWriu3Vcio8W0k8odhXqOBvsEChpeNtaJX/BztE2uRrmQk0DR4z86+fu72DssL42OA16vK0n8NqvttcO64IIWcYX6XllhnwIpHV9Qo64G/meLV5irfQrk0q3t5PSuLrGQOcVNH8kvtNMd+E+TvgVR5c2yCeqJ9hsDnz9IUAJe1eaqf3cvnWfHu3arSgdR96QSVRlR4g2GPqim5wXvHqekGS9tRO2L2gbOL6RAtb7wx3TNYunIaZttaJxnIz7BIkLlp/qHVK/bpN9sb3xXDf/dGgL4lVjPpjg2E6UzInpLt/fHigi8dS60yHxCJToGIhzX5FVtacwu78ndNOrpqCsD/2SyPwwUyzW0n96GyBm5d44VjqX3Z393kgEuproPK8+pQxZzYOnBiQ01hnAr0J76ibtkC7JQjZaiZ/v6/3/zujeNNkr6NS7aLG3U3kMFufhpUvSxz8pSwR3SOytYLY6+H82mQ89JGRe4J4sHa8S8JNXC+mXwCgef4uS9E73K1iSA6QdJVZKtT+21yXFLwCZ7CEhttDZEvZCXBbrm387GHuvL28e9MjRBptAWDAjxiUris3y/8SkBs03y/HzBdPee1yPEJzjjj11upqTfiqI+0u4ovWX1uaqEBu3bfIVCt0CRRTLC8VLuDV+zb2Zh/jH9YdfdQ+lREuG0GvpISAi8dk0/0ZNmeK4+mYmV5LcKI+fHdTdS8FVm2T+5kYOntjaaIGx8stAD8E6zfTVcRJ0YTsV2jXAQmZjBkBZsH2fc2xK/obxUQR8P1BiaRc1vg9ZC2/qrwCcf6Y88UqnosufFHq4kLx55rpx+KIgYpVMYdcknwbVK8d+3eqBOl59niYoia5JfTSFtxz/mVL4lMeVJiIUPZKHzvu26V+C8FmnQCza2ky2dXHUgtXJq9PJyZNhZjE0Pv9ev2At6NMzMGr+vD38DXtlzkxVu2ZpIscnoNyNfTKOIqwfQW85LORgnmp1q4dtpVLlmsGxKgs+/hAYlsriWuWy0/fvwJ+N+oOFhRxPNzwk+is1qt11LZ0VkvorQu63nuREbsFNuaUYgmLX36sJDbK/wPJ1s9/NUuTRR+I3GUAeROdVExQegbMxR/7H0GV/AFtAhr6A0bHtaAuV3A+iuZKY04/l+iSyoGPHmKSUlMaVtquR3MdvywdZwOhKoRC+vUUQGaDLBypIooxfERlObwukcQs2oj9rlU4bFGXiZFku5D1JLGc9kmqp5bCHpBOd5+Q0ZqlCrRHZ3Dv0b+DuvmDtgH8vaYXEu9kL1CZ7yMa6OyJb2ye3GYpehCCI2G33l/v8HEBiTjyF8+P3Ma+H94ZC8nogXs1S8JK+BxUfZGA/i5UwUd7VOBhaqPvrgctoiGnUyiagR1wIWhNJTxdmOO5F8dw7ezOd4/qrtTgaq+jiIp2IeeGf6czEA5DmdP7JcOcN2Qin2TdfHx/n4Je6Dw2VFF4llttnBcH7e3iacnR8Lz4kOXUs4T1ByfKNN97VB3CVsuW/KdYb/IGrZvrdcbKUX1IjX/Q7zqXXl0Z3X6REiHmIER9yMcOjcdMerNbmcktWDYf7BmzW1Yb2EHKkfgfo7qGb28Dgf0l4WjJgXuVLxwMMIWnF5wnPB3eVTNr5fj5WMFWBCkaby+uCaQ4cAG9YH+Rn9zLmXeD0fnKdjKZqZtGD2A1T1ll6GlfkUvWMWUs3g97Vc2KRM48Bb/N27DvCrv60vnFCxZpueDpxssweYZGwWfD2fT+uaSVmF2uXwyF9zdZiSXzAinVPBDayrcQjJNYXj1rHrL/oXF2HThgfKoWlTp2jHIRqRvP4YnLwQp2zSmb4NhFGTFIo53nvtu1JWGEtTkAaWaDpQ7boJQnmRafK1AMPFFuYaS5YoIsHJchHzXo=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>