Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxa139cf97-69a3-11ec-5cf6-d3f318f3170f" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxa139cf97-69a3-11ec-5cf6-d3f318f3170f"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>RpWrZmKe7e4oy7Jo8QI7ndE8mwI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>FfVsuNBCGVKuG4EbKiEmTpg3wnXsVGzV5Kh3ERWrHhq1TPlsPyPDnMpMVkFZZDK7zpOSYDfMwiI4jUjDvYlbrXB1oeNPjzldI0hJc1R8F31XCF8KBj0ymjiAXJE7XjcQAKCjerLQY7urJyu08HY9onpBCqvwVry6EuVMreTDBUE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx6a9c1941-8453-236e-9b37-a7b41845b8a4" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx6a9c1941-8453-236e-9b37-a7b41845b8a4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>c9nnQw3uCC0ghtl6yOOTecfh6/4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hfuSWDngzlrYA1cWtHzmXqetMAZudrMlys1JYiowNhZ2tX0d1dmFpn0WHJA67jiM6eYVf4KeCd1hVb+UPud0/+S9KeCiMrtjSp3crjh4aFdJrjpnhNhvjtJLLSkjLOcrSHGnUuWbACrPjhskmo5Ppc9SWYCnVyyrMMB60WLDQfw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1a76bc41-371b-f781-3df3-c954cf52086a" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1a76bc41-371b-f781-3df3-c954cf52086a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>zGbOKeKQd+JbDflmBvagasv2+oE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>UJim7AcfbomxnBJNze4qO8F0gB3cjhy3aOXiniQPOKh0Z/s/6zJqs6/G+qrHO2F0glaR0khjSp4xKS/zZDWW8Sac0WgmLktmaEozDJ0UXufHtUaBhpbnSc0qDQzy6DsBIJB/kJwhU75Q/F405Apt3UnUIq5eAPd1vxzGe7j7p+w=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxfd0efccd-cc88-ed97-a72e-9602f95c0cf8" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxfd0efccd-cc88-ed97-a72e-9602f95c0cf8"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>dEufH3KF0T03alPXsHtDQ3Fk2Oc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>erMoEF4rkDLMb+80eoDBkQu0bM986sN6KrOt5j5/lEEQlYDNl1uSlp6eaxT2F0C6jM0bnt19hcd/YvaZhWZPYou5eIoFiF1bIYuTM9E4nBQcW68rgkBXRbEwtffPjUP38jWsJl0VdznXeOCOxMmD7hyB3RgY4qiGS8RR4urjumk=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>ERc4fByDfv0PBb1Ak8x+folEJFrwtCOYPUcICp/wgB8Zry5EPmAgu/HKvpEHP0a5jodkobNsDc1O+alZjOMKEtsAmoK8bdv9l1vwGy/axikfvcnY5sYE26n1msMzjRN6Piby5TK+zgt8w1UlFneCkodQCATGmYtrP3kpguFCmzc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>U5fLhMvWeeMXgSjXH+qhpQVftfMRaKPBX3ayWnkgtbhnlk6IGCqLR93qf0XAzOI3U9/Gjh73+CHb9dP/biSn8fENoBGLFUUYWWLd2fEm1w7ejZ7ycrhciyTrFD+IqZ7oZTTfqwGp/RvHenVKD8NhzzAD9ebKVbbamS/JT2nvlAoV0+X7ogP60TN8lcStAuL5v9dRKsPhkrB7YvGcUysR3e0xWBz2bq1OuzpwhtfeFKy4g8XFBQkeRNgAAj8C2zxYtSkII8EWFshfX/JwKrYj+2fXA3uLxvLLK3Slzkp7D3UXeI6ehtVBNTqkoMnzdM+s7BGdsQqCLn7CMuAWU1Ok/VcghVw2ujSC2pptIyjZd1w66Q5t6VmrFW4zkNsV2wOEMA/Gv9kzhPaXio7MOmtgxBxnbQkLVuroeHMxnTaB1FsKcvFarKYA2ekSAWDQigkqhHIQrFwRfThbQ6/q6o9lsvnYUZiSPIto/161NPL471vjfNN/mue+ytVyPealqLWUYnaDmplNbGXBKeAZGIXqQpw/0OoLqXgFQxAEq0X+WlOOowU+dZtWbjhty67wDz71urvsslwh1k8opIOQtzQDIo61MxGN8ybVG0MZ15oJnq48MSe5Ult0FohSQEBHZN5+W2lA13wisRK5mNNOHcgqDZkfdoEyJrFtzJkxFMkUSpjTmXtRuhNEyE6VspXrlFPzwmnoDA0oCzAVpTYJ2jgyFi5Qp3sGU9+K24/MBAHxjc49uoAsVWLzvNE6sc1xuhA2tt4NBKXcj1Kz2UxXbrhEL4fOjQdtAMqA88bvzFnsylbjX7MwYYKTCUuzNgFvWz/+MX+6fkV7s1MD8aslhM6B8juVzz+lmEVtJrVTMwb4d2kabPWzMvMmENfqbZpJCVVppON7/rh2wykzp42nFkvvpQEVbhvHOwKNXui0AEdQLg9xlYSHvoGphyohQibgpEJHBtfNuSL0tKpAdKmJ2rM21TFmEwvAWMPxrVfGygJTM0AdnQJNihDkPAHpWVHWaxNIAns03brCbGjWyYCx18+qdDNzaxV5ZlWOuZ6k56W9++SLMZsinlSAs7m/b7HWqYeJlDChGXKDQxHaP3OAofVMCRW/g6TGZYxUB+Qf9SwL5FMiiUm/BbTHVyv8PP4HBB73XqohvU9mmrP/XAqEd8tNK+4ep/bGPowKI1HL6DxlTsdHBmHzOJG54bbAdZEu3ALEUMZ02p6SAUYTAXz5Upyf4XHBJbyTyyETD7ooETUFNrTRpzpBlGu0V4KhcNgKI6sXGVQsrwFs8QZ3JW3qg8LU2BP5dxDtjnVuFURE011vGL66UMhwaLNqkGdVoXdcnnTtvgJPeH2RUUNMfgqVHcAlpdMZAt+MbR5MG93bi5TYkR4OQZ1s51JBj1ZrLQ2HxubTWRQXYBqciFuDE17Rdgmwr+xzw1bB6+e7dg3wiAP66icHzoo/ZA6pGO9f9g9roxd7Q51GlLw/WqRwr/6CHrGvuAJtT6/0RTFW2nAneXWWxjdqnNpDDtQZ3zdDpOy10bz8Ps6+4LW7e5TOS5PwqbZaBV43rYrrTLhfcHdvkur+D4q9axwaQS8exrtX+WVUwarsOMJLMkIRRWUzCBw42gjv2SBmZwwWSGUaHtXFGHk7wZ/2AAQaKhjrCAxJ3uEPtvhQAtxeC2kf6/tPCDdUFc5MNVRXAduFAXg04ooBvKr6fHnidUONAUB2X6lFd3RU4cs7uebvthRIbc9+c560rgVay8TXnfer3mViPaCKSEMAYOgxc1kLtZenN1k3K6pCfuPhAt91sxpMt2hu3sEDZvSVPZkzT/WsdKezaIFkDjHlYKEvUuQpwF9M/2nKLXa9CLlrhWQ6qfR0ZuvUpqSJZsOTQWCRK2W0ubUJ9NCMq+FDWiqu9Pom/+4i8rXYBI1kRgDCRw/ryqPnerfZ1geoscYKtKn/aFACONlegNN1G6R8gaxtFfL6ZHu1zk+rOjltuWuQZsAb8GdNqHpyDFaz8d4Bx0GJLv4VgAXWZtBFEmxx6Rz4yfb3VjUjeXRWdzquWCzG+BXrTHFsk0Pce1BoObCDwFeWARPTOAHdALqIOyQk74esaFASV2hso2a2fgpLBSuaBtOrN/x/Dw4EI/EjBWrNgM4o/tIR2b5zvTmj8BJy12Kl9YOwC7nqQPB+CSURBZxHMF1jYHiLUC4gY4ysGALyBS1Hx2dVZqQI8xdqKDdBR4MXshwjBRiqVjfh3xHY+YTDTg00nEjJg+hgdPwkUZEAOwsST4HlEP3HKkxMEJ0fO1Hv9506xuTaLsewpdm+ulqMRPtScxF/bl6C1kuQGCGqHvcssuqT+fB3+NAqXG7xhummsw/HbRm5x2C7jrULk/XLf0ZDzVoHFeSBH6eRLzGixMPCl3VNRqnL5rwG56WQPtV/Rr6sO9cyKQGeXJUWdMxxAjarvAiP6JPRlzRNkKfVfGytwxS9b7jJnmB94w/3cnRySAYP6Xr/V1Uw6a4/qHs0hDLZVPelKU4bb4ezeDje1KhQ0/cftHqAUGDsx/Mi9xMjqYRjlypvZmirRCVEkFyX6QWU8svYje03PNlfLk9bMephD/lroTDvKgOq48eYUdnAts4RKL4pxd4A3vieeiDumDCoOD20Tmc9HcD9hX5f0JBPy8/J2zHA8FO7GwjlYUG5rtkvRstWRTgRzcEPZKwOgyTrK4YpsWcIgIjGntQREHd3eUkTSDSqxIJYPxNXEdwgVySOWIBVVHOU8L0LQvkcmjWc93J+Z1nKkdiTF7dlLGkS4hIIx2o2/XrLA3ZzmDwRTdzEDV8Taxvc/eIIkOCDfqmt8qUMTd0v700LFsOXfcWu+zpdGD1f3Cj5g/rnSxjDQXBJqTfh/JCQJjsZx4yF1ofOd7AOmA+cw/PTJgHsQEm7PTmBPwxI8Vme3RawvYk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>1oYj6io0wWCYx2srDn94ObdlfnPgI7fGypuA8baMCrVZ8ou5k+EGfXFoXnWpuc4eaPhKXQhMPqXXJ+Difc9alMiBWud6XDfJYiBg2FgFCLfzv3lMSnp8vtZkFtYatvwmy87Trf750QVtiPafHHYn45t0nwK0u5CrQ+M7gaS0i3Q=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>0EcZKnrba7YuodO1ltMw9s/hMvLv+xKltjO+Z0CsLDdGuzUCjFOvC2kYKUwFBTozY6AkZ3PBb4XQpLROaBKKVqbIEKLFHj1XlOMOUb6nQDI2W1fJe/ybYRs4jOc2TyLfyhl3xmS1MiwC8G6oHFVB+lzZlyMed1HoSQOTyS0xsWV5bLzRycDQw8RfPBr41sCk7upLqa0PEpL2xWhpQQRIbCRN9jOCHRgsNvWRYn7iYOMjfMhsTFWz25rBNGkChC7in+fgk9yrhSY/5vghHPlQvYEt5ca0dXyATdkt0bRmQ6b62h8FEtYqzYQlwSRJ9Amjtgx50hBLrDSwtb8epcj7GBfXTbgT04NWgJqHLB6w3TNnASBvQndtk0rZgDWN7n4S7u8DAhRoN76nmsbSVQ7mJHa/mLnrN5ppVAswUuC81TAM7SXa9JcBxxYKrTiji69dxSLIUb2jn6XhfgHjMLxsb9QthA18aMXYHoV4NcaGUsiUFMt1Ox4cP5aBTRm4w+fkwNkvtcHtSxqwjGTGuHTNgkrey/cBWkTKjBnpuk1OfGourdCD4JkfWoAUaLCdm0oQBrTfFWms2+13Tyc0uUcVLam2PIzcBsnyv6FO0a/OQMIc1fwO0bQ/32K1Li+eITMAY6Ozf6vlToD9cLv9alwNJrSd0jjwTaTEBxGwueU/CN8Lmn49TroZm5IWEs3WyUA0cBAlMPgkOsfuod0Z9GuVgHqMkGDVp+CF3gu62RGKsq6etBu3YPW8JyhkjsxlMJwiC+FJY9WozpvPEJzPwkBoDCxD+Un0ymdcGce0O+nBz0U0p2I3lVzCU1tV3gUkwyvneVpe7t4JKyMUZY6uPTyLVsMPcvj+et3yXqRAL7xfsZwcF3rgslq45SrwKektDZiooBFakWbUwK+P27j3fdf8UChchRElnYE+UnpPPVfxJ389+E8LqD3iS2TNf3RTAiaKVCJu70n9j7lkw705hvsIUNqw9UiE4InWkqAJa+shl9FIRgexQNR2vEg5hxkChcapGfQJz1O3bqICdWqh+KilbwNVDGVke91uelHibT4Q8rOCRfh74fvHflJSFGyyr9IWUEKKR5ibXpyqDMYfAUC9QhJOJcXrGBq88CgTQ8KTmK/AX7NxOcDR6JMD91Hs5je+VqQS2z+CkD9vYd25f50lUavdjkeYQbzYfuZCwGWSU8HiDpJ/5/smtfa2gznwldv7wH6ULqmu1OJric7p0+h++bDLCOVMiKeZ2J4d3FmmY/hTuWhJkwoDPsgqSJvo9LpAxZqdUfjRVvwysU47uIt8bVwtnmbjwV5X1C6eVe31Y23F22Du/WWxpqPelct5r4e1N9VAarikizwvJazernloTTl92APfMMMslYPgQHojJqVjVqceWGjj1TGpNuqJTtyjSpD7d5rHKezIEH+W4ULnf+kUaT3dogsbJnwchFODqQnizGq+ollklj6opzynJuILQ2gvlxDlyukxLphCZS1N4Hm9BJv7KdxFR5EnJb3+29a66FMC4MWtOlnbjONVPvQKu4D/HznoqnU0ByN4nPQ0s2Rt144ZD1y72WdrmMcJ9dGzuccm0Pt+Bpcu/fzYj0aHZ64z8JCBDNkHnctGrpbkouDrcsLeSg9KVnL5Kx73B1zPDvwyYG0zKO0ji66PHWkmJDZyzeIAkPTafIfXBgeLsu7JDaE3W3mQsnT7bv1RhKCl2dAwTRzTn+EMf/ZVoXFmAt3OhlWU8/NzMpDPv/eAJLXmmpkHCput3RppEtGNStT3Zz2dEKtC/IaT7D3U4tJOFPqnw21EcXHqUX2fMfqI2iqRFInf2Bj1BF3244IUghdnM+9Wt77lC+2d5QrOPtJwLitWGs2DnX2xHLwDvpVBuK+R6C/t4Dl3wCNr/YDP2QYIjIggauLCZcytdj7t7mBSGW+RL/iiElPsYvT3OA3h1uOQB8sFsgHcql/u905hXQ+ty51fZFsIhxaIq0645AfwBVUsFCdUGY9JOABk3+8J/xFrNF2pGTVvTWXCjStw758uCtdTmLyWAwlEf27s4Mc+bMOEXri3e46F/511h2cKDxQWh/mZ4oRqHAZTUIREuqYTpRlnSlKJkVkmgAD/iJ6I1pvNhSalY18f999gaxIjreOudpRorDkRzp5NjJMD2Be4Pkfvxeuu9F7dIpPpHAD/cOuxtHFroCAqzqnlgKBOeiqpcsRshFCz8yNN8DUdt/PCHfrrtNDWlprXJsj1gdBF0o83paO23WtAcKFyMYKw7f7bKJ4cAtCmLFoC1sqHzHyQttGJxzk1kenF8ED89Fn63vzRStXfi6cu27W6MvMqb+ZMetIpLpxcpS5mKkfOnaZ3/JuWDfXYgYJF0/FNwRXFk8/f+nH0NmeqIDoTxLOfJPA6K7okPmFMOabrBMCAOZrHB3k8XZVoHrQCe/ClvgYHgny3oPCSrzgc2Kw1NdllkpeyVI/+pqkyW/ZUmRfhsgZnoKwv2cZhFP8Tx9XK5ShlDZjeXBeMj+EA1BJOknCQb1gIF9m4HSROKFFYspMrINPrIHs+ndedv1+npvhDhjPueEWmmphcuhSq1N73Z+oxS9NGaKCnZoMXm8PlRWQ7HKRVT9Hyx8a2i4yQ7EEhFYhRL2Vzzb+cXng3DzN23n+QyF3mEoVxjFDfOGLkRhXRkgYSsAY+yQv2l0IQiNTnumOjlP2gMX+awLyoSw/FLV/9oxwAIOcXSuQsPhGyUWnxPj/oGsovPuJ3qfPiMDoO8RvCFFo9XsGwhc0YAfkeputdzhvqS0aYf4SV7kT34dCBMMkVMHXJRZZj73uKZ0cHoT2SqGVrcgBIPKjCj6h/T2GeC1HMdMXaWf9HIslvGKpc7PQriAVL1s6wuXljWpRhPZV04uLype6TgYKroaxmV+QAyFcF49g8wB+ZKzQzh2pYWqm4SAWTgWHQonnZWrBQkqpT0g7Qih0B+TFG3LKpdEMgr1q5oW5Fdb6QPhY2+kWn7bOUo60gFYWV81NN/DDIrRHutfVRYkaXV9bmNk7+4icVqyHVcXcgfjK4awr9IAXuYSigDNqjd71kwBbEJ6FSzc7edZNRzrlaflQkjl+DofE+fX4GfTGsvYiP3a5gUet3gHgk4d09JlhyqUGwQxUp4u4j608aGoAZfF/c0v7wkuuTSK258Le/HBKQbOvL+pw+5k00kaC3qMeEQ66RU45hDQhjy6TU2WDSiPkqHwXUzeGnb3kPkalUWeU6ftHQVNwa35A2Qg/nQKirc2fxbSa0heuQ6Njq+kgN15c7tJ1UTH/vsK+LpMMvL6iTmgkvDo6z8xId9LxwYRz5oO016MD5WOe4KF/UwPVuUkDIBoKVFJYTiEC4ss7BwWhpgzzJ5RZFjm9F+Uchv+AAsVREBjc4aQjjcsOwBsaNMdfAY7bZIJLrORdzsYlGpd1wX6J5ToEcxB5VyydwVjv/EKrYkxn6flA6mXFp+X0LTGiFxocbZcFHTHCZfifkyUt3JlYk+ecK63d6ATmLfsQ4hn5rRp11GQ2Pwi91WoJmq2T2lLj20q0atYb2rFDwVIspmbT2RB0rdYM3V/1lRyuebLT992yhNMJbNydoYdnLi9/10uS2tX+hidd8WyHqPX6/vZL24Q9DbYt3F2IHS5NBMypPfYbDXdqdr8+25aJ9YpRkmIIR02Vl11f27KlrhEFlw160s90Sr2/RhGdGp5lrXdhomCKwwkErrXlJ7mg8LI92KXLTDKLThbq1B5RhI6bBovhXg8WR381giNOx6Cj7d5uVQ2z25nrq+6Ruk3KQgqmjf7AqDMrYGg9rUT6jd3DL7kn5N4hL4kzOf9hBUxX8rNrRs6MKJsFnKS2H/HVzYW4e4cnTZa7jnxqq2+WPPLtwgh9nNe/p+IXjti6xT951mgkAEpsC8R6JBYZkXzCtHDdV+JHGYWxZaTRsaPcWdzsk+erv4rX3/WtMSUxjsmsCog2tlGzqKosCcfKmnc9BV7IgyB5tVzVebcokuA0pHMMAUyDTJpBUQ1r3MQk/lRWPQyo2dEauJDWtDgJmye5VA4g1LK1OUUhsfMLMvBy/2yxvh8YmO5AHgWWYcH6kcwivwvCf3yg1kHjGV56925D/hjAUr74Bblik73qBMyLJUhMdqAjMAw6ABp+GcycRAXx9aeRBw6rBTauRurAVRjgAdNbviyD1t6pGQzkxMXc55RIVu3TPxjucfINX9ztRAyR4jMx3tIzdppY7qXpA2GKniWkRAtqMJNVf6zcLA8Yz9dEfe3HB5Y3tJeQHqJr97lnSeLYfMV4TmmF6nEDwHy3lX6q04PXVmkb+0cejSytA5XE44GovRrKCnnQYa4L/iAzcieYD7kfdOjB7LRGncKVMrGovLMG2YKDK+hfKxLkxq8WsVNQQrwR2OVce89t6kt+uBu+pPuDyxuGnW3eW1rJptLXd0FW7ZuuUWfce8j/oAGvt7l+9boHfuRGGz2Up0bIGKF+txnhmroldpFkhhY1Zk1+vw3dN0Hk595OADi/Wr4GANYs0oTJFQ/5LnDgfXBPsO1BM067dLfkhrkpna0w77qjKCzxp0jJpJ86JeewW053uyMCOsS3GItbGIG5qDp86c5s5Qsrxku9JPNadew4naZpD6t60SsHfmJtIOvhNNsXU4lCQfjFajEug8KjrnRh6V3OOxlMwGblMvm8h+g0yFsbUoYh6uYg1jh3czPlTBdF0OxWYymBdelDJM6yh+0MNGSXKEQAgADfKWj19JuJMFkWUVizaJ15wYpNYZpRSUVcMgs5lBCoKTrkvm7umIDHR3fb0aqqJURFqWemZuLM+Hr6YmVz+aXH3LbGKGV1dwlSn4GYfqbX9Ox7WkEV00dLijerlKOlIg5hqBorWYTAn70wKymEU21cm3LEaIIWoeEaF8lotqp/O9KiERsJOoR6zLMXM1jZbWPs/17TYxbn9Jr5CfSMgl1RCyNRK6YqJca9l1yS9cbAg7GteUNI1qCo12BxjyhVyHF0Ud5c/GGcjmephfZVt0hGhBk4xY+aMQHMTZlKIrfolcwNw510zYHxadhHmtZ+k+c+cciXCK4O814ZrT8AiHNB0KYX4YrCYjyQAVHyMxgUE52dEbqKGOB+Q4vSJ4KdcYd4btDUDYe16x/GKfzWhqim4gUBHoTiU3gJ/n/kwHE2W4peyA3P3/7lmtDNHWoN/Uf43qu55qKmXs00zDzPCMx32vXOAdqNV2XIDPo4YPzI9dNjjdoqSpuGmdpQdo68OFOcwFFabnOJw5AlTsHdaBg4db2Mmg3nk4u5PEPM7lCys1d74QLIND6sWneg2myKLw1uxn0jNuF0K7t7Lku8NJuMpEbFTP0AzS0nd8tTCFRqsfpvk3aNsHE+RlCA8AbHGTYCs8E7J0Iv9UolntZaFG5b3zg0EEk0lrjhQpxS55mx8XW8pPcIkpquEIcXS1om4TdQeXeXwgB5ZenOlGoNo5hOceRv0bCDrxshnl5MP4Jkmxpc=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxc94b5976-d178-a8e1-7007-d3ba53f07219" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxc94b5976-d178-a8e1-7007-d3ba53f07219"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Wf7YdR18XQQT/Qo1BFe/idugNro=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ps9RhiNBqu1Dx9MfTfWgUHTBNWkqHnzKgfGt6Hk6LmFWAYWDab4ddtkvEbeDN1WQ4Aq2ZsB+QJHW2Fgwm/GXLjhe8e2cMu3PoQkDvrRYpL1qxKclac9w0xcKJ5GoVG/12yLqzuuNZBrx48TWyuHZ7u5eYwcIYogjVz8AE+j1dCw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>ERc4fByDfv0PBb1Ak8x+folEJFrwtCOYPUcICp/wgB8Zry5EPmAgu/HKvpEHP0a5jodkobNsDc1O+alZjOMKEtsAmoK8bdv9l1vwGy/axikfvcnY5sYE26n1msMzjRN6Piby5TK+zgt8w1UlFneCkodQCATGmYtrP3kpguFCmzc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>U5fLhMvWeeMXgSjXH+qhpQVftfMRaKPBX3ayWnkgtbhnlk6IGCqLR93qf0XAzOI3U9/Gjh73+CHb9dP/biSn8fENoBGLFUUYWWLd2fEm1w7ejZ7ycrhciyTrFD+IqZ7oZTTfqwGp/RvHenVKD8NhzzAD9ebKVbbamS/JT2nvlAoV0+X7ogP60TN8lcStAuL5v9dRKsPhkrB7YvGcUysR3e0xWBz2bq1OuzpwhtfeFKy4g8XFBQkeRNgAAj8C2zxYtSkII8EWFshfX/JwKrYj+2fXA3uLxvLLK3Slzkp7D3UXeI6ehtVBNTqkoMnzdM+s7BGdsQqCLn7CMuAWU1Ok/VcghVw2ujSC2pptIyjZd1w66Q5t6VmrFW4zkNsV2wOEMA/Gv9kzhPaXio7MOmtgxBxnbQkLVuroeHMxnTaB1FsKcvFarKYA2ekSAWDQigkqhHIQrFwRfThbQ6/q6o9lsvnYUZiSPIto/161NPL471vjfNN/mue+ytVyPealqLWUYnaDmplNbGXBKeAZGIXqQpw/0OoLqXgFQxAEq0X+WlOOowU+dZtWbjhty67wDz71urvsslwh1k8opIOQtzQDIo61MxGN8ybVG0MZ15oJnq48MSe5Ult0FohSQEBHZN5+W2lA13wisRK5mNNOHcgqDZkfdoEyJrFtzJkxFMkUSpjTmXtRuhNEyE6VspXrlFPzwmnoDA0oCzAVpTYJ2jgyFi5Qp3sGU9+K24/MBAHxjc49uoAsVWLzvNE6sc1xuhA2tt4NBKXcj1Kz2UxXbrhEL4fOjQdtAMqA88bvzFnsylbjX7MwYYKTCUuzNgFvWz/+MX+6fkV7s1MD8aslhM6B8juVzz+lmEVtJrVTMwb4d2kabPWzMvMmENfqbZpJCVVppON7/rh2wykzp42nFkvvpQEVbhvHOwKNXui0AEdQLg9xlYSHvoGphyohQibgpEJHBtfNuSL0tKpAdKmJ2rM21TFmEwvAWMPxrVfGygJTM0AdnQJNihDkPAHpWVHWaxNIAns03brCbGjWyYCx18+qdDNzaxV5ZlWOuZ6k56W9++SLMZsinlSAs7m/b7HWqYeJlDChGXKDQxHaP3OAofVMCRW/g6TGZYxUB+Qf9SwL5FMiiUm/BbTHVyv8PP4HBB73XqohvU9mmrP/XAqEd8tNK+4ep/bGPowKI1HL6DxlTsdHBmHzOJG54bbAdZEu3ALEUMZ02p6SAUYTAXz5Upyf4XHBJbyTyyETD7ooETUFNrTRpzpBlGu0V4KhcNgKI6sXGVQsrwFs8QZ3JW3qg8LU2BP5dxDtjnVuFURE011vGL66UMhwaLNqkGdVoXdcnnTtvgJPeH2RUUNMfgqVHcAlpdMZAt+MbR5MG93bi5TYkR4OQZ1s51JBj1ZrLQ2HxubTWRQXYBqciFuDE17Rdgmwr+xzw1bB6+e7dg3wiAP66icHzoo/ZA6pGO9f9g9roxd7Q51GlLw/WqRwr/6CHrGvuAJtT6/0RTFW2nAneXWWxjdqnNpDDtQZ3zdDpOy10bz8Ps6+4LW7e5TOS5PwqbZaBV43rYrrTLhfcHdvkur+D4q9axwaQS8exrtX+WVUwarsOMJLMkIRRWUzCBw42gjv2SBmZwwWSGUaHtXFGHk7wZ/2AAQaKhjrCAxJ3uEPtvhQAtxeC2kf6/tPCDdUFc5MNVRXAduFAXg04ooBvKr6fHnidUONAUB2X6lFd3RU4cs7uebvthRIbc9+c560rgVay8TXnfer3mViPaCKSEMAYOgxc1kLtZenN1k3K6pCfuPhAt91sxpMt2hu3sEDZvSVPZkzT/WsdKezaIFkDjHlYKEvUuQpwF9M/2nKLXa9CLlrhWQ6qfR0ZuvUpqSJZsOTQWCRK2W0ubUJ9NCMq+FDWiqu9Pom/+4i8rXYBI1kRgDCRw/ryqPnerfZ1geoscYKtKn/aFACONlegNN1G6R8gaxtFfL6ZHu1zk+rOjltuWuQZsAb8GdNqHpyDFaz8d4Bx0GJLv4VgAXWZtBFEmxx6Rz4yfb3VjUjeXRWdzquWCzG+BXrTHFsk0Pce1BoObCDwFeWARPTOAHdALqIOyQk74esaFASV2hso2a2fgpLBSuaBtOrN/x/Dw4EI/EjBWrNgM4o/tIR2b5zvTmj8BJy12Kl9YOwC7nqQPB+CSURBZxHMF1jYHiLUC4gY4ysGALyBS1Hx2dVZqQI8xdqKDdBR4MXshwjBRiqVjfh3xHY+YTDTg00nEjJg+hgdPwkUZEAOwsST4HlEP3HKkxMEJ0fO1Hv9506xuTaLsewpdm+ulqMRPtScxF/bl6C1kuQGCGqHvcssuqT+fB3+NAqXG7xhummsw/HbRm5x2C7jrULk/XLf0ZDzVoHFeSBH6eRLzGixMPCl3VNRqnL5rwG56WQPtV/Rr6sO9cyKQGeXJUWdMxxAjarvAiP6JPRlzRNkKfVfGytwxS9b7jJnmB94w/3cnRySAYP6Xr/V1Uw6a4/qHs0hDLZVPelKU4bb4ezeDje1KhQ0/cftHqAUGDsx/Mi9xMjqYRjlypvZmirRCVEkFyX6QWU8svYje03PNlfLk9bMephD/lroTDvKgOq48eYUdnAts4RKL4pxd4A3vieeiDumDCoOD20Tmc9HcD9hX5f0JBPy8/J2zHA8FO7GwjlYUG5rtkvRstWRTgRzcEPZKwOgyTrK4YpsWcIgIjGntQREHd3eUkTSDSqxIJYPxNXEdwgVySOWIBVVHOU8L0LQvkcmjWc93J+Z1nKkdiTF7dlLGkS4hIIx2o2/XrLA3ZzmDwRTdzEDV8Taxvc/eIIkOCDfqmt8qUMTd0v700LFsOXfcWu+zpdGD1f3Cj5g/rnSxjDQXBJqTfh/JCQJjsZx4yF1ofOd7AOmA+cw/PTJgHsQEm7PTmBPwxI8Vme3RawvYk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx8d32224f-5119-c3ea-5be3-625333c6b1d7" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx8d32224f-5119-c3ea-5be3-625333c6b1d7"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UfKqWRlfL4l71z/B4zJLeKoTsp8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>wm9W8wWdZ/V4YJkP/iJVkYusVdSXyKESUqNRoeCqCnnu7gDyHYq2HNdNbG5jL550e5YCtcpJei2BgEaNLCIJXoQfmQ6cKMTxSJrEfqZvpFn5mGA8ovmTwE124NRYYmsQifKHCDZSA1S1ag90JeB0EDCAwzlD19GsPzuA90A+S58=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>1oYj6io0wWCYx2srDn94ObdlfnPgI7fGypuA8baMCrVZ8ou5k+EGfXFoXnWpuc4eaPhKXQhMPqXXJ+Difc9alMiBWud6XDfJYiBg2FgFCLfzv3lMSnp8vtZkFtYatvwmy87Trf750QVtiPafHHYn45t0nwK0u5CrQ+M7gaS0i3Q=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>0EcZKnrba7YuodO1ltMw9s/hMvLv+xKltjO+Z0CsLDdGuzUCjFOvC2kYKUwFBTozY6AkZ3PBb4XQpLROaBKKVqbIEKLFHj1XlOMOUb6nQDI2W1fJe/ybYRs4jOc2TyLfyhl3xmS1MiwC8G6oHFVB+lzZlyMed1HoSQOTyS0xsWV5bLzRycDQw8RfPBr41sCk7upLqa0PEpL2xWhpQQRIbCRN9jOCHRgsNvWRYn7iYOMjfMhsTFWz25rBNGkChC7in+fgk9yrhSY/5vghHPlQvYEt5ca0dXyATdkt0bRmQ6b62h8FEtYqzYQlwSRJ9Amjtgx50hBLrDSwtb8epcj7GBfXTbgT04NWgJqHLB6w3TNnASBvQndtk0rZgDWN7n4S7u8DAhRoN76nmsbSVQ7mJHa/mLnrN5ppVAswUuC81TAM7SXa9JcBxxYKrTiji69dxSLIUb2jn6XhfgHjMLxsb9QthA18aMXYHoV4NcaGUsiUFMt1Ox4cP5aBTRm4w+fkwNkvtcHtSxqwjGTGuHTNgkrey/cBWkTKjBnpuk1OfGourdCD4JkfWoAUaLCdm0oQBrTfFWms2+13Tyc0uUcVLam2PIzcBsnyv6FO0a/OQMIc1fwO0bQ/32K1Li+eITMAY6Ozf6vlToD9cLv9alwNJrSd0jjwTaTEBxGwueU/CN8Lmn49TroZm5IWEs3WyUA0cBAlMPgkOsfuod0Z9GuVgHqMkGDVp+CF3gu62RGKsq6etBu3YPW8JyhkjsxlMJwiC+FJY9WozpvPEJzPwkBoDCxD+Un0ymdcGce0O+nBz0U0p2I3lVzCU1tV3gUkwyvneVpe7t4JKyMUZY6uPTyLVsMPcvj+et3yXqRAL7xfsZwcF3rgslq45SrwKektDZiooBFakWbUwK+P27j3fdf8UChchRElnYE+UnpPPVfxJ389+E8LqD3iS2TNf3RTAiaKVCJu70n9j7lkw705hvsIUNqw9UiE4InWkqAJa+shl9FIRgexQNR2vEg5hxkChcapGfQJz1O3bqICdWqh+KilbwNVDGVke91uelHibT4Q8rOCRfh74fvHflJSFGyyr9IWUEKKR5ibXpyqDMYfAUC9QhJOJcXrGBq88CgTQ8KTmK/AX7NxOcDR6JMD91Hs5je+VqQS2z+CkD9vYd25f50lUavdjkeYQbzYfuZCwGWSU8HiDpJ/5/smtfa2gznwldv7wH6ULqmu1OJric7p0+h++bDLCOVMiKeZ2J4d3FmmY/hTuWhJkwoDPsgqSJvo9LpAxZqdUfjRVvwysU47uIt8bVwtnmbjwV5X1C6eVe31Y23F22Du/WWxpqPelct5r4e1N9VAarikizwvJazernloTTl92APfMMMslYPgQHojJqVjVqceWGjj1TGpNuqJTtyjSpD7d5rHKezIEH+W4ULnf+kUaT3dogsbJnwchFODqQnizGq+ollklj6opzynJuILQ2gvlxDlyukxLphCZS1N4Hm9BJv7KdxFR5EnJb3+29a66FMC4MWtOlnbjONVPvQKu4D/HznoqnU0ByN4nPQ0s2Rt144ZD1y72WdrmMcJ9dGzuccm0Pt+Bpcu/fzYj0aHZ64z8JCBDNkHnctGrpbkouDrcsLeSg9KVnL5Kx73B1zPDvwyYG0zKO0ji66PHWkmJDZyzeIAkPTafIfXBgeLsu7JDaE3W3mQsnT7bv1RhKCl2dAwTRzTn+EMf/ZVoXFmAt3OhlWU8/NzMpDPv/eAJLXmmpkHCput3RppEtGNStT3Zz2dEKtC/IaT7D3U4tJOFPqnw21EcXHqUX2fMfqI2iqRFInf2Bj1BF3244IUghdnM+9Wt77lC+2d5QrOPtJwLitWGs2DnX2xHLwDvpVBuK+R6C/t4Dl3wCNr/YDP2QYIjIggauLCZcytdj7t7mBSGW+RL/iiElPsYvT3OA3h1uOQB8sFsgHcql/u905hXQ+ty51fZFsIhxaIq0645AfwBVUsFCdUGY9JOABk3+8J/xFrNF2pGTVvTWXCjStw758uCtdTmLyWAwlEf27s4Mc+bMOEXri3e46F/511h2cKDxQWh/mZ4oRqHAZTUIREuqYTpRlnSlKJkVkmgAD/iJ6I1pvNhSalY18f999gaxIjreOudpRorDkRzp5NjJMD2Be4Pkfvxeuu9F7dIpPpHAD/cOuxtHFroCAqzqnlgKBOeiqpcsRshFCz8yNN8DUdt/PCHfrrtNDWlprXJsj1gdBF0o83paO23WtAcKFyMYKw7f7bKJ4cAtCmLFoC1sqHzHyQttGJxzk1kenF8ED89Fn63vzRStXfi6cu27W6MvMqb+ZMetIpLpxcpS5mKkfOnaZ3/JuWDfXYgYJF0/FNwRXFk8/f+nH0NmeqIDoTxLOfJPA6K7okPmFMOabrBMCAOZrHB3k8XZVoHrQCe/ClvgYHgny3oPCSrzgc2Kw1NdllkpeyVI/+pqkyW/ZUmRfhsgZnoKwv2cZhFP8Tx9XK5ShlDZjeXBeMj+EA1BJOknCQb1gIF9m4HSROKFFYspMrINPrIHs+ndedv1+npvhDhjPueEWmmphcuhSq1N73Z+oxS9NGaKCnZoMXm8PlRWQ7HKRVT9Hyx8a2i4yQ7EEhFYhRL2Vzzb+cXng3DzN23n+QyF3mEoVxjFDfOGLkRhXRkgYSsAY+yQv2l0IQiNTnumOjlP2gMX+awLyoSw/FLV/9oxwAIOcXSuQsPhGyUWnxPj/oGsovPuJ3qfPiMDoO8RvCFFo9XsGwhc0YAfkeputdzhvqS0aYf4SV7kT34dCBMMkVMHXJRZZj73uKZ0cHoT2SqGVrcgBIPKjCj6h/T2GeC1HMdMXaWf9HIslvGKpc7PQriAVL1s6wuXljWpRhPZV04uLype6TgYKroaxmV+QAyFcF49g8wB+ZKzQzh2pYWqm4SAWTgWHQonnZWrBQkqpT0g7Qih0B+TFG3LKpdEMgr1q5oW5Fdb6QPhY2+kWn7bOUo60gFYWV81NN/DDIrRHutfVRYkaXV9bmNk7+4icVqyHVcXcgfjK4awr9IAXuYSigDNqjd71kwBbEJ6FSzc7edZNRzrlaflQkjl+DofE+fX4GfTGsvYiP3a5gUet3gHgk4d09JlhyqUGwQxUp4u4j608aGoAZfF/c0v7wkuuTSK258Le/HBKQbOvL+pw+5k00kaC3qMeEQ66RU45hDQhjy6TU2WDSiPkqHwXUzeGnb3kPkalUWeU6ftHQVNwa35A2Qg/nQKirc2fxbSa0heuQ6Njq+kgN15c7tJ1UTH/vsK+LpMMvL6iTmgkvDo6z8xId9LxwYRz5oO016MD5WOe4KF/UwPVuUkDIBoKVFJYTiEC4ss7BwWhpgzzJ5RZFjm9F+Uchv+AAsVREBjc4aQjjcsOwBsaNMdfAY7bZIJLrORdzsYlGpd1wX6J5ToEcxB5VyydwVjv/EKrYkxn6flA6mXFp+X0LTGiFxocbZcFHTHCZfifkyUt3JlYk+ecK63d6ATmLfsQ4hn5rRp11GQ2Pwi91WoJmq2T2lLj20q0atYb2rFDwVIspmbT2RB0rdYM3V/1lRyuebLT992yhNMJbNydoYdnLi9/10uS2tX+hidd8WyHqPX6/vZL24Q9DbYt3F2IHS5NBMypPfYbDXdqdr8+25aJ9YpRkmIIR02Vl11f27KlrhEFlw160s90Sr2/RhGdGp5lrXdhomCKwwkErrXlJ7mg8LI92KXLTDKLThbq1B5RhI6bBovhXg8WR381giNOx6Cj7d5uVQ2z25nrq+6Ruk3KQgqmjf7AqDMrYGg9rUT6jd3DL7kn5N4hL4kzOf9hBUxX8rNrRs6MKJsFnKS2H/HVzYW4e4cnTZa7jnxqq2+WPPLtwgh9nNe/p+IXjti6xT951mgkAEpsC8R6JBYZkXzCtHDdV+JHGYWxZaTRsaPcWdzsk+erv4rX3/WtMSUxjsmsCog2tlGzqKosCcfKmnc9BV7IgyB5tVzVebcokuA0pHMMAUyDTJpBUQ1r3MQk/lRWPQyo2dEauJDWtDgJmye5VA4g1LK1OUUhsfMLMvBy/2yxvh8YmO5AHgWWYcH6kcwivwvCf3yg1kHjGV56925D/hjAUr74Bblik73qBMyLJUhMdqAjMAw6ABp+GcycRAXx9aeRBw6rBTauRurAVRjgAdNbviyD1t6pGQzkxMXc55RIVu3TPxjucfINX9ztRAyR4jMx3tIzdppY7qXpA2GKniWkRAtqMJNVf6zcLA8Yz9dEfe3HB5Y3tJeQHqJr97lnSeLYfMV4TmmF6nEDwHy3lX6q04PXVmkb+0cejSytA5XE44GovRrKCnnQYa4L/iAzcieYD7kfdOjB7LRGncKVMrGovLMG2YKDK+hfKxLkxq8WsVNQQrwR2OVce89t6kt+uBu+pPuDyxuGnW3eW1rJptLXd0FW7ZuuUWfce8j/oAGvt7l+9boHfuRGGz2Up0bIGKF+txnhmroldpFkhhY1Zk1+vw3dN0Hk595OADi/Wr4GANYs0oTJFQ/5LnDgfXBPsO1BM067dLfkhrkpna0w77qjKCzxp0jJpJ86JeewW053uyMCOsS3GItbGIG5qDp86c5s5Qsrxku9JPNadew4naZpD6t60SsHfmJtIOvhNNsXU4lCQfjFajEug8KjrnRh6V3OOxlMwGblMvm8h+g0yFsbUoYh6uYg1jh3czPlTBdF0OxWYymBdelDJM6yh+0MNGSXKEQAgADfKWj19JuJMFkWUVizaJ15wYpNYZpRSUVcMgs5lBCoKTrkvm7umIDHR3fb0aqqJURFqWemZuLM+Hr6YmVz+aXH3LbGKGV1dwlSn4GYfqbX9Ox7WkEV00dLijerlKOlIg5hqBorWYTAn70wKymEU21cm3LEaIIWoeEaF8lotqp/O9KiERsJOoR6zLMXM1jZbWPs/17TYxbn9Jr5CfSMgl1RCyNRK6YqJca9l1yS9cbAg7GteUNI1qCo12BxjyhVyHF0Ud5c/GGcjmephfZVt0hGhBk4xY+aMQHMTZlKIrfolcwNw510zYHxadhHmtZ+k+c+cciXCK4O814ZrT8AiHNB0KYX4YrCYjyQAVHyMxgUE52dEbqKGOB+Q4vSJ4KdcYd4btDUDYe16x/GKfzWhqim4gUBHoTiU3gJ/n/kwHE2W4peyA3P3/7lmtDNHWoN/Uf43qu55qKmXs00zDzPCMx32vXOAdqNV2XIDPo4YPzI9dNjjdoqSpuGmdpQdo68OFOcwFFabnOJw5AlTsHdaBg4db2Mmg3nk4u5PEPM7lCys1d74QLIND6sWneg2myKLw1uxn0jNuF0K7t7Lku8NJuMpEbFTP0AzS0nd8tTCFRqsfpvk3aNsHE+RlCA8AbHGTYCs8E7J0Iv9UolntZaFG5b3zg0EEk0lrjhQpxS55mx8XW8pPcIkpquEIcXS1om4TdQeXeXwgB5ZenOlGoNo5hOceRv0bCDrxshnl5MP4Jkmxpc=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>