Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx3399c583-d72b-1bdf-a567-cd9137f01c1b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx3399c583-d72b-1bdf-a567-cd9137f01c1b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>jgpaxr3YtAB1MOvYWcT9ESLgBxU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>i0pDwz1TyeR4EDJ9XgAhmktfs8JMNiPerUoo1BF2vW5aiR5nLXhXR0Qu39SmdLg3yq0xuE+W0rA+H1yEgB4yVR5Ktav3vmUadFSL3d8ldKVKqvumvzutq+KJQ77B8ys1V+wV/9yiv5+xHK4ZlX3juNZ4VEp/LP6tb1G5SOCqeQg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxdfd929a3-9ac5-c4f2-1edb-6c19e2a3717a" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxdfd929a3-9ac5-c4f2-1edb-6c19e2a3717a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>miaTV/1FhEnyeDvzwZJ2G7ABgnA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>0QxrR0ayLiRRKyXoDn+vL2KeKpb9kRIdTxGUMcJr6+JiPg31VJvLTyzLD4FubKTyf8fEuBeTZxdlLfPbCfHDTfuPjPAZjmgH1bhwii4hVe8zXPwVOVxiLrM0N0/AtyxVar32cWJ4RwevCScKUENkcqA/fyWqyFPH4T2fVtv2nPI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx69474be5-da66-a983-6be6-70670bfb38ea" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx69474be5-da66-a983-6be6-70670bfb38ea"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UliLIJTKvZqOcRIHP0EFX4B9JGA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ab2cjXTtz9RXN3GWVbrxIzGA793Bg6TWcbbxuTeqGN+r3n5SKVloEKraPqSsPxb2lYFFqs3vXRT7Z5kFrTKRj6hg3uIE2/tw3Z49L7/+QqM8yhkW9HYd8yxfDQzs7fPaRcDhFOXU+zjl86jwCtUHBhtXSoFuEOeGiaexJ4vFsV4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx0ef5cfde-0b58-e04b-437e-8a6702ad719b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx0ef5cfde-0b58-e04b-437e-8a6702ad719b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>/7YWCcPuYdlFTImtgen0iD0+M3M=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>qWaJixkDY9brijmru+ltN+e31do37i8xM+VxyUaXREkYkCEKbGQ/EZYiRCIG7Q4zSL1U3wTL/KrqMRHqfFW6oRPuQJ9eMzOKL7vN2CGWtzAYoOsP5Ex3ktTZ7nOegLWFkcnc9wIoKpz9YZfGoMZO6cYXnn92MO5JWHKz8OSHDUQ=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>KdxNlQ/4zMxdiflNhQ0RWqPey1BoVcyAQ9IEaf0WkiHv/3YH+Z0QwaKSc1uIy7H/pzYiqUxbdy8ewEPk+xmslur792k6OOJySRNooqEJ4zlxYKpKqmKPoN+158usZioOHzSZ9ZcuNASIMZgkTSVFa9reupydfrDUVWXD3qnv2VM=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>InZLk4IIzAfYqOSwXU8WJBZZIVVd8Gz26JHJAF5+IDL7S+zu+YLwnEeaZ55EbXvS+xHuyHSrMXfKug+kBMqO+5BMxKz2z0UEpFqi1qpVtGqnjhfthvrsC+cy7LgNBDkJJ6DfdxOelUDj4goYYn1LoFn1ZmIeV044YHGGImkD1SXmy3vp1qzpW5dqT9XTRXqC+XoCVhEfb/gmR28fnj2TgcAWzMwB2Xg/BvnwyyYpEDP92QCjTm9ttfYP4HgLzWpl+xuYVsmyGW7B/+vjWldMHIjDJIbCkZb963U3vwysjaDZHbSRu8LN5ykzvQ8IUzCxoBkvwEHNrO14SrmE9eROeGazFFFG7JXSOF26WVZhPplyvnebPuuNmYjsosd0h35wl4Dq8fwYKJl6iWNW1m1eAVLYblWdpe6eMtAmBiKP5gXNQ07YdFre4XiFTh5DY5Qqp7UDVd13CWCV2X2fh3atzSgRSADydycoN/UHHQeRCQpdsMnCv9ghONPoMcu3uVrVjw6TwwtkEcnEkZiNn7+fJi0qzX6SVr25PaV7ZPDAAEEC3S2gH98R7YrNpe3/zc1vS2uEq1tYGf3Jok+r2VkyA7+udryeUnZ9ZgUPHZtUpDBNyfYYrcaMyjY5Wj/vwVg1kZ88AISCx5s9kcXkoXCxwggvrdgdG4CI+NTaqNuM4s12LLlmxlfIUdsAror7huLJGvY58YZpOz+magl4L9eR6g1a/pyslCd1A7to5LIjleSYAdZhiVelulJ2LGGCccnhXsDlpswfe8nxfEPOZVYexmWzRXHbe3z1Qt9wAK0RfZVFTcy4+d9FkxlAW8JZQUvbisvXwt1PtxWF6vCYs1Tu9MAezvWV6FdGX7P21yOxt88CPI8OCtrJn8uA/5Jon7pxkWmqWiRRMhtdmwUEd56y/O+BjDZtS9abKYtbDUC04+QXbdbZFxI7XLfeVBW4zp9VOywWBg2136XQHIRUoQTdHhqWLhzuLROOckZNuM1KEtHBJwNmqszrkZ2vTVUSal1fMEiMICqwG41BIAD8I4xGKI7mHguIJxXHqUpUC/hq4VoPHcHXs2PWBCASWVKRydiLXEn7FEAMY16NeOQ3bsCLXsvdrjx/sF2J+VeRbgBKS5mPttAbVqe1qpxe8WCgmI98/wNKduhvNL6AriIm5qkyQHkZAi8ekwBIGTuAA0xIh3u8QKL+6cdrJy+A2FMZh3+D28aRWWMj265ZTloIsdUAQ0nDlBU2Z3sgGXP4nl3BT1TmuyG3oi2BA7j98phdPTvHP4UNpqTzWX2hRyH1SkfAEnSYjLIXCacmRz7dnzXMcBrKWxtyOwlJQD3Xl2lGbJ2s+zxCjn+V0ENo5POAgbH9bulFcbT5cLVv4WIipsoiHPnlnEknSBgH56jJzwcSYgXm9MKPkbOuqMf9mWGDssBKIdzOfFLJjsWW2ShQbca2BLTMYRIbusFL0eL+NOXTVgpSvNgcHLOV9egyx3BQ7UODcMCqVoaLfu6w7StKX6Q4DAGDno4up47qDETQHg6mL0t/9C/Hhe8m7OGGb+l7LfBDqcnqZlY8QZRgtpAJbPdn//3jre/Qk00rdr2yZDVchGvCPM59X+h3wX6vNOxpnxfgAc2AOpnnpDe8qMsB4+0LUY0SDXyrKB35Dr5PAqWW8fGS1kk6EYc8iaEjrRJhZCvk9Kq0BLDGGPCC00uxk8y/V0x4v4izVtSAODeCEd1wj4mJEWnSuTZKhQOf8cJClKJ7pDGRhXeKJ6cThuBh6PRif699OlPvn+6HLMGSf9+aGw7nNTz1N/6mh6geBXA21GcKFBGb/mNFy7EtgA3+SPopYjql6UEFgqtp7NAt1j6hbPoc9wqfqSDMEqFV8lWngPAew78ZYFei3TkrJUgdI+1lXo1UfRr6cOkp/FcahKRfkWctE9nZPOe5JLgrkRiDEgd8OBD4+ZxRpv5cePItoAH5xO9qz/UIeJIWDlZYmlEPQ3t0MtSrAnBpUaq8WW+daEA8Ed4Tdd2v2IcJg6nJwVXTwYGo5p1XOTDakqM/h7vG8uXSVbdZf/tqXJzp6go1zcptWIVfZVg/en3f31NvQd+CXEtMEnC1doo9mM/zf8C0tXLhoELqz3HtJfoj8o5MDduYQCslYwqbAs4V+AIFqsCAJoBunIwvnhQrsgp59rSoiqKPRaFpdUA9lGJsiiv+Mr4eXuvNpNlE3OEKNk0Hq9DFgo2Ga8xJUhbtZlyTmi1sbnApiE0O6XQX0JF9a885pj1XnFE4UtLSIGNrb42qzqMIBe0jDiTn3E4IIjTm6zhIOyBplK/J/MHO26/HDOX0lmRZob9cuWnGyWP1lJS+HPARlaYvSqqTarWkRHo9hL1b5CNleIs5qH9b673v2U1GMvs4CYHyVk5CxUACAQwPc7IoIPQqe7Y890oDBz9b8o8KzEX+1A6kQPloJwdusa660uaE7VVs9Xd3prbXRevyBthR+Duzet31FWkng+WWuiO4XLk2hT2RPbZbG5SejhO/yqINoCK8Yuf51EEXvOz+3u1doVbiXn1Jc3sGZTKtFks+nzPbPVF9T1YIgovzQI/mHml+4SxzYByG/FCisXX+uYIipB2fgoTZOTral0BCCjeuRBkuEAMDfjH8q32n8C5Xdr7TZduz4AWYEp6S260j9OARai5YON0Ok94gIS0cq2eoIwr3/dRhC2ZDpJqSGeDzBuMjJEdvRgHLEp7z0QOJ+mC7ZgzrJNpV1TBJohYquM5WnaV+yfljRBWvwp2lqXjnMFNs6Xyq8bS8vvhB8PeJqNGXPuiQAVd7F5AcMwZtSW1NnKNKcHAIxB65+RqsKYa9l6B2hWti/GAmGyKwWvcC/VpZH3Hxj6Sb8o5Ptcn3JQ17mvZiPBOyyO6pFs/ACmx1KhmJzoUbGrVRvAyD5cM8dO7mnxE=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>wGkYa7ShWGI+erKWfX7VEjB5L3vo9eLPdgi9mhjuMDuzcmpw/Ykp0+S3xSValkTK9jmWLC9/3WdPB0nSSIR5B6pHUclOogoQ+8dUyDwPuYaX1XhvYuQFC+zPRZ2C0ixwsmoVxtP2P6JrpIVQrsb/xTYxYl+GnJcIHDlzUpvBs80=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>WMvdNNQyiWnCl7+9nFzXYxhTjDaXreqCg3O7cJ9Vv7bXpZqr99FG/Ax4agqt4LmbFAaLo3EMrVw5k2eQ7FamNDPDuBweKgfxWQM6kf6EZD3UU8IyxgRz9FPxUorOy72lmpt9IV0obAOUW+8wlWiDudnxhXppn2wbiCAJ1OymWTdyZ9kaWE60YHu6zd3lvV4sbQUAZpSADO2/b73eCRYAmOdU59Rn3QMM9sdNL3pwJsWcGb4ks7ttA7LYC2HRH/Rn+F9XkMucnM88Dnzc1QhdjAnJ2IuNrwJgi8eDVrdVtVV2Qh2kWHqeOS6/5yk0tubwc9sBqjOE0k1wNP7tLxlF8DoOCr6cF6SlDtFFR5U/xTT3oXcjWARbK6RllZmn8Cd/rubos5nuJyVXsVMmlQV8mW4VU1FUGFBouwdUugr1rO7bmRJqLR9xmN9EX36nzc6ACO0KUsp5KZBthBZy0AYXMpLXaGUQmJClCfXpqp/zsBjEVZ0lfSKBUWW7f2AoD3DFzkmGce49GF2rZKLveTEqPPX4NPukcgEuVkSSmwrSfio7ns/4fiKttnEV396cnmJdtgwE3T7oiMqbOBtUaZMJkZB4n/cIOqdts9oYS2LR+UlrNpIfoZPeOXcySgZpn6XBZ6aPj/6Xufj4wqfpzUMMcZEVx8F+6vSVd4uShL7hrKLX+Q3NY2xUMVwqR1AZUmUQlfnKGXfBZJizdxzKCKSGduGltzgQtV7etCNUGHNtBWQjvXob1ZSg4lW6ZZiYVeuC8EoCWmMBFLgJ6UiWTnputKlVAJd9rCod/GuBTIRJnyGOvB9Q5/n0b555LbGREL+WIXVSx4C8G2Jcm6G6ROv3eMB21b6yyVV3Ac+Dqru6lokkgjekPOXZfaqIVbbddNCnAN+RBbp0G03YhSc5Xotc6WD2VB8GHZNaWWm83ZtlIO/YnBPD/178Hc/jJARmP03TjXW9q8W8JRoTfKrKY3rVJ9j437smmljFCZ+Nef+3nNZYqmUf4+/9sRlA1iwQAn2pOxfLg3ZCHtwgFY/cIDWmu2geHcyQY74o7PSxSB+yn5Y0PfUh1CrinxmdPypkumD442Ktnb0RQkhJ56QOHFvz9WN+GtpG6k7nXafNpNQkhg8VK5rkTN4qxbVEIVhvkkZxB1x/twabekB6DzPZ6AKf/V6gpbvol2Bs2VcoAFgS/SD7pShTqfjVID0NNI8W0ISfo4O0az3XA/c5V45tit7edDaf+tu5FtG1KNZs9ash0DvhQKsnFOIZnFev+500XJ1qWd+qyTBc7ANNeHtxY85DIos5hfe4nvOZ4/9/c6DuIxwDOZtMmUPaWMQcqZcnJByQKEqNH9rBACbPQ62nufirNtLqhuBcDcBPKNYd1lCZKKOdIwg8B/Gzs4/mce3QgMEeH4g2VLXbzYh80gSgsvtw42Bl5qkY2+Hkgwci9WFOScbhnrc1MWbTarGAHO7VjxUe0lqGiWKt0AKCyKEYwLhDXbXKypUnfAxofCjdYnOsQsrxWOPgLjAs/KaEG7TZ5ry/rxZrPAjms077n+ei1b4mGYi5oLLN9i/r6j1lkzeBwbt+NpiFSl1MVwlKkGjD4Qicl/fXBYWuVYA02Zi5DSZYK/OJ/MB8C/JBcpO/yDaHgjOKTeFzvXNJMpY5B3U3VFLdm6Xm9Bt7gI4naChHspje8laQqCMpkIAPRxBqsve/H4wQ5fioX2ehW0CX3duJtXbbVM57vOSmjmSDjlAMdahwFKpL3/QKYsh7eCB9uBLIhSpTDvc8THq72cttekA++fOsAoP2v+2aX7He1/A+IanbDDvUPCPVeH9ph5bNvlSnq8j9SNsdzE1r2Ig9+CmwVCl/PikyfB4R4/jxY+vK33WpBOnbusRNrc4ocbpeV1BJXwgjMDYnkysBYh7Hej3ndO4zkT8XlZjqVxd/ZfZSf3vmfYRu+g1qKRrjY3qFuSjH9OAm2jVDpMrGl/cEKk3nOv8IZc3ldypVq7SOwsvk1Uc9p1hxXtmwe41Lc5CCA3II5oh72+77GTuhE4oPH0cvc14/Pjk4qOnjpdkKbo1Om10SrKacyEEpDOdWbgQUM6BJG+sTdVIcQ7GJSn12CyGnYObYcYim7GVx03TDv6CBQF+iVnR/aczpyPrdnHjciKrXcCD7s/7RQz6ZIPiO4kxS+F7zavgaib5++IHlPutibhle4m+/s8ZIhDKiNp7xahp/3cYV6NwhaTqjD42Chfg7L+2stp19TXKfg8SN8Rswi+bbiGSw+j8qqV6Dnof6BBgrz6qQOXiEaLXqHILT1Efa1TLe+H55dgvrk4rshbHVY0gyqzsfKhFIDlnOzx6grLlTrWXymzwA8FsMknctlGlaKVs8ku9eJprUatYnKIC2eFZB8M9lY79ccPjz4vXju9sR6KavtG94HCaO6WEjbIMcqYaWI7/plCPZmUiizy7f8wOtCn74bGmPoufV8QfxvTPElYZ7jN0Bxar4KuOlJtf8y20Thn/fQXPXWzvtDJSQWoI0mt8aXkxHB6cakYmTtPbUjXg6xHnL9ULYXFUp1jx2Y6uzSrHUQgS0L5JRvjn93+I/T3rHK6AFY0viW8sTpp9bN9WNgRpOexiBoQwClp5P10CPQJWtsB2fJm6bIiBjAqctVNvIlgMtry/RV5+/1tT4bLfxH+dm/L3wNF3OxM2/e5m86tSutDTXZAPhQUHHMnFgDFe/wLx5NFKexEbaF0T55oowBIIAYwP6ApmKD5Ga4Vg6ao7/AeR/GrnA5Ly0RMKsvCgVHEHE0gc7LDDpK2X2qmuCLo4IXH+YeUu8JIQ+ICImw5TzNK4ekuSCXKYcYZwiQ4XsoW8Ou1rS5eyfvx04D/kL+SF/3pP31TCZ0R3jtWAXSRvZpZSiVhVKNkZDjwTYnKIabJQNDdl5AHBCgLqzZ0X7aCPJuLKf00a4I4hBGesHUmvBZgtdnt3ZVGKX2rH40kOmMl6V50v4Hh+oiF5KJrOlkf3b7mkOsKofJ786fvolwDYE8NLiqs0ONBuhc4CV4Twt3NwaEWDSqXZplFnX41Uz/bhlPJnKkWKZxy8RH++MUp/IIoDlm7dpAcC7cn0HCOhFRJABopaPUsDsVB33PJot0Ges967vLTzPygUe/gm6qTek7bpHwqD9M+/4pzWo8L7kdiiTHXR3tIRJSSyqJAy1+nlFAyeIIYdQ6B2pjncfvCdf/UbyO0m0RZaaKDC0c+5Qv5Kbl7KFDXw8E/c2dbcSGejNTrLCMnLgSMIRZqkH2b0V2tHht0dIYzlnw9VIfGxSkE+eUe0ySn0hNOuBf9FmlfjFxVugSjm0H0twcibDUus4ei3sTrCNL3WKSn+lGz0obecOQ7VD3tB6wkzflvyE+rZszl/rlBKTMmT+xglEKEw+fd8TBvRVsJkO/TYMC1Hg7HHP/ccBUx1PN26J1uaoqzQ9U2585c4DNPimADYqghYjCPNIOXyHb6cyP6sHvUtpeLMgWCAQoIt0GXQ8ln9FRkCTcQ9pYboyPwxqMUFYW7Jq7zrWJM12HipUp8bAX2VJSEHgHN8b7mRiAwhXdJ0k4rwbZ1S85PgIutWZaSw0Eia0Z4NnwCR6YYvPa20FPyMCHKjBJy4jvdaAVzTYPwEsY4i7saowiDN6lgklwDbkhNPuWCFvCoBCQfVpFMHAiYS3UAXB0DqJm7wg4dyPfs5qarsijmaFB5JYZwz/RwYKLizurINMGMlYjx8AxK9tljjxzrDbCT5Hbg9yzDrePmSY7tIjc3iwJgWj+Qr/yjSKuhjSyNLfgNZiofAktSsgUZUITQ7Fo7mMB33lTHqx6gqIHEoQmjBxVq/IClnhE1Z+M+TMGRsdALPO2fnK1G7C9zICHFdrR0ANcvb92Me4OQcV4L5wEsRk9ciSkiJbXp+VDjs46DQ2ANoEGqtnb0xQcj46si6+x4DOTzh8CVjeSYNU0jlWmEp5nhiu5bcQp5LZbCVpzpLpeeCiBLtXSa34mfnJHoAmVwfcJfDU5DJFI86dhwMOavZj+QT6ofTMLIYJpHp8IDhSSG/M1KB8EpS1jdlkogalrW/tdat6HZ7VrQVE3x83Ou6+nzHkLDIT6YrJrzqX3iqBECAxmlmunJ3YdbKaPyff+JyQHG834wI35qk7vhO9hfn0T/bIIMWr0D7N9t+9VXWisK9ts+2NUTJuKAd4+6E2NoqQbKMDPRzlHWpBv9sbj9+w5eSJG8SjCutSYSPCR8z36atOJ2hzGhd+5vfA/wxqTFTf5PPsCdatv7fxFdc4IISOnNmjTao7O/7yBIGR0pq3Yj2u4OU9x1EC4+etFotzHJaK4Nli6ffbq2o+ycXorjVdPDuOiiuv/JV/PU1sWJS3Xy6j2IVLmJRcpi+Dy4ZLPf+ea9AnCrEnxRnOLRSIjlsuQH4x0QBOQSiZTTgXRn5FH3gp1uaBXDrJPP7CeIFkES7lgCxOiad+MGZMYGqzUi6OgcBwxt37dgytJJIUn+WUMvyaLhrLHtwvIJ+w7D1KMZIrmqB8Vg4q4WAC25bSV5OxgqgEl912VkH4YCC7V769rcXpWQwDwtW8eWDvxeuOXlMTnXWKOLGBlraXLZ0bBbOSF22hpLijL6Pe0zn1BNW6S9z/PvmfyHDAOH8pybx/zZoeV1dawF1SM0alMbU9YFeihynb8Mi3YWFomldK3fU4hrezf1qK+PxRaSu2YITdMO/+SV6pjNg7cqEcDXCsQpgMyymhA+EcPtMUqRQF5Xa9SL2ywBf4FsLbCaSG8fDO27nn/wW3VSV0Ll/EHkWkeibIGD2b8XuFbjHsDeH2/3rYGcQGjcB17MN0rjGQHqS/WGLSK9NefNTyaRfoXe8Yu7aO0GmnvD1r2+zLWKn9EuEqXfGlcOlJbn/CSH5IcRX7CYXyE8Q3JAHclCxKG6Ay7Ge9NZ8XWSA//h1LXVMbwcQvtn124r2PrIWawOrKxIZGlmTH7oSXWQtJMtKh8wcBLk0Gz3xkeqM9DzDFa4jbuiuWysgSzZq5uo655JqeiTAcflwmaissBSg52b7iTCXc51eCmuaU2VCp6/+EchFz8Z2aWi6EMReus/ScazZryZjZQZTo6ltZpv2jDBSm863djlMThdxiUGc2WNEbzgIpZN2u93QJnQJmymS6HwGuMB68C93paisD9eBmeG9CHMH44tufgtsRrTO+M4iN3lY4D8wWYwsTq7caJ6fXk0HEkKoaSxvjcE+TE6XdSzcWLqVi0B5ZYaUhoF6M7rUfiMTEqGEkIle60+bI3KqJRoDYTYbteJHwfb/5fxV+ZkGaHdGPMjjD25UtbgN5z4qzgfd6W2LgOM6Z7v9ahEZpz/QiRu+U/3WcT/dkWaZrj3R5aAieuxarM6Cjh5zyf9lup5O3If/4702oyhzBrR4wcxLMaYLGJ4/Cjbiq04GutmdeDfTQf62kQiHlc0lLYmftYbw0S6WGyam+4TZgtlk5b5Mh34qIpQRUVuLsM5YqiPs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx2000fa06-e0e2-9a4c-41ad-ab8da8577056" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2000fa06-e0e2-9a4c-41ad-ab8da8577056"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>8Lbcf8nbsxAk4kRZa/zmncqIC2Q=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>c+QxLjLwrT4FMkclXJ/4KTDd6yIhjwd8kRP1MK/Prl1TsibfyqnjFY4R6n5UrTCydz5lqUKSIJUVL0eK67PHV39LPsuoTH7Xno4ms7hf2wxX5CFtRxhX7mQHaAAsjo4VEmVisfbjW/5JnjoV51+HCpxiqOc2idef3wGrhc/TSng=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>KdxNlQ/4zMxdiflNhQ0RWqPey1BoVcyAQ9IEaf0WkiHv/3YH+Z0QwaKSc1uIy7H/pzYiqUxbdy8ewEPk+xmslur792k6OOJySRNooqEJ4zlxYKpKqmKPoN+158usZioOHzSZ9ZcuNASIMZgkTSVFa9reupydfrDUVWXD3qnv2VM=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>InZLk4IIzAfYqOSwXU8WJBZZIVVd8Gz26JHJAF5+IDL7S+zu+YLwnEeaZ55EbXvS+xHuyHSrMXfKug+kBMqO+5BMxKz2z0UEpFqi1qpVtGqnjhfthvrsC+cy7LgNBDkJJ6DfdxOelUDj4goYYn1LoFn1ZmIeV044YHGGImkD1SXmy3vp1qzpW5dqT9XTRXqC+XoCVhEfb/gmR28fnj2TgcAWzMwB2Xg/BvnwyyYpEDP92QCjTm9ttfYP4HgLzWpl+xuYVsmyGW7B/+vjWldMHIjDJIbCkZb963U3vwysjaDZHbSRu8LN5ykzvQ8IUzCxoBkvwEHNrO14SrmE9eROeGazFFFG7JXSOF26WVZhPplyvnebPuuNmYjsosd0h35wl4Dq8fwYKJl6iWNW1m1eAVLYblWdpe6eMtAmBiKP5gXNQ07YdFre4XiFTh5DY5Qqp7UDVd13CWCV2X2fh3atzSgRSADydycoN/UHHQeRCQpdsMnCv9ghONPoMcu3uVrVjw6TwwtkEcnEkZiNn7+fJi0qzX6SVr25PaV7ZPDAAEEC3S2gH98R7YrNpe3/zc1vS2uEq1tYGf3Jok+r2VkyA7+udryeUnZ9ZgUPHZtUpDBNyfYYrcaMyjY5Wj/vwVg1kZ88AISCx5s9kcXkoXCxwggvrdgdG4CI+NTaqNuM4s12LLlmxlfIUdsAror7huLJGvY58YZpOz+magl4L9eR6g1a/pyslCd1A7to5LIjleSYAdZhiVelulJ2LGGCccnhXsDlpswfe8nxfEPOZVYexmWzRXHbe3z1Qt9wAK0RfZVFTcy4+d9FkxlAW8JZQUvbisvXwt1PtxWF6vCYs1Tu9MAezvWV6FdGX7P21yOxt88CPI8OCtrJn8uA/5Jon7pxkWmqWiRRMhtdmwUEd56y/O+BjDZtS9abKYtbDUC04+QXbdbZFxI7XLfeVBW4zp9VOywWBg2136XQHIRUoQTdHhqWLhzuLROOckZNuM1KEtHBJwNmqszrkZ2vTVUSal1fMEiMICqwG41BIAD8I4xGKI7mHguIJxXHqUpUC/hq4VoPHcHXs2PWBCASWVKRydiLXEn7FEAMY16NeOQ3bsCLXsvdrjx/sF2J+VeRbgBKS5mPttAbVqe1qpxe8WCgmI98/wNKduhvNL6AriIm5qkyQHkZAi8ekwBIGTuAA0xIh3u8QKL+6cdrJy+A2FMZh3+D28aRWWMj265ZTloIsdUAQ0nDlBU2Z3sgGXP4nl3BT1TmuyG3oi2BA7j98phdPTvHP4UNpqTzWX2hRyH1SkfAEnSYjLIXCacmRz7dnzXMcBrKWxtyOwlJQD3Xl2lGbJ2s+zxCjn+V0ENo5POAgbH9bulFcbT5cLVv4WIipsoiHPnlnEknSBgH56jJzwcSYgXm9MKPkbOuqMf9mWGDssBKIdzOfFLJjsWW2ShQbca2BLTMYRIbusFL0eL+NOXTVgpSvNgcHLOV9egyx3BQ7UODcMCqVoaLfu6w7StKX6Q4DAGDno4up47qDETQHg6mL0t/9C/Hhe8m7OGGb+l7LfBDqcnqZlY8QZRgtpAJbPdn//3jre/Qk00rdr2yZDVchGvCPM59X+h3wX6vNOxpnxfgAc2AOpnnpDe8qMsB4+0LUY0SDXyrKB35Dr5PAqWW8fGS1kk6EYc8iaEjrRJhZCvk9Kq0BLDGGPCC00uxk8y/V0x4v4izVtSAODeCEd1wj4mJEWnSuTZKhQOf8cJClKJ7pDGRhXeKJ6cThuBh6PRif699OlPvn+6HLMGSf9+aGw7nNTz1N/6mh6geBXA21GcKFBGb/mNFy7EtgA3+SPopYjql6UEFgqtp7NAt1j6hbPoc9wqfqSDMEqFV8lWngPAew78ZYFei3TkrJUgdI+1lXo1UfRr6cOkp/FcahKRfkWctE9nZPOe5JLgrkRiDEgd8OBD4+ZxRpv5cePItoAH5xO9qz/UIeJIWDlZYmlEPQ3t0MtSrAnBpUaq8WW+daEA8Ed4Tdd2v2IcJg6nJwVXTwYGo5p1XOTDakqM/h7vG8uXSVbdZf/tqXJzp6go1zcptWIVfZVg/en3f31NvQd+CXEtMEnC1doo9mM/zf8C0tXLhoELqz3HtJfoj8o5MDduYQCslYwqbAs4V+AIFqsCAJoBunIwvnhQrsgp59rSoiqKPRaFpdUA9lGJsiiv+Mr4eXuvNpNlE3OEKNk0Hq9DFgo2Ga8xJUhbtZlyTmi1sbnApiE0O6XQX0JF9a885pj1XnFE4UtLSIGNrb42qzqMIBe0jDiTn3E4IIjTm6zhIOyBplK/J/MHO26/HDOX0lmRZob9cuWnGyWP1lJS+HPARlaYvSqqTarWkRHo9hL1b5CNleIs5qH9b673v2U1GMvs4CYHyVk5CxUACAQwPc7IoIPQqe7Y890oDBz9b8o8KzEX+1A6kQPloJwdusa660uaE7VVs9Xd3prbXRevyBthR+Duzet31FWkng+WWuiO4XLk2hT2RPbZbG5SejhO/yqINoCK8Yuf51EEXvOz+3u1doVbiXn1Jc3sGZTKtFks+nzPbPVF9T1YIgovzQI/mHml+4SxzYByG/FCisXX+uYIipB2fgoTZOTral0BCCjeuRBkuEAMDfjH8q32n8C5Xdr7TZduz4AWYEp6S260j9OARai5YON0Ok94gIS0cq2eoIwr3/dRhC2ZDpJqSGeDzBuMjJEdvRgHLEp7z0QOJ+mC7ZgzrJNpV1TBJohYquM5WnaV+yfljRBWvwp2lqXjnMFNs6Xyq8bS8vvhB8PeJqNGXPuiQAVd7F5AcMwZtSW1NnKNKcHAIxB65+RqsKYa9l6B2hWti/GAmGyKwWvcC/VpZH3Hxj6Sb8o5Ptcn3JQ17mvZiPBOyyO6pFs/ACmx1KhmJzoUbGrVRvAyD5cM8dO7mnxE=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx9d74e71a-52b7-b42f-2e6a-539b986ad3cb" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx9d74e71a-52b7-b42f-2e6a-539b986ad3cb"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>nXwckI9LWx3BytOAmuTsBMf5Dg0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>FHc3rEsFDzTgDBgtzoZomKqI8xIU5wEd7+rsV9RHRGpyWQ9tFWSAnZZkOA+OtMiHdM7je1UaVU7Y4qVU/zQn7/wgwXsaUbk27Clhw6dYLyx6DKpbtntOTvuSLAq+t321JGqC6TKaVor1uaEhyJPFYf/xsvylqn9soh1LgBcYkmk=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>wGkYa7ShWGI+erKWfX7VEjB5L3vo9eLPdgi9mhjuMDuzcmpw/Ykp0+S3xSValkTK9jmWLC9/3WdPB0nSSIR5B6pHUclOogoQ+8dUyDwPuYaX1XhvYuQFC+zPRZ2C0ixwsmoVxtP2P6JrpIVQrsb/xTYxYl+GnJcIHDlzUpvBs80=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>WMvdNNQyiWnCl7+9nFzXYxhTjDaXreqCg3O7cJ9Vv7bXpZqr99FG/Ax4agqt4LmbFAaLo3EMrVw5k2eQ7FamNDPDuBweKgfxWQM6kf6EZD3UU8IyxgRz9FPxUorOy72lmpt9IV0obAOUW+8wlWiDudnxhXppn2wbiCAJ1OymWTdyZ9kaWE60YHu6zd3lvV4sbQUAZpSADO2/b73eCRYAmOdU59Rn3QMM9sdNL3pwJsWcGb4ks7ttA7LYC2HRH/Rn+F9XkMucnM88Dnzc1QhdjAnJ2IuNrwJgi8eDVrdVtVV2Qh2kWHqeOS6/5yk0tubwc9sBqjOE0k1wNP7tLxlF8DoOCr6cF6SlDtFFR5U/xTT3oXcjWARbK6RllZmn8Cd/rubos5nuJyVXsVMmlQV8mW4VU1FUGFBouwdUugr1rO7bmRJqLR9xmN9EX36nzc6ACO0KUsp5KZBthBZy0AYXMpLXaGUQmJClCfXpqp/zsBjEVZ0lfSKBUWW7f2AoD3DFzkmGce49GF2rZKLveTEqPPX4NPukcgEuVkSSmwrSfio7ns/4fiKttnEV396cnmJdtgwE3T7oiMqbOBtUaZMJkZB4n/cIOqdts9oYS2LR+UlrNpIfoZPeOXcySgZpn6XBZ6aPj/6Xufj4wqfpzUMMcZEVx8F+6vSVd4uShL7hrKLX+Q3NY2xUMVwqR1AZUmUQlfnKGXfBZJizdxzKCKSGduGltzgQtV7etCNUGHNtBWQjvXob1ZSg4lW6ZZiYVeuC8EoCWmMBFLgJ6UiWTnputKlVAJd9rCod/GuBTIRJnyGOvB9Q5/n0b555LbGREL+WIXVSx4C8G2Jcm6G6ROv3eMB21b6yyVV3Ac+Dqru6lokkgjekPOXZfaqIVbbddNCnAN+RBbp0G03YhSc5Xotc6WD2VB8GHZNaWWm83ZtlIO/YnBPD/178Hc/jJARmP03TjXW9q8W8JRoTfKrKY3rVJ9j437smmljFCZ+Nef+3nNZYqmUf4+/9sRlA1iwQAn2pOxfLg3ZCHtwgFY/cIDWmu2geHcyQY74o7PSxSB+yn5Y0PfUh1CrinxmdPypkumD442Ktnb0RQkhJ56QOHFvz9WN+GtpG6k7nXafNpNQkhg8VK5rkTN4qxbVEIVhvkkZxB1x/twabekB6DzPZ6AKf/V6gpbvol2Bs2VcoAFgS/SD7pShTqfjVID0NNI8W0ISfo4O0az3XA/c5V45tit7edDaf+tu5FtG1KNZs9ash0DvhQKsnFOIZnFev+500XJ1qWd+qyTBc7ANNeHtxY85DIos5hfe4nvOZ4/9/c6DuIxwDOZtMmUPaWMQcqZcnJByQKEqNH9rBACbPQ62nufirNtLqhuBcDcBPKNYd1lCZKKOdIwg8B/Gzs4/mce3QgMEeH4g2VLXbzYh80gSgsvtw42Bl5qkY2+Hkgwci9WFOScbhnrc1MWbTarGAHO7VjxUe0lqGiWKt0AKCyKEYwLhDXbXKypUnfAxofCjdYnOsQsrxWOPgLjAs/KaEG7TZ5ry/rxZrPAjms077n+ei1b4mGYi5oLLN9i/r6j1lkzeBwbt+NpiFSl1MVwlKkGjD4Qicl/fXBYWuVYA02Zi5DSZYK/OJ/MB8C/JBcpO/yDaHgjOKTeFzvXNJMpY5B3U3VFLdm6Xm9Bt7gI4naChHspje8laQqCMpkIAPRxBqsve/H4wQ5fioX2ehW0CX3duJtXbbVM57vOSmjmSDjlAMdahwFKpL3/QKYsh7eCB9uBLIhSpTDvc8THq72cttekA++fOsAoP2v+2aX7He1/A+IanbDDvUPCPVeH9ph5bNvlSnq8j9SNsdzE1r2Ig9+CmwVCl/PikyfB4R4/jxY+vK33WpBOnbusRNrc4ocbpeV1BJXwgjMDYnkysBYh7Hej3ndO4zkT8XlZjqVxd/ZfZSf3vmfYRu+g1qKRrjY3qFuSjH9OAm2jVDpMrGl/cEKk3nOv8IZc3ldypVq7SOwsvk1Uc9p1hxXtmwe41Lc5CCA3II5oh72+77GTuhE4oPH0cvc14/Pjk4qOnjpdkKbo1Om10SrKacyEEpDOdWbgQUM6BJG+sTdVIcQ7GJSn12CyGnYObYcYim7GVx03TDv6CBQF+iVnR/aczpyPrdnHjciKrXcCD7s/7RQz6ZIPiO4kxS+F7zavgaib5++IHlPutibhle4m+/s8ZIhDKiNp7xahp/3cYV6NwhaTqjD42Chfg7L+2stp19TXKfg8SN8Rswi+bbiGSw+j8qqV6Dnof6BBgrz6qQOXiEaLXqHILT1Efa1TLe+H55dgvrk4rshbHVY0gyqzsfKhFIDlnOzx6grLlTrWXymzwA8FsMknctlGlaKVs8ku9eJprUatYnKIC2eFZB8M9lY79ccPjz4vXju9sR6KavtG94HCaO6WEjbIMcqYaWI7/plCPZmUiizy7f8wOtCn74bGmPoufV8QfxvTPElYZ7jN0Bxar4KuOlJtf8y20Thn/fQXPXWzvtDJSQWoI0mt8aXkxHB6cakYmTtPbUjXg6xHnL9ULYXFUp1jx2Y6uzSrHUQgS0L5JRvjn93+I/T3rHK6AFY0viW8sTpp9bN9WNgRpOexiBoQwClp5P10CPQJWtsB2fJm6bIiBjAqctVNvIlgMtry/RV5+/1tT4bLfxH+dm/L3wNF3OxM2/e5m86tSutDTXZAPhQUHHMnFgDFe/wLx5NFKexEbaF0T55oowBIIAYwP6ApmKD5Ga4Vg6ao7/AeR/GrnA5Ly0RMKsvCgVHEHE0gc7LDDpK2X2qmuCLo4IXH+YeUu8JIQ+ICImw5TzNK4ekuSCXKYcYZwiQ4XsoW8Ou1rS5eyfvx04D/kL+SF/3pP31TCZ0R3jtWAXSRvZpZSiVhVKNkZDjwTYnKIabJQNDdl5AHBCgLqzZ0X7aCPJuLKf00a4I4hBGesHUmvBZgtdnt3ZVGKX2rH40kOmMl6V50v4Hh+oiF5KJrOlkf3b7mkOsKofJ786fvolwDYE8NLiqs0ONBuhc4CV4Twt3NwaEWDSqXZplFnX41Uz/bhlPJnKkWKZxy8RH++MUp/IIoDlm7dpAcC7cn0HCOhFRJABopaPUsDsVB33PJot0Ges967vLTzPygUe/gm6qTek7bpHwqD9M+/4pzWo8L7kdiiTHXR3tIRJSSyqJAy1+nlFAyeIIYdQ6B2pjncfvCdf/UbyO0m0RZaaKDC0c+5Qv5Kbl7KFDXw8E/c2dbcSGejNTrLCMnLgSMIRZqkH2b0V2tHht0dIYzlnw9VIfGxSkE+eUe0ySn0hNOuBf9FmlfjFxVugSjm0H0twcibDUus4ei3sTrCNL3WKSn+lGz0obecOQ7VD3tB6wkzflvyE+rZszl/rlBKTMmT+xglEKEw+fd8TBvRVsJkO/TYMC1Hg7HHP/ccBUx1PN26J1uaoqzQ9U2585c4DNPimADYqghYjCPNIOXyHb6cyP6sHvUtpeLMgWCAQoIt0GXQ8ln9FRkCTcQ9pYboyPwxqMUFYW7Jq7zrWJM12HipUp8bAX2VJSEHgHN8b7mRiAwhXdJ0k4rwbZ1S85PgIutWZaSw0Eia0Z4NnwCR6YYvPa20FPyMCHKjBJy4jvdaAVzTYPwEsY4i7saowiDN6lgklwDbkhNPuWCFvCoBCQfVpFMHAiYS3UAXB0DqJm7wg4dyPfs5qarsijmaFB5JYZwz/RwYKLizurINMGMlYjx8AxK9tljjxzrDbCT5Hbg9yzDrePmSY7tIjc3iwJgWj+Qr/yjSKuhjSyNLfgNZiofAktSsgUZUITQ7Fo7mMB33lTHqx6gqIHEoQmjBxVq/IClnhE1Z+M+TMGRsdALPO2fnK1G7C9zICHFdrR0ANcvb92Me4OQcV4L5wEsRk9ciSkiJbXp+VDjs46DQ2ANoEGqtnb0xQcj46si6+x4DOTzh8CVjeSYNU0jlWmEp5nhiu5bcQp5LZbCVpzpLpeeCiBLtXSa34mfnJHoAmVwfcJfDU5DJFI86dhwMOavZj+QT6ofTMLIYJpHp8IDhSSG/M1KB8EpS1jdlkogalrW/tdat6HZ7VrQVE3x83Ou6+nzHkLDIT6YrJrzqX3iqBECAxmlmunJ3YdbKaPyff+JyQHG834wI35qk7vhO9hfn0T/bIIMWr0D7N9t+9VXWisK9ts+2NUTJuKAd4+6E2NoqQbKMDPRzlHWpBv9sbj9+w5eSJG8SjCutSYSPCR8z36atOJ2hzGhd+5vfA/wxqTFTf5PPsCdatv7fxFdc4IISOnNmjTao7O/7yBIGR0pq3Yj2u4OU9x1EC4+etFotzHJaK4Nli6ffbq2o+ycXorjVdPDuOiiuv/JV/PU1sWJS3Xy6j2IVLmJRcpi+Dy4ZLPf+ea9AnCrEnxRnOLRSIjlsuQH4x0QBOQSiZTTgXRn5FH3gp1uaBXDrJPP7CeIFkES7lgCxOiad+MGZMYGqzUi6OgcBwxt37dgytJJIUn+WUMvyaLhrLHtwvIJ+w7D1KMZIrmqB8Vg4q4WAC25bSV5OxgqgEl912VkH4YCC7V769rcXpWQwDwtW8eWDvxeuOXlMTnXWKOLGBlraXLZ0bBbOSF22hpLijL6Pe0zn1BNW6S9z/PvmfyHDAOH8pybx/zZoeV1dawF1SM0alMbU9YFeihynb8Mi3YWFomldK3fU4hrezf1qK+PxRaSu2YITdMO/+SV6pjNg7cqEcDXCsQpgMyymhA+EcPtMUqRQF5Xa9SL2ywBf4FsLbCaSG8fDO27nn/wW3VSV0Ll/EHkWkeibIGD2b8XuFbjHsDeH2/3rYGcQGjcB17MN0rjGQHqS/WGLSK9NefNTyaRfoXe8Yu7aO0GmnvD1r2+zLWKn9EuEqXfGlcOlJbn/CSH5IcRX7CYXyE8Q3JAHclCxKG6Ay7Ge9NZ8XWSA//h1LXVMbwcQvtn124r2PrIWawOrKxIZGlmTH7oSXWQtJMtKh8wcBLk0Gz3xkeqM9DzDFa4jbuiuWysgSzZq5uo655JqeiTAcflwmaissBSg52b7iTCXc51eCmuaU2VCp6/+EchFz8Z2aWi6EMReus/ScazZryZjZQZTo6ltZpv2jDBSm863djlMThdxiUGc2WNEbzgIpZN2u93QJnQJmymS6HwGuMB68C93paisD9eBmeG9CHMH44tufgtsRrTO+M4iN3lY4D8wWYwsTq7caJ6fXk0HEkKoaSxvjcE+TE6XdSzcWLqVi0B5ZYaUhoF6M7rUfiMTEqGEkIle60+bI3KqJRoDYTYbteJHwfb/5fxV+ZkGaHdGPMjjD25UtbgN5z4qzgfd6W2LgOM6Z7v9ahEZpz/QiRu+U/3WcT/dkWaZrj3R5aAieuxarM6Cjh5zyf9lup5O3If/4702oyhzBrR4wcxLMaYLGJ4/Cjbiq04GutmdeDfTQf62kQiHlc0lLYmftYbw0S6WGyam+4TZgtlk5b5Mh34qIpQRUVuLsM5YqiPs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>