Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx612a6e79-a63f-6ab7-39eb-799d88b7e986" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx612a6e79-a63f-6ab7-39eb-799d88b7e986"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>/aukbin351NCzw8cDXIUyfCcO60=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>zyttF0jAPZz/k0aKw3+ypkSaUSFOnBX69KQi43RvIo0+IDbDOHE6RvltJUfvLNaX52U/u182IdTo0sLsCXumTlvtrXzSNtSBIZp6aAmMWzsT/EOAU/53+scYpig9fKUjq9uh4zecXQqQCZkkY4y/qOdBiZv44xx+URLqUquMiUg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxe7e6de1e-61db-c841-2718-64ceb9da5e65" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxe7e6de1e-61db-c841-2718-64ceb9da5e65"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>7Rn0ju9Ege5dkOQ+KzwFlcWeXsI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>o3JYAdb4/Pj4pLJ9nAUo8FDx3uhNdoEYMzecyFaogj9cXkg8tQYvuptPBmx5Kzax4v4K1nAZ+6K36OAkklgrWgTa9jIdO+xWY53Zogu5I78MJ48gP5li2Dq7GdttCt/u5Zf2ngzKoohJRgVJl2n8f4N0dySSN8fKA97Cwo+mKVw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxb3ddbbd9-b5c0-b94c-75df-ea5acc8448f7" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb3ddbbd9-b5c0-b94c-75df-ea5acc8448f7"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>omN+d62WbJO10UmoQr3P5qxBpEI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>af53sZ054Uf/gXD72X+OXlS1QZh3eiE7LOHcnWChD0gCf56B9fEvPytbhFLA4rwnwZ1L/qnsURCYoy+WhDd0efVg3ws+U9gCS77lNUsiUDoRmrPntLhwl0/IGUW2fMYtXnRJtyUpCr3oTSsnrWA+z6+rWrnmtV37Jznz5iqr794=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx23f0acd6-85cc-7891-7c54-0abeb3249204" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx23f0acd6-85cc-7891-7c54-0abeb3249204"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>wGIGHO5yTBQ/3rY5HjGFI68UMPA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>YYQ35RiIApJx00x1N5jrGeRe8uda9uI8t3UPootxYyCCzifGS2SxDqJTp8BMSu9YWoXbop/5Nz+W1xEByfUJVQ3htUD2a9us8tPiUeuWmrmKqzAoW3spI8yUgNbTCjNX3uGcgxswB7ysEcKMbsv5G1WdbQCFhpa1HU323o5eGlQ=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>oRgVPzmdoW6t22iQsEeHh9oRpGH0ymMAhTZSTggeA2pwGVD1WkjXrqGgPT1ntGSxl0WMxhYJxwVNy15jq3u7MnWrNmvyQkI8iYd2vhvVck/e88LpCqx4199tB6TZcmkDcxOi8YqhdIOGXYxiLt7OrWt0qi545/o3Pp99judbyjM=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>K6adKp2KTOv9gZ94NKpBBk7C/q26tOELJR85bBUzfY3kDNxEFYIOshE1pEsawnQf/pErU1BPcGpjQ9gbgK+Ywv4XIfyrKlIiwYQ8w4e+p5Jo6p4/cMWSyefE/GisjpZSg2ShMRO7Y5/viJ98+2rfwBePL671pHWF12ZO0z8PEvkXQlSGiKJUW7eMJiaKY75jSNwBsO7SN1NZh3J23ihoe32Mv+sbMtpmR67p0ushxu5a8wvCBVZJC39aQhbYtiz8yNDyp5Idb/LXVMRI6f7SMJ4vb9IKqJhasfFtISPbouXDH8uPmtSUrMhYoeDrjcU3iX5FdX4p0B3eyy8yMjRzj44A6g+gOp2mzS2zbwHVOSHeCSUAeFYOoSIRN/9ie9E5Oba5UIOjIb7oKKG4znTbriaZ+Y7KteAkRkGotn1RXJY5TFd6Vm6wEv91vHbkLK1vQth+df3ek1OBgz7lfISsnGmyiGjDij8Kd8sLO1AGHWyNc/GRVgNs7JHzB8ujr4ZVPgvSmWITf6cBij9FsEy1aqC+wgPbs+rn+J907PF5xl0DfwZmEX2t8gPml7vWhhtIkCj5GdZxneQBgbb1sejfnXzqiEqxwAO3MpkS3zAIDGIQDN0pjxdiuauNG6iIYLRmapSeruTlqy3rcjBqFnYUz8DZMoMyyqMv+d1Ai1WnRXXZPJaKxIwV/T8CjQHPNYaQEkHJgewhic7bPeD/LPLOfYs56IOBaxp7UF2klzZ1SeSYB3p5NPZF0WMkkRJEf8wZSKUzqSNJ3JjlMbHd70X+S/21Rc4K2dtO4/Jp8bUU108dDysuDluVbop8mdgfYkjOZKxCB+Gp3j56JR4POasBxk+hoJU9ShzyIcCXduH+M47WD5w5gSkVTQzAJyplvoJaUO5xVav6EAaQErCD2ux9dkafLIKBETX6JRVwZ8k5a/eEczE/A3rltEgIEQUNKGR5Ddc4YFe6KhpIMaQZBrKiSsptg4fVRGx+BM5rakunOqS77rkf/+wq0LJIN21ef6TfaWPThgCJAvjiO4s4RRb895xs9/7/dIfuzPSjuOoZfXGmmKHyeC/YoBxBMV9vC/Guh3VcrJ9W17EJetjSyGWZPBOQHttHx//I1Ri9uEnZF1tQgK6Sh3CUcu74zSDkWDJ5WhzyBxCBTDcntSjrWznFOLdIcImYVZKHjpxqxTKiA5A6+cDNqndEKEOue0+965qkIw+syK6jjuQuF9d78lWTt3hJpxsayk0+xeZFHTYgFC9UcEFC/ra4Pwg/v6R6fOpAA5N9OXA4GWS12xMXqGWMgQkg3CKa4CDOGH9sJKWgtN4K/4rKBeKMqcx7asenm1yQKscN2OF7XUQ47+BBtNp3R+wzr+xwusVccI7UbI8207X2MUSiv6Xtg8P1E6jQlRFOUhDIs/euud7UvsuOJCzYyYaHwSaFdqAw0ANb9dJIOeKxllNWzamZIpxb+C4Nz0Uhe9JM3gVUlQuiPGE8Ct4wS68FTpi6rTMV322XcrmL996T3hHWD2+uFvdQfbrmKcbC/EkvwZJY7k1cElMvWsC9hDlIOa6p/blcr1jnaArj3KTXvr3J9bH6QfKyIUDKssiN4/AxK3M+vtUkrNwlxIAwx2na19o2Eycoqu2c5aM/59SihI6gOJocQWutEt2hzTqY6mRKgVuHhBFBe5EnWny9vm6WNL3FV05JWC+zim+655jweGe6U7mk9Z1LvrxYir4ADSzGarWvL2O+U5s8b1JonodXicPShOIRNVQbIIjowJNsxiHux6sVTmR83HSCUYS4qgL8vNDzRu+CrnEHnm+x0o8BDsxq8tnVxBdzEDx7pOSX0rmKyU036tNXe2N4EMBBe1NG3/4l+W+mJI33xZ0NNXSG6Xov6Wkv5HxfJCuwJgbggHNhQThkTgpqeYHDD1bKmMJpD39tq+QiMgHR/oT5sTxxU8sNWgdLT8XLQDtziB3LyadN8/muLyyIzGfLVvZGk/RXUNcU31LsawmmyGhy1gm7PzOl1IVF0cFuBIWsUEFtQSi5GIeRFPRIn27FfF11n2J0jUwCqFzFqH+obnSmA9n79zA90/h1zuwZ5hQBi/wgfGzGocTKtkYpPeNrCJAhH5PxgfrR5z+RTyE5yHhhNv33RQEf0MrBE4CdZW//mJzo2aoiPKZ/Ss9AGiGMOdiUVXzArXmXdEwz43GxlauXQFuSBmh75g2qzctIeNU6uO49tM6BAaqK75RdhTRmG+kK05/Cy4L5eD+AePjTawS44bhBmB/PnTJwdnunTqa5m6dmkE42/gxrRgLAVvCgX3JkdHNEQILVWH8KJ1/i5aAk60Yr9b5G/WntpZ2mw4FWFiGr5Ly+3wM7Q7qB2p0Ldtx9c1cYD66TCMexdVuT1N/x5uBdAA3zNFS4zaQUcp+T/gO/+oxxhy5AkQ0nYOiL1wG+UD92zyD/l5AldalZia7YgeccDAyfnjsju7sLEixFVEPazkCFzkL7w3DjkSXVhpvchy62V613sdd0xkz1wJSVg8nDFAA06jIW67fb3vzvT0kkhfAB343jPNjN0XKSGKo5K5TBtGtxHR906cyVUCpwGJ1a6TQyoEl3RbOG/umZMVzxR9uNGfw60eEOj9koET7SLL4NqXgzb6AfRSX3IE8ak7DliAGopRIB3KZpQHi5qMeKKNGxEwmdFCVijPnW0nVS2wPT6gtgCT/l0k9xYwzpNKj9l2/BUR7EyTqpZ2QtXjlH6E6Piar7ZTC/wnO0FEKpspdIMX4urWvxhjCmKYSRxG93La4vqPPvJG5NBSFMuPb8QmHQLpkI2P7AuyypgnzdFsvvbafyvKa18DENrvJwd/PvzmNjI14gaZyVJS5iXbzaYnDXsYOnB0IbWeR7COfjV+/CW7TpG5eXtcS6yExhPDsZBfE7BZmy02yEmHAYSfs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Uu1yaGXK7CdSYWKs2erUQJeDUSona+oESsbR6Yp+2w216VKT5KTFDlLBKmt9clX/JHWSoI67Lzx9kgyUJw60JF/d5j7/OaG21T0oecCwJ4wFjYMvRlAn9FLGnVfBiNgWKgRWMKvdgvZv5rSlutCY7gb1wNoZbXp8fgjjmGkbthw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>tJaFrrl0KJaTKSa9FKvJlFQR46Ig0ab5+C+RVIB/dcSlgSKiFf6oSJO4QwsSv84W0Z6vNoSvAR+Klf9eAxN4fQElH2+ProhcJEgUUdgHev+h7WdJ4+W/mewdIfXPdWCcAPzSi2erRdocu+90MMnzxFxc/AHIa3U1LFNKgxxUEyqa96HilHSyxt6ACoPfLc1gS/O3XjFhpSXZzPhHkxLO6/C449Ep7KTYYrWH2Y8tVTuUNz2/zkdvJOHTn33WJwlbsuayfR2k7cAaSubk5KNp6jaiMElIe0i6Ij3sRj4u5mSuh7Qk1/ziJJHOaMZFZL9gGjCf1KTriuw13lQBQFp0QtvRYcZ2+Ce6Jjv8NaGngUdj2zdDxS/yqdkv0xuup5l1yVBUDDsYbJCv7RnUIad63/kZqGo7jzn+8j3CQtaeCoqz03b/pt9gIITWM5mYLnw3jPzSWQTf89uyTzFXyHTGmmbSund66UzannnjYgnGW5wGx2U8gqFqMlrK5AEGxGTvl0lLB8HSXTo1sZiqb1yyikMA+xVwPk8efZ8nAIgFoEF2GHDCi/8LAWrofrSEtIWhad2HHpJZyw7b+neaWKDxyd9fmoNhgRyuRk3nzGljI6ZZxv0k7Ml57X7gPtqurZHq3gtUTioCLLcTlBZVKfH7Nhd3VEqDsz7XlGhd3vJUAsE3AAxxI6pJs13hkYwGSLv9Pvuxz1siFlieY2c1jNd9plu+rNeNQS+oR0suF4+8/uBAyNHQ0BRjx6+4uPyKDuhqUjlyDO61V+G8VEfWDC9ZWLhMA+BpjGsiGXWQQfqWXWlcgG+ndq6F+vra3HFfSNnZ51cGkNM28AoFiW+btBN6yQ0ApdTldBRlI4jbaIMjlEq9MWc5IKbJjfyMMNhSfhBGu4u2X8DZkfAP9aVIyCXwEfslZaApVblp6cQjujYNR8O+RTYrCvAYhoD9taI34pBE553/07fNbd6w5bIUA+jsN3E0ZEc3K6wWTe+WrLtuSLhgqlT705HSBs/1RgnVrwlxZUbX1RavnSLwsS4q6OgAue3qwjGgedebeF0qPnfj0JNXlylTL5XEBi0xBxnhECC1PaS1M5MwIPOQhwob8Qxr/S7cAJcff6pDopIIdqMKY99+WnTAZ2AJnkIhWwdXIQW+aGRdTCUAOYLMJTX4mTQEZFMmJouz9QTtnBfhpm12sEK+SDQF0EPOGymbDedFCaxAwfWv1vcTriYlEcazrGibl3ARJmG3ANQYpsefizDUBPjMcFRwuqKpNl+rMnndknyDx/PUGkSFi4l8pVNN0rQSpNfJlojjVr/qBNPEAVucITRmlP4jvaTcfz+DhN8h3nXK4GTTTyb17mWfEoxMo9xajDWkkh66U1Heu5z1XHwbtthwn6lLZx8c10SAbw3fd7f1EplcpK5LIS5hpBciqDr1Rx5jLXIUiTyRSPyavGr9yGnhJ6IVF2NhwEGfOEWSxEaQsopw3KNvWSYV/PaT6yEZQhclbgYjRA25Q2Gqr69/+YodmjYucjWbZqqsvlgte7Vva6IAbGLrs2LcSQ/3xgbMCtXbgzsSLkb+BHV/DVDRGIfPiPOSDQamsgpW1A5d5pc9xX/G8CCK3aGINHsplUxphPWJkxAxg4rdX7Eeh765a88y2FFGQBFp6xyk20YQSrSe1Q5G3vN/ad8sWa1fs+0Z2UkJ7onP5ALmFBrN4/mbzRK8JKgP85HwCeAvqlWQ6dlUI2qWuKaeYGo0GACVivJ0KpJVXTBz/n/g/cfuzcBf32FqQYp9TEDEl5ihUhJGWMnsIuOyBo3R1RuwAM/P82+xeCsSlSkEv2O6cRyiZVtep3b0Au2MXbpEXRPRBtXnjvs94YZrM5c+6y4QGk6c50fgveDc06XCXPECnx03tw8+T97twMehIi1IEqDv5UaOT6VfhDwabKPAnXCyQDGqQ6+Ad/jhdaWdYtdqQcDItAsw2OiQVMvRpSdfqCrftIRN4OBl3LnvCem8/gz5IenbIGQ8CiGGa+A2BaxAwbKe7yJ8VTiJ7gczgsbbp3AX3LbjI+sH26LNo6D2IIvGiUFKWKkmJba6uQkErbfllEOCSIW5NFLm3rX44xanQF+dzgGsDFWwrw/pPJU5wX6NC2ez+rxUpFVO22yACG53/62JG84EwS5qVgkI7sCYSDb10KWm0Ff3/NNVzI8sTVeFvkhSBbSoUxI3KPyADagjpG3PgRYRoOK4mHV3qyExjYaUuy8StZLmtLcMw2DA/jX1YPAw7ey4pycxMhz5gCGgflF2a1pRMJYFOVj7NLCp5P0lv/M/6v6kslgID9kzK99AXE6cl4GKIJYhjarkYJe0AgnvLYq9WhMEH9o8sefHLPr6sAj/C8t9SPqwOTNQ1/EMsZRdVk59H8fYttBSVk0jPQUIQWbgouLAQqHw6yGCo7Ivm6WdWkZp06AzGtEy2mK0aNHNr6HvpAhOAeUlkjDu+Hl05x7BRUZVf6HrUhHXxOIDEcbwyv+NUTHMN/fGsinPlJSKYRhsEJHELf+v3RVzwI6lV5MZpumOYu5jMjXxku2TWl63YKjoMl/wXS4t6RUrbKtCY5w3SSRyMEVV4/Qb6jkggdgINnvxqef4ulb375ILbNFi+xMcjTTuK6WcHLktCsaVR0p/6bOHlNEfaodz2QLtOSmvF1FGYGeuSGiA8PQaaK/258oIA+V8oRCnX37E7wWdm0WSkBNcm49yXA9QpSGI9IhjceBVRqOjgwOBDAYxhMhaZy1bofcPHDrTIvGAYYSESNn8ghtzebndJal9kSI/DmuuWCmQWlgAiI2yNyOKJ5gxBsSbwWfamatEyl9ucOOP42VQgCmtUevcNGSiL8YrH7/6Rfn83VPIvqfIsaZYnzgUMhz8Xnq8P+YPTgZfEP/tPNRbY7TH7LxiM9ETquIDv7jWCfnXwnqQDXR4GB1MXU4mMVtgIAPQ4S90RQGCz9Sggmkf1eHO3SH4L16jg10ejyOaXSylABmSTgoDLBGQPW1pY7rTG3rTYRRiNyBTFY0MSWR9DC1t6NlnYhdbztU37NpR5N+96S8TyJXqR44ohO/9/m3V9XeEokGciMqdWBhCH4pMRmjQuCvgaaI9G8kH2RX4gVh/5E8TuA6yU4gs92HUkupV6iRI+91xbYSOIcvMQA6aajGqhQ+9EIjbXxJpWrH8X6JZ1s5eJTO6DoT5RBmiTUgbEIchrBvtVlasX3q4ksp97PXzPT9dYCtiNb8HHzpgJ8gC//kVNszTbV3sqNkctvrgtFECRzvfAQxQcnC5eegV++TFEmGOwPzN0Km2hv/XQ02i28DOglzGuoRTMwYBQK4kqI+7IO7Tr6DrU+bmC/NpuBOD+DFWKCJoRrwWXXs8ry82eot+6+2m8achNl3oC3iwXbiJFMvKPwk5xiQ/xdk3sVgDxA0WVGoFNGPohIuXzEzuV5TQXFRTe7W4dgkai0sQf63bozNQmwBpDkAMhKGtmT+YQeTYkK9m1jc8vmZy03QTaufFW0RM6nbFO2wJQncN9dDFB9mgGkTm3fYIK387Ofc7Zf7/QgpPLlIlyRv2/6zlFFEj8aBc8At6OXhSJfxdQliiaI9gTcdCCUUPUgTdUm7nHEUMFsU66hLnlFfe9NOaUfTBZf3U6AiOpkYWDqiUbW15jvx2LDWEED5FhwazvTZLLid9KGqLDE4TKnS3HBtx6fku5D5KMl39vLo2cCKSJtynQ715PuMSE1mucGr6nC+1IX432g8y7ZwdQgLmaS7AdEjixou4AFpTE+ZNP3igCHRv2iEQCqsrumZCABCKpwgmZCZ1wDCaxAv5tAE+y0OC2Tb7GFMuz1PSWer/GrGx/RX/YXXf7Dlq6DpgU1W8BluxIILUVAWvnaZZrc4X6+oCfllYU9Js0rw1vl/vN6OvPztRndUr60/UHNwfq3Zgh/j7RrNr5OZeBIgGm2Xz8QTj9r4pYXJ3kfvibAwpfCjxHpRoIb+8MyXJpEWXFzD04RouRYwuszoIDDON7XyItJ6WHw5+84j26uAvD1T97K1XMz/kkV3laLklnRAPlEvBoji1XlIHqEiwdAdSSw60/s4GAm2q45BOcvUxwKBiR1dJ8g0D+jZx1Lfk8dUe86P8hKp+dnL3PcbiJBIwnVQN10smAlZNJYgaA7Whvo8/EO2+0mUY2XPyyShAKrnti9T2pEt3GCb8MLmA/8j5dd25JSSICxdhAKpqPWqUP8utVHb2J14XAycUNeFoMbNZwRJ2oNE53VQTAQpB2xzHIN9lY0VBXvYSmgeyvdRfS7l/B/oDD2bOnFd3uzLJJ7bOwSMc2bIQkyOg+R60KQZef3DJnzkepFIhy5Ldx3+skLrGwIkWSCFoTxJ+qorwZaqbvcjR1oLLfQXhNoirt5cvfWXjLKrATpk4qv1KoXhQsObV/rb0g1y1LYvHDCdstrZWUEKL8SFP+8+d7oQJ3Ui2GyEk0gAI8cc7dP04hQjnCcMml12wcx1IQuIKl4Q+4SqtzX+zBsM0nLbejRGnbZx8tQ6mYrpBm4SlZFHimT/lr3DBQqs9of7hMilPI9RzWES0oRjEvWLVwlQ/RDpzjpwyZzZCQV5qf6/uhnexosEblAWhUA+nndNqjgi2mXzw0mRhfsvAvqshBrOrAHM58Tn/NpBHUk/mMt9WiCGEmDAMHp1RkPBPf4z7PU+7gdbcuQAZs7V1/a6WYcdg3cVZyWgrc8qJBPVe9/XnPyjbw1igjk/x3j6idJXesVi1keMy1CugBOI9ZcJnchoiDojCi799nSMgr9qtkTtBe4ggYPZx430XYERiB6FivRIjmG5LRxugIM+5fOOygXCZPmjc02AlGuZfi0nKOb92JTra+nbA3HzWMfERu6qPzE9C+PrSVE+K/6qT2AwPyCf4X8hT7rGJYK10csjIdLa6Ct5KNQ0iZzRpgAqz18emloXFo47wz9Xx4gXn6+4cXNRkTWTCum0JUeAQVZ2LlQ28bojF6Oez4hXly1u6HHSa6h64EkjJtes46nsKOYlwmoOnHJBfknw7fEyOSkscrkqXDdITZICyqpN4K7SrTXikKP2p8hYw3w35/aRnarabW8ESNy3GyrkfiJK3SlPit/vTC0vSj27B2wj52MD1Bjj1cEJliY47p5+BAYAc4eXYvL2mn6ZiR+TA/r6JAiEoFDAd8iHGCh4VxTxN/WL8NPktHZc6AOYQRsM5tSDi656kD1kJoI4iQZTXxYP7HmJ4MxaqtDj6ZHXS22MlDqPSPxTHB9H17ZN8uaTYngo1pBc+9judjouSI5Q6dDuGJDHRvYqHSMinwWwBae8DWASuFSHjBU1d2XZNxwDWmdd6UiTtg0ToBsTrqd3mmkbZWTFOFHfN+UUygbAcvTm9nuTvgCiby1ClS1dEmt71LZRxzCvIkqTdBOjcGGfr2vakZhqOCEO2ItEqPeMr8/M5e2sgxUcHt/T+IsrGR+Jt6+mWNU28WZWDjXH0oqZqxWNHCyQ=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx8948aefd-d975-29e4-1ae9-348426b3f8ba" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx8948aefd-d975-29e4-1ae9-348426b3f8ba"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>OezUWIapbIGav87RXWgzRptg/0g=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>iFI/cpS5A91K3wKqOklhH2VliRqLQACbVpNt8nmDhaACdvSXAf+XBEPNKoVNHFCQtxcDAaRzzdZqx2h+y9n0LJU8KrCgfhPSvH87xnGCE90PWhKiFJ6a87frrCacAdNyfw4Wo/JdCjFCnxTCFjH0jNp/Ho94mhOyxutLFOuwom0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>oRgVPzmdoW6t22iQsEeHh9oRpGH0ymMAhTZSTggeA2pwGVD1WkjXrqGgPT1ntGSxl0WMxhYJxwVNy15jq3u7MnWrNmvyQkI8iYd2vhvVck/e88LpCqx4199tB6TZcmkDcxOi8YqhdIOGXYxiLt7OrWt0qi545/o3Pp99judbyjM=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>K6adKp2KTOv9gZ94NKpBBk7C/q26tOELJR85bBUzfY3kDNxEFYIOshE1pEsawnQf/pErU1BPcGpjQ9gbgK+Ywv4XIfyrKlIiwYQ8w4e+p5Jo6p4/cMWSyefE/GisjpZSg2ShMRO7Y5/viJ98+2rfwBePL671pHWF12ZO0z8PEvkXQlSGiKJUW7eMJiaKY75jSNwBsO7SN1NZh3J23ihoe32Mv+sbMtpmR67p0ushxu5a8wvCBVZJC39aQhbYtiz8yNDyp5Idb/LXVMRI6f7SMJ4vb9IKqJhasfFtISPbouXDH8uPmtSUrMhYoeDrjcU3iX5FdX4p0B3eyy8yMjRzj44A6g+gOp2mzS2zbwHVOSHeCSUAeFYOoSIRN/9ie9E5Oba5UIOjIb7oKKG4znTbriaZ+Y7KteAkRkGotn1RXJY5TFd6Vm6wEv91vHbkLK1vQth+df3ek1OBgz7lfISsnGmyiGjDij8Kd8sLO1AGHWyNc/GRVgNs7JHzB8ujr4ZVPgvSmWITf6cBij9FsEy1aqC+wgPbs+rn+J907PF5xl0DfwZmEX2t8gPml7vWhhtIkCj5GdZxneQBgbb1sejfnXzqiEqxwAO3MpkS3zAIDGIQDN0pjxdiuauNG6iIYLRmapSeruTlqy3rcjBqFnYUz8DZMoMyyqMv+d1Ai1WnRXXZPJaKxIwV/T8CjQHPNYaQEkHJgewhic7bPeD/LPLOfYs56IOBaxp7UF2klzZ1SeSYB3p5NPZF0WMkkRJEf8wZSKUzqSNJ3JjlMbHd70X+S/21Rc4K2dtO4/Jp8bUU108dDysuDluVbop8mdgfYkjOZKxCB+Gp3j56JR4POasBxk+hoJU9ShzyIcCXduH+M47WD5w5gSkVTQzAJyplvoJaUO5xVav6EAaQErCD2ux9dkafLIKBETX6JRVwZ8k5a/eEczE/A3rltEgIEQUNKGR5Ddc4YFe6KhpIMaQZBrKiSsptg4fVRGx+BM5rakunOqS77rkf/+wq0LJIN21ef6TfaWPThgCJAvjiO4s4RRb895xs9/7/dIfuzPSjuOoZfXGmmKHyeC/YoBxBMV9vC/Guh3VcrJ9W17EJetjSyGWZPBOQHttHx//I1Ri9uEnZF1tQgK6Sh3CUcu74zSDkWDJ5WhzyBxCBTDcntSjrWznFOLdIcImYVZKHjpxqxTKiA5A6+cDNqndEKEOue0+965qkIw+syK6jjuQuF9d78lWTt3hJpxsayk0+xeZFHTYgFC9UcEFC/ra4Pwg/v6R6fOpAA5N9OXA4GWS12xMXqGWMgQkg3CKa4CDOGH9sJKWgtN4K/4rKBeKMqcx7asenm1yQKscN2OF7XUQ47+BBtNp3R+wzr+xwusVccI7UbI8207X2MUSiv6Xtg8P1E6jQlRFOUhDIs/euud7UvsuOJCzYyYaHwSaFdqAw0ANb9dJIOeKxllNWzamZIpxb+C4Nz0Uhe9JM3gVUlQuiPGE8Ct4wS68FTpi6rTMV322XcrmL996T3hHWD2+uFvdQfbrmKcbC/EkvwZJY7k1cElMvWsC9hDlIOa6p/blcr1jnaArj3KTXvr3J9bH6QfKyIUDKssiN4/AxK3M+vtUkrNwlxIAwx2na19o2Eycoqu2c5aM/59SihI6gOJocQWutEt2hzTqY6mRKgVuHhBFBe5EnWny9vm6WNL3FV05JWC+zim+655jweGe6U7mk9Z1LvrxYir4ADSzGarWvL2O+U5s8b1JonodXicPShOIRNVQbIIjowJNsxiHux6sVTmR83HSCUYS4qgL8vNDzRu+CrnEHnm+x0o8BDsxq8tnVxBdzEDx7pOSX0rmKyU036tNXe2N4EMBBe1NG3/4l+W+mJI33xZ0NNXSG6Xov6Wkv5HxfJCuwJgbggHNhQThkTgpqeYHDD1bKmMJpD39tq+QiMgHR/oT5sTxxU8sNWgdLT8XLQDtziB3LyadN8/muLyyIzGfLVvZGk/RXUNcU31LsawmmyGhy1gm7PzOl1IVF0cFuBIWsUEFtQSi5GIeRFPRIn27FfF11n2J0jUwCqFzFqH+obnSmA9n79zA90/h1zuwZ5hQBi/wgfGzGocTKtkYpPeNrCJAhH5PxgfrR5z+RTyE5yHhhNv33RQEf0MrBE4CdZW//mJzo2aoiPKZ/Ss9AGiGMOdiUVXzArXmXdEwz43GxlauXQFuSBmh75g2qzctIeNU6uO49tM6BAaqK75RdhTRmG+kK05/Cy4L5eD+AePjTawS44bhBmB/PnTJwdnunTqa5m6dmkE42/gxrRgLAVvCgX3JkdHNEQILVWH8KJ1/i5aAk60Yr9b5G/WntpZ2mw4FWFiGr5Ly+3wM7Q7qB2p0Ldtx9c1cYD66TCMexdVuT1N/x5uBdAA3zNFS4zaQUcp+T/gO/+oxxhy5AkQ0nYOiL1wG+UD92zyD/l5AldalZia7YgeccDAyfnjsju7sLEixFVEPazkCFzkL7w3DjkSXVhpvchy62V613sdd0xkz1wJSVg8nDFAA06jIW67fb3vzvT0kkhfAB343jPNjN0XKSGKo5K5TBtGtxHR906cyVUCpwGJ1a6TQyoEl3RbOG/umZMVzxR9uNGfw60eEOj9koET7SLL4NqXgzb6AfRSX3IE8ak7DliAGopRIB3KZpQHi5qMeKKNGxEwmdFCVijPnW0nVS2wPT6gtgCT/l0k9xYwzpNKj9l2/BUR7EyTqpZ2QtXjlH6E6Piar7ZTC/wnO0FEKpspdIMX4urWvxhjCmKYSRxG93La4vqPPvJG5NBSFMuPb8QmHQLpkI2P7AuyypgnzdFsvvbafyvKa18DENrvJwd/PvzmNjI14gaZyVJS5iXbzaYnDXsYOnB0IbWeR7COfjV+/CW7TpG5eXtcS6yExhPDsZBfE7BZmy02yEmHAYSfs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx6659be8f-f24e-9cb4-5afd-9fb2c68a5d62" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx6659be8f-f24e-9cb4-5afd-9fb2c68a5d62"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>yXhgtT4+nStOYeVQusJ3ZTo1ZGk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>DKAcfuN/elN8SoLr33cHBpl0K/W3MZnDms9e5K8ePZYRCfSM2cfh6g11SfgtYlADEhFcisLOZrtTB5IeEov9rWNxbBoe3JYNE7WcVzV3CX6ddSnw79BUn+eAoUf7lh1zYCRVzK/2oIRaa7YAnNBkssI7Kh7eK4+pKrYgGxENDwE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Uu1yaGXK7CdSYWKs2erUQJeDUSona+oESsbR6Yp+2w216VKT5KTFDlLBKmt9clX/JHWSoI67Lzx9kgyUJw60JF/d5j7/OaG21T0oecCwJ4wFjYMvRlAn9FLGnVfBiNgWKgRWMKvdgvZv5rSlutCY7gb1wNoZbXp8fgjjmGkbthw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>tJaFrrl0KJaTKSa9FKvJlFQR46Ig0ab5+C+RVIB/dcSlgSKiFf6oSJO4QwsSv84W0Z6vNoSvAR+Klf9eAxN4fQElH2+ProhcJEgUUdgHev+h7WdJ4+W/mewdIfXPdWCcAPzSi2erRdocu+90MMnzxFxc/AHIa3U1LFNKgxxUEyqa96HilHSyxt6ACoPfLc1gS/O3XjFhpSXZzPhHkxLO6/C449Ep7KTYYrWH2Y8tVTuUNz2/zkdvJOHTn33WJwlbsuayfR2k7cAaSubk5KNp6jaiMElIe0i6Ij3sRj4u5mSuh7Qk1/ziJJHOaMZFZL9gGjCf1KTriuw13lQBQFp0QtvRYcZ2+Ce6Jjv8NaGngUdj2zdDxS/yqdkv0xuup5l1yVBUDDsYbJCv7RnUIad63/kZqGo7jzn+8j3CQtaeCoqz03b/pt9gIITWM5mYLnw3jPzSWQTf89uyTzFXyHTGmmbSund66UzannnjYgnGW5wGx2U8gqFqMlrK5AEGxGTvl0lLB8HSXTo1sZiqb1yyikMA+xVwPk8efZ8nAIgFoEF2GHDCi/8LAWrofrSEtIWhad2HHpJZyw7b+neaWKDxyd9fmoNhgRyuRk3nzGljI6ZZxv0k7Ml57X7gPtqurZHq3gtUTioCLLcTlBZVKfH7Nhd3VEqDsz7XlGhd3vJUAsE3AAxxI6pJs13hkYwGSLv9Pvuxz1siFlieY2c1jNd9plu+rNeNQS+oR0suF4+8/uBAyNHQ0BRjx6+4uPyKDuhqUjlyDO61V+G8VEfWDC9ZWLhMA+BpjGsiGXWQQfqWXWlcgG+ndq6F+vra3HFfSNnZ51cGkNM28AoFiW+btBN6yQ0ApdTldBRlI4jbaIMjlEq9MWc5IKbJjfyMMNhSfhBGu4u2X8DZkfAP9aVIyCXwEfslZaApVblp6cQjujYNR8O+RTYrCvAYhoD9taI34pBE553/07fNbd6w5bIUA+jsN3E0ZEc3K6wWTe+WrLtuSLhgqlT705HSBs/1RgnVrwlxZUbX1RavnSLwsS4q6OgAue3qwjGgedebeF0qPnfj0JNXlylTL5XEBi0xBxnhECC1PaS1M5MwIPOQhwob8Qxr/S7cAJcff6pDopIIdqMKY99+WnTAZ2AJnkIhWwdXIQW+aGRdTCUAOYLMJTX4mTQEZFMmJouz9QTtnBfhpm12sEK+SDQF0EPOGymbDedFCaxAwfWv1vcTriYlEcazrGibl3ARJmG3ANQYpsefizDUBPjMcFRwuqKpNl+rMnndknyDx/PUGkSFi4l8pVNN0rQSpNfJlojjVr/qBNPEAVucITRmlP4jvaTcfz+DhN8h3nXK4GTTTyb17mWfEoxMo9xajDWkkh66U1Heu5z1XHwbtthwn6lLZx8c10SAbw3fd7f1EplcpK5LIS5hpBciqDr1Rx5jLXIUiTyRSPyavGr9yGnhJ6IVF2NhwEGfOEWSxEaQsopw3KNvWSYV/PaT6yEZQhclbgYjRA25Q2Gqr69/+YodmjYucjWbZqqsvlgte7Vva6IAbGLrs2LcSQ/3xgbMCtXbgzsSLkb+BHV/DVDRGIfPiPOSDQamsgpW1A5d5pc9xX/G8CCK3aGINHsplUxphPWJkxAxg4rdX7Eeh765a88y2FFGQBFp6xyk20YQSrSe1Q5G3vN/ad8sWa1fs+0Z2UkJ7onP5ALmFBrN4/mbzRK8JKgP85HwCeAvqlWQ6dlUI2qWuKaeYGo0GACVivJ0KpJVXTBz/n/g/cfuzcBf32FqQYp9TEDEl5ihUhJGWMnsIuOyBo3R1RuwAM/P82+xeCsSlSkEv2O6cRyiZVtep3b0Au2MXbpEXRPRBtXnjvs94YZrM5c+6y4QGk6c50fgveDc06XCXPECnx03tw8+T97twMehIi1IEqDv5UaOT6VfhDwabKPAnXCyQDGqQ6+Ad/jhdaWdYtdqQcDItAsw2OiQVMvRpSdfqCrftIRN4OBl3LnvCem8/gz5IenbIGQ8CiGGa+A2BaxAwbKe7yJ8VTiJ7gczgsbbp3AX3LbjI+sH26LNo6D2IIvGiUFKWKkmJba6uQkErbfllEOCSIW5NFLm3rX44xanQF+dzgGsDFWwrw/pPJU5wX6NC2ez+rxUpFVO22yACG53/62JG84EwS5qVgkI7sCYSDb10KWm0Ff3/NNVzI8sTVeFvkhSBbSoUxI3KPyADagjpG3PgRYRoOK4mHV3qyExjYaUuy8StZLmtLcMw2DA/jX1YPAw7ey4pycxMhz5gCGgflF2a1pRMJYFOVj7NLCp5P0lv/M/6v6kslgID9kzK99AXE6cl4GKIJYhjarkYJe0AgnvLYq9WhMEH9o8sefHLPr6sAj/C8t9SPqwOTNQ1/EMsZRdVk59H8fYttBSVk0jPQUIQWbgouLAQqHw6yGCo7Ivm6WdWkZp06AzGtEy2mK0aNHNr6HvpAhOAeUlkjDu+Hl05x7BRUZVf6HrUhHXxOIDEcbwyv+NUTHMN/fGsinPlJSKYRhsEJHELf+v3RVzwI6lV5MZpumOYu5jMjXxku2TWl63YKjoMl/wXS4t6RUrbKtCY5w3SSRyMEVV4/Qb6jkggdgINnvxqef4ulb375ILbNFi+xMcjTTuK6WcHLktCsaVR0p/6bOHlNEfaodz2QLtOSmvF1FGYGeuSGiA8PQaaK/258oIA+V8oRCnX37E7wWdm0WSkBNcm49yXA9QpSGI9IhjceBVRqOjgwOBDAYxhMhaZy1bofcPHDrTIvGAYYSESNn8ghtzebndJal9kSI/DmuuWCmQWlgAiI2yNyOKJ5gxBsSbwWfamatEyl9ucOOP42VQgCmtUevcNGSiL8YrH7/6Rfn83VPIvqfIsaZYnzgUMhz8Xnq8P+YPTgZfEP/tPNRbY7TH7LxiM9ETquIDv7jWCfnXwnqQDXR4GB1MXU4mMVtgIAPQ4S90RQGCz9Sggmkf1eHO3SH4L16jg10ejyOaXSylABmSTgoDLBGQPW1pY7rTG3rTYRRiNyBTFY0MSWR9DC1t6NlnYhdbztU37NpR5N+96S8TyJXqR44ohO/9/m3V9XeEokGciMqdWBhCH4pMRmjQuCvgaaI9G8kH2RX4gVh/5E8TuA6yU4gs92HUkupV6iRI+91xbYSOIcvMQA6aajGqhQ+9EIjbXxJpWrH8X6JZ1s5eJTO6DoT5RBmiTUgbEIchrBvtVlasX3q4ksp97PXzPT9dYCtiNb8HHzpgJ8gC//kVNszTbV3sqNkctvrgtFECRzvfAQxQcnC5eegV++TFEmGOwPzN0Km2hv/XQ02i28DOglzGuoRTMwYBQK4kqI+7IO7Tr6DrU+bmC/NpuBOD+DFWKCJoRrwWXXs8ry82eot+6+2m8achNl3oC3iwXbiJFMvKPwk5xiQ/xdk3sVgDxA0WVGoFNGPohIuXzEzuV5TQXFRTe7W4dgkai0sQf63bozNQmwBpDkAMhKGtmT+YQeTYkK9m1jc8vmZy03QTaufFW0RM6nbFO2wJQncN9dDFB9mgGkTm3fYIK387Ofc7Zf7/QgpPLlIlyRv2/6zlFFEj8aBc8At6OXhSJfxdQliiaI9gTcdCCUUPUgTdUm7nHEUMFsU66hLnlFfe9NOaUfTBZf3U6AiOpkYWDqiUbW15jvx2LDWEED5FhwazvTZLLid9KGqLDE4TKnS3HBtx6fku5D5KMl39vLo2cCKSJtynQ715PuMSE1mucGr6nC+1IX432g8y7ZwdQgLmaS7AdEjixou4AFpTE+ZNP3igCHRv2iEQCqsrumZCABCKpwgmZCZ1wDCaxAv5tAE+y0OC2Tb7GFMuz1PSWer/GrGx/RX/YXXf7Dlq6DpgU1W8BluxIILUVAWvnaZZrc4X6+oCfllYU9Js0rw1vl/vN6OvPztRndUr60/UHNwfq3Zgh/j7RrNr5OZeBIgGm2Xz8QTj9r4pYXJ3kfvibAwpfCjxHpRoIb+8MyXJpEWXFzD04RouRYwuszoIDDON7XyItJ6WHw5+84j26uAvD1T97K1XMz/kkV3laLklnRAPlEvBoji1XlIHqEiwdAdSSw60/s4GAm2q45BOcvUxwKBiR1dJ8g0D+jZx1Lfk8dUe86P8hKp+dnL3PcbiJBIwnVQN10smAlZNJYgaA7Whvo8/EO2+0mUY2XPyyShAKrnti9T2pEt3GCb8MLmA/8j5dd25JSSICxdhAKpqPWqUP8utVHb2J14XAycUNeFoMbNZwRJ2oNE53VQTAQpB2xzHIN9lY0VBXvYSmgeyvdRfS7l/B/oDD2bOnFd3uzLJJ7bOwSMc2bIQkyOg+R60KQZef3DJnzkepFIhy5Ldx3+skLrGwIkWSCFoTxJ+qorwZaqbvcjR1oLLfQXhNoirt5cvfWXjLKrATpk4qv1KoXhQsObV/rb0g1y1LYvHDCdstrZWUEKL8SFP+8+d7oQJ3Ui2GyEk0gAI8cc7dP04hQjnCcMml12wcx1IQuIKl4Q+4SqtzX+zBsM0nLbejRGnbZx8tQ6mYrpBm4SlZFHimT/lr3DBQqs9of7hMilPI9RzWES0oRjEvWLVwlQ/RDpzjpwyZzZCQV5qf6/uhnexosEblAWhUA+nndNqjgi2mXzw0mRhfsvAvqshBrOrAHM58Tn/NpBHUk/mMt9WiCGEmDAMHp1RkPBPf4z7PU+7gdbcuQAZs7V1/a6WYcdg3cVZyWgrc8qJBPVe9/XnPyjbw1igjk/x3j6idJXesVi1keMy1CugBOI9ZcJnchoiDojCi799nSMgr9qtkTtBe4ggYPZx430XYERiB6FivRIjmG5LRxugIM+5fOOygXCZPmjc02AlGuZfi0nKOb92JTra+nbA3HzWMfERu6qPzE9C+PrSVE+K/6qT2AwPyCf4X8hT7rGJYK10csjIdLa6Ct5KNQ0iZzRpgAqz18emloXFo47wz9Xx4gXn6+4cXNRkTWTCum0JUeAQVZ2LlQ28bojF6Oez4hXly1u6HHSa6h64EkjJtes46nsKOYlwmoOnHJBfknw7fEyOSkscrkqXDdITZICyqpN4K7SrTXikKP2p8hYw3w35/aRnarabW8ESNy3GyrkfiJK3SlPit/vTC0vSj27B2wj52MD1Bjj1cEJliY47p5+BAYAc4eXYvL2mn6ZiR+TA/r6JAiEoFDAd8iHGCh4VxTxN/WL8NPktHZc6AOYQRsM5tSDi656kD1kJoI4iQZTXxYP7HmJ4MxaqtDj6ZHXS22MlDqPSPxTHB9H17ZN8uaTYngo1pBc+9judjouSI5Q6dDuGJDHRvYqHSMinwWwBae8DWASuFSHjBU1d2XZNxwDWmdd6UiTtg0ToBsTrqd3mmkbZWTFOFHfN+UUygbAcvTm9nuTvgCiby1ClS1dEmt71LZRxzCvIkqTdBOjcGGfr2vakZhqOCEO2ItEqPeMr8/M5e2sgxUcHt/T+IsrGR+Jt6+mWNU28WZWDjXH0oqZqxWNHCyQ=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>