Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx1ee66468-f00c-95f3-69fd-b7e53afa8847" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1ee66468-f00c-95f3-69fd-b7e53afa8847"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>9KLQQRl1L8EQbx8AZqJlNCWAg7k=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>YjWCHBQZtU3lOsBsHUCl3G2EMTtnZXALNusPc89Oo3XSny23KQBGaMMn3Q1AOuF4umPz8NFSTbxewD1EWs+DoMQskX/wfEawZ2RHrOyDvhV7zSVWZQ2t6NAcWGC+kBzpNsW0rliNkiGc8rUSChXB9+Nei2ta5QVT3nqFtoHHP5c=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxdd1166d4-91fe-1948-7b28-05c04dc91b53" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxdd1166d4-91fe-1948-7b28-05c04dc91b53"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>lKKxmFjwS5RELiS4BwshcUDo1Uk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>vG5BrtX4wSE7Xnp+Cq1xA1L0o8UkAQ3YuveGRRiJoXvFoxyPkagT9bWc1ZOxwehrblJNbXfR+roiA0XtPfDqPla1guues5zCPeR0ziuDZnPBVR3B3yP0bnsMwpJOvWpf252/Ycfg2sO0/6GrrpADxzt+hX2ZkaREqoqnRt8hi0o=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxb3469810-3fa7-75d1-4134-a8b9c840fbda" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb3469810-3fa7-75d1-4134-a8b9c840fbda"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>cHTKH+lO3ASD8RSGp9OIiyfDbSQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Yb8le8SnZzpKjpeCjH/zVN1ZPh1yLlIrBaFca3YGOQ/TlaHIWrbVM24RrE0b9WpbFPwY97q0nLyOl+6/Ri1MDHJyAPaVeVJqMF7qtnhYdhuKKkhefnHuV38DNHwrUhmoR0pwkTRxxOin/V8h/0rQl/8djcpGBE+1QrmVYArGJnE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx38eb3be9-b556-5e98-7043-7ade4a12b551" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx38eb3be9-b556-5e98-7043-7ade4a12b551"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>lNnUJ64gL6H2IwqvWTI50/XkNwQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>YpOzT8tS3dz7ANJgWiNuVhytQ0hrJYHvLMptX+M6G+DkkuQTmJAYCuEmYIguSaPHBWaT7PBqzEikZdDc+wOA0Zz48aK25zadSsi70LN00Ewv1oueqkOWo8+KctAs1LIt38yfVNo+RcwIyvVOKu77ndfPb6ZTc1uiq+dEdnkpTsY=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VsauIZZP3e7LguyYVzxjI0GN+U+B6fUkvASi9PdwhhfkARvIf+5bEOVj/rJ3Uk5odMW9Q7GLSLA7hsZOD2Ylb5cYdcqMfmt7NrKiTgk7CssMkSPXcZ0+izq8xEAu/Zn/1qwthz6xKeXvP8GPJAJx6JRjYjrKeB/aN81m4qtLx4I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Tw0O9600ZmATjNM81LnmghFcp1aCeDEvtyEqgR1XGqNjUfe7xWZXTERNAg5ocYLg/ZJSTvFnuEXf9HKXiHNXOUVi5PmkTulwPAHL/rEGCKfjNw+yRRdTMDRe6c3nYg8IJ1kzaTwBCN0D+qjBoWr/+OOU4hiTrdK3zxZtQhFaGRyVd6EK4xxIemssygsK5DZldYhVd1usdCTzdiqnkRMpVriQtSGUvlif5E+b44ESy+0Bqb238vrs/ELnlLWlEBQeH7t8RGVDG5kPkXw5+oWcku9wzV4cmimoN3QO2InozYqCKJDuFdYLzY9hSlyO9WeE/j2FtWFdqXJ0vh6uy6eDxjOzc01bn+UPgjGiOQ2ukYKQ8cRdZK+SZmJo4HtBkDR1yP5ET3kqotiesZMijN1pSjRVfqIP0Ii0sTgGYs42QiiYmLNPuFhfHxjZAphsV5COdoSJt1wTLf/FGG0O7em99kcrpRKVg+Vvltnf6nNqFh9vxf2zO5wMoOUkuAZhOrRATSpge820Fd6ybjw/6M8UflyEBldc1v9pG4gY4FF6Mv1wPIqcV4EusGIjgP7Sb4gel9oTzhfWTq2bbkeixvNf3TYZ70FG2vWOwnt6soXH3XP6Q56+XrAgeNqp2nHzLXCOQlWYd/bY4fTf6KfXEDyOSDbrO+q+L/clxqe/CXQSOaM/QdC4urd9te8cG0ieJAvnmor/qRJaJD7TSmts028EoXLCjpj1SCcv6J6bY3MOtR1xUECS6HUDUFeTrAFyshbUV0ZHZsWqxts00xfDASjif58mZzXguZJwz5BFvvL02vgSUJXQPzddEHmOH/qqan8DnajCsYxgDI8jeJo1P8gzOU3615zgLBXqr+P7Lq4sTZui24PxNhf4ai/Pdtz3Loj3nTwDLxMWY/cvH8CTOfa+h7OY1bE4uVXJYrB3QRPQjZsof6kbrGjbtxyYKh+9Z3E1QlMw6GvgzuzGU0DAJeII2/g/6rHtPMtAa31AtPDblNYqYLqr14JVZ0Rt9Hqfh/jfCcm/6pwvRwPexHYl/gYWjbjNbaEd5MD+UnZOycXt/ef9RFk75dBlFt9i8UMFfRUnXeKji5lDBZpPUTUlNKMs9SpTXWqmR4ADfUVKln8G7fybErMynHcjifttkTlcQCdWa+nA2DLHdUPO5MfsT46UQ7WsKjbRv/7BZC+X29aPGrfLSqujMuihpHf5LCd/oB03sG8+I/g1tyEMid8xUaZGmBwsOxN47doYxa4lndbwTMDVMaDHiUOC4U+/sjlGp2tgLqc780CLdHseDhD1vOt+kBwaAXvU6iKX+D/9nH+sxR36Nj8hUeVZbeM+tBV50CB/Pe8ZyywwICI6QvAYG6p+dN1TgWfYkBsdBpAR1pT0ElkiBaf0xDqijK6pVQ8FWc6d24e68thSLYE708elKdJnd2mBXSbJbDG6TA8u9JbQjlKjI2/yaGKLCbsbMtsAv2gNdVV+DBwO21dBjoFJXT/362fZH/mrRq/8Ad9PcjuN1yj7H8NaDn/sV6/AK60418Q4YFdB8rQGB3gdgc5F8S/mTh4y0MpN48yy2rwS+PX6sgtjE3iRoAwTtz67wrZ+pZg+cA4SYjWpW+wcl6T1vLIudENt3S23mM5lDL+LcUZTsqW5QwRiKjnz4e66O3gg4Rq8QJqhEZP7EY9go0RiAWSyIJ3v7LBzCGSQQIpk0Ji7vDHZlvPZIh3l7C7Znl2CwQ+sTzIuMA7kufZ7IqKemhcuv7fJgKaio27/wQMU7mz4uAp/For5QPiOrROAOd24aa3kxFl8V05UEsRLSg+AC9n0dz6lI/nxps4Z+qrJp7C8MkQBWu71BB02H9MgSh6r1FFag/yC1EjawutIjmM8sIjc6SRIFX8jIAW6m1YBD23zX5G1pCH66UTeXLlyar1npTPq4cKR0MNhMNhqvcXuONbAPtXb0mwey0/4zl7t8CpoT+nmFKCNXAbbOSH2W4hJVB2iZNNBUGgFgTAUGxaEj9fSRMMS1LHtxWnoNjQCDvy4gpXwqIToxAyKvnAskBC8+DZ48/y2jIq2bI3MX/NpjrhOhu2i1k4wQbmQefCEMQwvKivEFFZWmdQW6pWoH7keZIMzFBiVJFB9ukH1BwkHkGuqF7A25cOtg+LrO3DavlK+D6bBlnnalEUa+LbjLjEUf3Onx2360H0g7860h5WlE/WNcAPPycBT2HwJyZkGy/WntkYcy0OZB9kmbaNmV3XjolLItBBnb/6f+HFwodlFF18OKuc6CWVspPXSAnAasK5AsWLP7UjINKcxrONcjcQDwHsJPC98P6p5swMX8mpcEGTVtKaGiE200mX5+5zjM63jTLd9Mp+FdDkHan32DKrPknSFuh07S9peWlyQKgXshfqHP/sxOMrsOGW3JU9YttVjTq6/AUs2fCEsMVzsUTJQbiSpZzY+MFpbc9X31Zkg2hUIcSavDNQV5EukyBghhCt91GMLjm9iuxVGxzecLhAKErUn6A2n18SroMrzOCEL2kAfhBbNhMRNXUyJvt42KRNJLJmgY67a+8WEITpjv/S0v5xvSfCpD3G+1ZZ2Pw3D+asaejjvNIoVXJ073wEnChCSB+J9L7cVADXEhPOJG6ojp4jxsPqcscn8k7ydr3uAYd+gio+H3rCDng3fD9olG0zGSX4YW6mUeldD3kvzb/SpNQhIJk5uWX/eChkx6bjLaIxp7RD+Xq88zfbneCqH27G04L8xrh4Mzznl6EY9KcKx9wCmxNvhF7IVgb9bedpnOOZm8mL0H6sg78TXZkck9dH7iZjBEnFEzlb6EZzAOU7IxH9+KX/59mNb7ITkrrNO7C2VTa6EP8glJQU9a8TjUbl7G0buHW8Yh/V6kge4+u51mGlb/Tubp1X6ZqR2+4yT6c9tM+1rFcMr5CMRCYbcAypRk/Y=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Ylu7wT0/r1aGwwRBXIjaSTPwqXgd98fRBY7P70Z0V/OaLkAZKBXMWOF8WDStilR9hFLDIVA9q/kMXBo5nKnQCYPv69w/Wp+o8457bilnWW7kwEw9QV+WkA4NW3itwMFk1Ls4QdG1I8zeTYRkX85hJJmifBbStC9QPqXlzH0AcWw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>e9Q4+B5kogSyzgamYcGGfBvDeZUi3LcvwT7UJRY6542/1PDlUvJWXA8/7Vp20N4zMD6dRZ5c3iyKy2vM58L4185URFG2smJBltH3mZWhQO+EdUAYj0Zz1iFWDonUlnUQ8k7eBE8Mp94kDUL3AldGuqz2y1sq4+6wz02hQgGNT9y2Wnd5qREqqYy+ETJ1gVUZh8tp8AUkLD14OHI3SZx3V6hvZ/jr3MuRF1XP4J5pQWNdvJHmftj+++A4bzeMkQHS9Ekf3YQVX/lFnyZFvfZQgpYqxO0oQ0SuzlOJzW+3qwwo7OA1ih7frxtKssoZsXsdlZeLEx7NWVxOLg0K5uhj6bQ6QMkXyfLA2oSRyyOxrRPQ0T5Z7e7F9JolY48Q26Le8l3L7lsB2FIk6kWdQwjKwJVwdjoXL5BZsHwlzAZVoIr18W343dBx+hXem+31bmLgoYZ8kckIbUzqWbBcj6GKiFDzpSe1COzrxHxXnBDYYYQm8/r2g9YGH+mR3X2Sv3kSZMABdlP3oKL/4SYT5LUeBterN43wwc5cuKgW6pDVMqV4RwMp8Kz49qE2IVzyemMsqmr1HP5F5fzqZoLRt7nHPMjZ3gcqCV6FtlFTq3oAu/YGLRWHPjE633MpP8ykkll6nQIPjLfDWXxcBDtqu9UVt98fIkHFCgBvk4canKLCltshtiYom95EqVaxaYyLq4jGIDnWBCnbIEhEIGJuKoEicMdw5xPHANoqV+OVtfFCXWhb/jAJnZQUnffcHRXkB74tDXiORPBzuKVYIxSDVil8g8cATpcIEach4BhBe52juVSDKG8QEpPGB74YuAjrOWZ3njNipIlQg2zTpowsuz/YYEijn5NtetL1mc5VbArD4wzQRM1HHobsGUOnOwo8yRyhHAUL9YmzSrT94VWYWuuI1J1x2FcxxiLp5ToqfSkeDrfsxL3JMoR+LpjH3YgJ2Mg9YuUdMd5JO2QNMp5faPADCUj4iTzABJ2C4Hmg+IpNSMYZkK2/P57FjulYdIq9kCibZubExeXkgrZiQ+0iXxJNVudiRhAMz3pocaQl4/PsgPe/smX0lMEcc4Nc6m8PvwCBhcSx5o4eexUuRSUNIz71WM+Y2WuEaD9mXP4djWgKnuXpCg+am6YJjdwHxWFftkOObXPOYMFeNX8HJrEzymSRAFqzNaWC7mqZ0iu4JSC33I04GkqKYeKq/SvmEErujGGXOuKblN7Y9w7NozS884K5z4z+TKPViKB5rQI87bTE/RO9r7kNEuvpFQqQD/vvyHorRoHw3RSxe1+QVGbc1Yefpd9jZm1OBej5gk8rubataCQhxcuIGTJDolIbNGv7waT2fwSEb6clcOryOxudwPc+ARifDUzWvQWx8WWaY7FfKybCr1SwaPRIpuIks91bSmmgG96BwWychkVydjxbyzhKvglHzukBtzczeCyZ9kfyPL1XRLSGa0NHdw87EYBY4IiqOcGldD2Ph+oSea8yOPOaPkCs47IK55B4FgoI1kfsiyMndTxzU4SNAni3ixPekeZ/yHiVr185SDBH9eMXqDGAyC5NM1z1Wf/fNSq/OD4QHT7PC5M+Jj+VHdYVfgqNRwOWeJeQanEhQKYYbeKEErZFTTmO3+GKNLJKpX3UPZpQyaHwznd61AKbJUOCzxvJUcbBC3l1CWgdcMXgxQQVqZCJ6bxcgvFX81EbmetSwckCW93EB1ENiSQ7HaH9OMmcTZ068/SVbDhq0kz1owisVPfedZ/oJWKi5oaMS55BVStM655UQKwX0CG7llQ7e/2tbDSBLLTXKPoXY1A1zCauCUVcVoIWbbuocRbQQ90zHTpLN8XK0T5iC2SxEWZAr8+6joEN+QiGQWu87Lha7TZ7Vvbuvdntvle4BacLKwptQe9N0ExksZubqIup4u1zv4N8Hy+mJPbsMHcLsXoju1ShsgN7dfYVyur1qEjhH/iWG8U25lVlCVWaapg5eys/pMWx7vMVvjl1sfqwSptPtw1ElUE7Wk/S0v8lf15ZlOdNLiS3bK8ZwMHCUUVzHYEUtvG1bHGHjj39yuFZLaasdhdv+N59rSFCLWfJRUBJ98AzXJyWd25LlK3R1Ptn/IqJGQGx2yn6JioACDtpV2eN1Cp/hF4KQlzQjGIs0ow7K0Q5N+9EZ6Pn2UB05+T5cBUqIFAO+4X4dAQI/GFgrweNMdiciSq9JG7fvjSTYQI6o2J+ZYKf/CNC7wTVZlXbG5//HdpocyjPOnt08lX3j+3MuCxz4S+BUM1D3cNId9hs+3bNJtS4V/BN/Hiry0iHRYYy0tthN3g7BYfslGQl1jMvr4+6fcYAzioe5rLpsRboj9ORiE9qwZVfjZHA/jkHeGu6PnAF5RNyOOG2FhNCKGkUsc4lA52V5p7gKCc48O9dsDzkTLJdMN3nRPTODbm3/PPXaYuYv2UYYSw001FLeBoAfJoElimJVE+7l3nl9nJtfqBkBynufbSYIQeIxN3K+TfnvP4xLtaJ+r/Yl/UKxr+XN9OagS73GgzD23fpk478sYDuVlCkVoVzOBqCFv+QyX7cyefMv1Dqb2TvZLqfUDp2N4KfuhBCSztcXtN+9MIJ1nHeWUeCln7BMXwdHaRMMSfwcuGP+WMlOMNNUES/RHFCXkYkYov++lzHAb012E8heNlbM+Pc+6uOL/r++gD6LSKd3m1YE/8kKKr4A3vvDQvcf153FsVKPqZrLM0mx83XX5eoBV/CcEAnLpEUjx331xMagBoHFDx3UiKHw9M3gGu95HMzlep7khJPWUSh62WwI0XU8BKFVfP6XIQUp3hspnvz5POsOy0mZP/sm94h9rR8oOc+U8YsngaE38Z3dMvNb00tdP2KpJTPZ7Iob6myKqZOkKyEf82nEGV1NUXVnXQHJ7pEsA4nuEl6meN69sCFl+BGZbBFAk7jbLpt+adUno4NEgHGm2Mi04jvXuWeuH0zsbyIFLLRFpPxT+aiCtOtn3TdifMhMDWTBb/qhXZFRPCY+MrO+dPF5ghxXiov/jUEVDhvrETMtAipgR8GZH+DJCamNvxyS5p3deElDpDtrVLNj1A7zZHWr0CX0EkGjiFmVgNKkALuVxejYUn/oZewNv52xRWyPR6Ba5YMvE13+IB+anhzVcAmxATziIEUHpyhGxM9VDHwUsOqPJ665ZYm5oErJkBvzQwZLgvrUQ0PGTaHu3N23ijqV1cQgRQknU4xfAcbZdSI1J8V0CUJoWvRdWcy22akuumUfwfpMmHUo/rQwKbaFzYF+rfhQ2D5+KZqlpmbAG9U7PttDgly52p4XQfw2Gvda7fx85dAkLJD2EMA5q9nrLcVOcj2r0XPTJVMh5QE+WXZ8eVJGwrG7UlSa0AGlWOD7sc/n8WHX8fjd2Wg2qISmfxArBwj1sYSMjLUS7ti0GqrQRIvijSFWvEiLElDPqa4z6RmPKf2Hg0UE2NKPr57MPnNZ0f9oyghXquB5dWczHJj3o0cu5Lq+OsYn+1iA+TCnPKkK0F4DRor5SwxpV6aEARX/67IkWcu8GvUpjBI4vSp80wvqjUaimrqoqzK5luGlc40g/A9nB/bdk6zZQyqYjMBfCq2JJimj7vtBbZY+bLJg34v8QgTAe6X0f3tzlqusMDHDdH6RH8x9Izj+kDI22IZHBMXzSzGWdHYUcOyK6kDVu9yjXQnUepUlkR+soK4BA3+5k68MCnYWOaCQZN6l86p3QvcOJlhMnJ+kH6SqjAj94EGeGYp7On1qaMhAXoMueiJKKM1EhJ57S7QKv65QaFj2ga42xPwaQsLotGq+552tXAeTyyMy6W7A5l5eYoSV7xS4fskdWEtaxuwNQdD4E94iRlaRR/msHhq7s351VmcXns/UNULrriGq8SmAjCOXLSH5dfjMatn73EBRYiaGO3SYkWbeNjOy7mcMPLhmsI51OZN2EvyJE8hd86yfcoj60IY4UvFzZN/Ewg+iwqHVigJxkVaft9q1+Jv+2Ni2plj2h9o/uf6nNPpL7fVHZSbqcRJNofaGHOhTSVpHZkGGknV5dpZf4M1a9VDqs49WdMqCPGD1x/qoeIucCZeqMTSZpAD75MtXfSjled6poibFpIwoU/0aX5TF0OtNO5/1pS6vYteFBcE0qK+ha3lkOzj+sgDuCikgmzB1ayHEkqg8ZHlpbyoKO3L9yP1xuapemg7nb2LiDDKHCssc5Z4VyKsKrhENVu5eAykURYIV7eiSbiXBE4p7bA7iFbhrFab+1GPWG7xiPC0N6qHF+AuYFkvVGKKtIgEaV1G/lVU0MjDNw+016JHClK9qe/0V8NuPP8w9MZFDLL4D0lTnsLaaugSq0EJV2GkT5sdM1hNFbmefEOdTx48oZYVWuRgGD7ePFzfC/I6VeX83Hfv6IgpwnyWtiLy2ZjIkEl4zqcCutoqjnnAZpJbUCTb7U1oe7A4MeYkKLwgsym2mSi/3lLGm5tB+y1sG+5hOYIDkCBIQmhi+N7n8jM/NqA57FBLagI8T0VIKRHavKkggL2QKcb/JBQL47N5hqYyF5zI0zJVGvpfzn3MTpjZrwxp62MhfxiU3SLVCdPvurYc+KvBgLlawxRQaYJkkLTXrmjboqp8sFx5/otYsSihueEzrvyfJyTFGoM/j056kUEFBkyfIxwzcXVIs4OafA+vOO8UmQOt9Z9rkn0HNHM10dzQnLPUhhHOHbBloxoi+0A9Vd6eHb7/QAUPUIO7PD14J3A/yfAplh/LIlJhr313AKbj1sy4dO661aDWnpy1CrNUGhTzd5Da0RBfI2dnFa8A/ugoZ7iR8fiq+mUbgeMt54ZFkGEl+G/W/bCCQ0R67EmmXN7E4teOuTFOPDr7uw9BpcD6rLMkdxDxA4Hx2wnG3G36pyn37Mkn1eIjG5u4XgsX+bpNZJe+pHwIK7Cbkh8JENJxrcbzXcVHt52ZYCIbGnnB4hPtVgYia/xYD7O6qwrSGV4K6eA6gk8i4S79C1dXTn+Lb5La3EF5zeReUhRFwBw8GFIQYCe04wpJQct1Vgwa0DhRCMyafE/3gzoajzLUCN/ld3AOGx6GynIisAsazfaMFXGGASDLGMEkdtbezyKGwrAaaH53uwAVBKKM9FtW0UZDEIVT1HrA3F8wsWHw23PIRVfCiejAu2LxgQw4veYkjnq8nDQMQVGaGd9xRr9gLh2DOSGS8+me2n5IJylmj7sua25uopkanNQj1R2bVdcH4WKcYDHcYm93syXYHVhyQ78bOKXU5LeIbYL2Fee19Tyb7W9avzVjqxNFbqI7u0C8X//uLbbtdvrjtEMtLmOOEREdMZWPc5KVkuB8r4sXJtM4snwLSyseC3YvPj5td8W8gatLN3C0Mev7iisKSGQ2blKKVFE5UAO3s34UUleU3lY2rYxUG15ryZZPQjVyNFpufhtzrwVvZaTsjjJzCWOGLlFB4t7ZgsHlQhHAt1lCJWJLRCn4UaO9z7+OWyhJHYcLd+VHGERP7ALKHVg=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx4120afa3-6613-0474-37bf-50d9b9fe5395" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx4120afa3-6613-0474-37bf-50d9b9fe5395"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>wjzWoBkYMvR0uPIdvJ/F+e95Hdk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>EaxYgtkDUnTX9JHJXz9QCIgkJhoFrpPBkBZvNdNeFaiDYVFsAtzrRuso72MOPqbKkKAD/Yqch7vrqB+XF08AkHjkqBdz9ILw8z9aEzol+KcRpv3chnUivy79w62sXU5IkzhyPww/yBj4udKEA6MUFMJPNm3oeJytokUEUKIpgek=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VsauIZZP3e7LguyYVzxjI0GN+U+B6fUkvASi9PdwhhfkARvIf+5bEOVj/rJ3Uk5odMW9Q7GLSLA7hsZOD2Ylb5cYdcqMfmt7NrKiTgk7CssMkSPXcZ0+izq8xEAu/Zn/1qwthz6xKeXvP8GPJAJx6JRjYjrKeB/aN81m4qtLx4I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Tw0O9600ZmATjNM81LnmghFcp1aCeDEvtyEqgR1XGqNjUfe7xWZXTERNAg5ocYLg/ZJSTvFnuEXf9HKXiHNXOUVi5PmkTulwPAHL/rEGCKfjNw+yRRdTMDRe6c3nYg8IJ1kzaTwBCN0D+qjBoWr/+OOU4hiTrdK3zxZtQhFaGRyVd6EK4xxIemssygsK5DZldYhVd1usdCTzdiqnkRMpVriQtSGUvlif5E+b44ESy+0Bqb238vrs/ELnlLWlEBQeH7t8RGVDG5kPkXw5+oWcku9wzV4cmimoN3QO2InozYqCKJDuFdYLzY9hSlyO9WeE/j2FtWFdqXJ0vh6uy6eDxjOzc01bn+UPgjGiOQ2ukYKQ8cRdZK+SZmJo4HtBkDR1yP5ET3kqotiesZMijN1pSjRVfqIP0Ii0sTgGYs42QiiYmLNPuFhfHxjZAphsV5COdoSJt1wTLf/FGG0O7em99kcrpRKVg+Vvltnf6nNqFh9vxf2zO5wMoOUkuAZhOrRATSpge820Fd6ybjw/6M8UflyEBldc1v9pG4gY4FF6Mv1wPIqcV4EusGIjgP7Sb4gel9oTzhfWTq2bbkeixvNf3TYZ70FG2vWOwnt6soXH3XP6Q56+XrAgeNqp2nHzLXCOQlWYd/bY4fTf6KfXEDyOSDbrO+q+L/clxqe/CXQSOaM/QdC4urd9te8cG0ieJAvnmor/qRJaJD7TSmts028EoXLCjpj1SCcv6J6bY3MOtR1xUECS6HUDUFeTrAFyshbUV0ZHZsWqxts00xfDASjif58mZzXguZJwz5BFvvL02vgSUJXQPzddEHmOH/qqan8DnajCsYxgDI8jeJo1P8gzOU3615zgLBXqr+P7Lq4sTZui24PxNhf4ai/Pdtz3Loj3nTwDLxMWY/cvH8CTOfa+h7OY1bE4uVXJYrB3QRPQjZsof6kbrGjbtxyYKh+9Z3E1QlMw6GvgzuzGU0DAJeII2/g/6rHtPMtAa31AtPDblNYqYLqr14JVZ0Rt9Hqfh/jfCcm/6pwvRwPexHYl/gYWjbjNbaEd5MD+UnZOycXt/ef9RFk75dBlFt9i8UMFfRUnXeKji5lDBZpPUTUlNKMs9SpTXWqmR4ADfUVKln8G7fybErMynHcjifttkTlcQCdWa+nA2DLHdUPO5MfsT46UQ7WsKjbRv/7BZC+X29aPGrfLSqujMuihpHf5LCd/oB03sG8+I/g1tyEMid8xUaZGmBwsOxN47doYxa4lndbwTMDVMaDHiUOC4U+/sjlGp2tgLqc780CLdHseDhD1vOt+kBwaAXvU6iKX+D/9nH+sxR36Nj8hUeVZbeM+tBV50CB/Pe8ZyywwICI6QvAYG6p+dN1TgWfYkBsdBpAR1pT0ElkiBaf0xDqijK6pVQ8FWc6d24e68thSLYE708elKdJnd2mBXSbJbDG6TA8u9JbQjlKjI2/yaGKLCbsbMtsAv2gNdVV+DBwO21dBjoFJXT/362fZH/mrRq/8Ad9PcjuN1yj7H8NaDn/sV6/AK60418Q4YFdB8rQGB3gdgc5F8S/mTh4y0MpN48yy2rwS+PX6sgtjE3iRoAwTtz67wrZ+pZg+cA4SYjWpW+wcl6T1vLIudENt3S23mM5lDL+LcUZTsqW5QwRiKjnz4e66O3gg4Rq8QJqhEZP7EY9go0RiAWSyIJ3v7LBzCGSQQIpk0Ji7vDHZlvPZIh3l7C7Znl2CwQ+sTzIuMA7kufZ7IqKemhcuv7fJgKaio27/wQMU7mz4uAp/For5QPiOrROAOd24aa3kxFl8V05UEsRLSg+AC9n0dz6lI/nxps4Z+qrJp7C8MkQBWu71BB02H9MgSh6r1FFag/yC1EjawutIjmM8sIjc6SRIFX8jIAW6m1YBD23zX5G1pCH66UTeXLlyar1npTPq4cKR0MNhMNhqvcXuONbAPtXb0mwey0/4zl7t8CpoT+nmFKCNXAbbOSH2W4hJVB2iZNNBUGgFgTAUGxaEj9fSRMMS1LHtxWnoNjQCDvy4gpXwqIToxAyKvnAskBC8+DZ48/y2jIq2bI3MX/NpjrhOhu2i1k4wQbmQefCEMQwvKivEFFZWmdQW6pWoH7keZIMzFBiVJFB9ukH1BwkHkGuqF7A25cOtg+LrO3DavlK+D6bBlnnalEUa+LbjLjEUf3Onx2360H0g7860h5WlE/WNcAPPycBT2HwJyZkGy/WntkYcy0OZB9kmbaNmV3XjolLItBBnb/6f+HFwodlFF18OKuc6CWVspPXSAnAasK5AsWLP7UjINKcxrONcjcQDwHsJPC98P6p5swMX8mpcEGTVtKaGiE200mX5+5zjM63jTLd9Mp+FdDkHan32DKrPknSFuh07S9peWlyQKgXshfqHP/sxOMrsOGW3JU9YttVjTq6/AUs2fCEsMVzsUTJQbiSpZzY+MFpbc9X31Zkg2hUIcSavDNQV5EukyBghhCt91GMLjm9iuxVGxzecLhAKErUn6A2n18SroMrzOCEL2kAfhBbNhMRNXUyJvt42KRNJLJmgY67a+8WEITpjv/S0v5xvSfCpD3G+1ZZ2Pw3D+asaejjvNIoVXJ073wEnChCSB+J9L7cVADXEhPOJG6ojp4jxsPqcscn8k7ydr3uAYd+gio+H3rCDng3fD9olG0zGSX4YW6mUeldD3kvzb/SpNQhIJk5uWX/eChkx6bjLaIxp7RD+Xq88zfbneCqH27G04L8xrh4Mzznl6EY9KcKx9wCmxNvhF7IVgb9bedpnOOZm8mL0H6sg78TXZkck9dH7iZjBEnFEzlb6EZzAOU7IxH9+KX/59mNb7ITkrrNO7C2VTa6EP8glJQU9a8TjUbl7G0buHW8Yh/V6kge4+u51mGlb/Tubp1X6ZqR2+4yT6c9tM+1rFcMr5CMRCYbcAypRk/Y=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxe8994d36-e89e-c4e5-4bac-b0f658837f31" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxe8994d36-e89e-c4e5-4bac-b0f658837f31"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>xeojqe5dE/OCs5pymSnuWadtT4E=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hteS5Qwhn35DKsbpxrHoEEGhv5gnXVGo84QDZfXfBc5Z4R/IY9rVutuG4vCtTPosZJct6z0orDgEFp7jptG/zSZMin85dVUyUHJ6ZzTTjZIjfojfa2KmuuzZQzjjSxKpRIdELathSCg5VPP0R+mbroc+TAcPwG7CFo/I3Qgdq0I=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Ylu7wT0/r1aGwwRBXIjaSTPwqXgd98fRBY7P70Z0V/OaLkAZKBXMWOF8WDStilR9hFLDIVA9q/kMXBo5nKnQCYPv69w/Wp+o8457bilnWW7kwEw9QV+WkA4NW3itwMFk1Ls4QdG1I8zeTYRkX85hJJmifBbStC9QPqXlzH0AcWw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>e9Q4+B5kogSyzgamYcGGfBvDeZUi3LcvwT7UJRY6542/1PDlUvJWXA8/7Vp20N4zMD6dRZ5c3iyKy2vM58L4185URFG2smJBltH3mZWhQO+EdUAYj0Zz1iFWDonUlnUQ8k7eBE8Mp94kDUL3AldGuqz2y1sq4+6wz02hQgGNT9y2Wnd5qREqqYy+ETJ1gVUZh8tp8AUkLD14OHI3SZx3V6hvZ/jr3MuRF1XP4J5pQWNdvJHmftj+++A4bzeMkQHS9Ekf3YQVX/lFnyZFvfZQgpYqxO0oQ0SuzlOJzW+3qwwo7OA1ih7frxtKssoZsXsdlZeLEx7NWVxOLg0K5uhj6bQ6QMkXyfLA2oSRyyOxrRPQ0T5Z7e7F9JolY48Q26Le8l3L7lsB2FIk6kWdQwjKwJVwdjoXL5BZsHwlzAZVoIr18W343dBx+hXem+31bmLgoYZ8kckIbUzqWbBcj6GKiFDzpSe1COzrxHxXnBDYYYQm8/r2g9YGH+mR3X2Sv3kSZMABdlP3oKL/4SYT5LUeBterN43wwc5cuKgW6pDVMqV4RwMp8Kz49qE2IVzyemMsqmr1HP5F5fzqZoLRt7nHPMjZ3gcqCV6FtlFTq3oAu/YGLRWHPjE633MpP8ykkll6nQIPjLfDWXxcBDtqu9UVt98fIkHFCgBvk4canKLCltshtiYom95EqVaxaYyLq4jGIDnWBCnbIEhEIGJuKoEicMdw5xPHANoqV+OVtfFCXWhb/jAJnZQUnffcHRXkB74tDXiORPBzuKVYIxSDVil8g8cATpcIEach4BhBe52juVSDKG8QEpPGB74YuAjrOWZ3njNipIlQg2zTpowsuz/YYEijn5NtetL1mc5VbArD4wzQRM1HHobsGUOnOwo8yRyhHAUL9YmzSrT94VWYWuuI1J1x2FcxxiLp5ToqfSkeDrfsxL3JMoR+LpjH3YgJ2Mg9YuUdMd5JO2QNMp5faPADCUj4iTzABJ2C4Hmg+IpNSMYZkK2/P57FjulYdIq9kCibZubExeXkgrZiQ+0iXxJNVudiRhAMz3pocaQl4/PsgPe/smX0lMEcc4Nc6m8PvwCBhcSx5o4eexUuRSUNIz71WM+Y2WuEaD9mXP4djWgKnuXpCg+am6YJjdwHxWFftkOObXPOYMFeNX8HJrEzymSRAFqzNaWC7mqZ0iu4JSC33I04GkqKYeKq/SvmEErujGGXOuKblN7Y9w7NozS884K5z4z+TKPViKB5rQI87bTE/RO9r7kNEuvpFQqQD/vvyHorRoHw3RSxe1+QVGbc1Yefpd9jZm1OBej5gk8rubataCQhxcuIGTJDolIbNGv7waT2fwSEb6clcOryOxudwPc+ARifDUzWvQWx8WWaY7FfKybCr1SwaPRIpuIks91bSmmgG96BwWychkVydjxbyzhKvglHzukBtzczeCyZ9kfyPL1XRLSGa0NHdw87EYBY4IiqOcGldD2Ph+oSea8yOPOaPkCs47IK55B4FgoI1kfsiyMndTxzU4SNAni3ixPekeZ/yHiVr185SDBH9eMXqDGAyC5NM1z1Wf/fNSq/OD4QHT7PC5M+Jj+VHdYVfgqNRwOWeJeQanEhQKYYbeKEErZFTTmO3+GKNLJKpX3UPZpQyaHwznd61AKbJUOCzxvJUcbBC3l1CWgdcMXgxQQVqZCJ6bxcgvFX81EbmetSwckCW93EB1ENiSQ7HaH9OMmcTZ068/SVbDhq0kz1owisVPfedZ/oJWKi5oaMS55BVStM655UQKwX0CG7llQ7e/2tbDSBLLTXKPoXY1A1zCauCUVcVoIWbbuocRbQQ90zHTpLN8XK0T5iC2SxEWZAr8+6joEN+QiGQWu87Lha7TZ7Vvbuvdntvle4BacLKwptQe9N0ExksZubqIup4u1zv4N8Hy+mJPbsMHcLsXoju1ShsgN7dfYVyur1qEjhH/iWG8U25lVlCVWaapg5eys/pMWx7vMVvjl1sfqwSptPtw1ElUE7Wk/S0v8lf15ZlOdNLiS3bK8ZwMHCUUVzHYEUtvG1bHGHjj39yuFZLaasdhdv+N59rSFCLWfJRUBJ98AzXJyWd25LlK3R1Ptn/IqJGQGx2yn6JioACDtpV2eN1Cp/hF4KQlzQjGIs0ow7K0Q5N+9EZ6Pn2UB05+T5cBUqIFAO+4X4dAQI/GFgrweNMdiciSq9JG7fvjSTYQI6o2J+ZYKf/CNC7wTVZlXbG5//HdpocyjPOnt08lX3j+3MuCxz4S+BUM1D3cNId9hs+3bNJtS4V/BN/Hiry0iHRYYy0tthN3g7BYfslGQl1jMvr4+6fcYAzioe5rLpsRboj9ORiE9qwZVfjZHA/jkHeGu6PnAF5RNyOOG2FhNCKGkUsc4lA52V5p7gKCc48O9dsDzkTLJdMN3nRPTODbm3/PPXaYuYv2UYYSw001FLeBoAfJoElimJVE+7l3nl9nJtfqBkBynufbSYIQeIxN3K+TfnvP4xLtaJ+r/Yl/UKxr+XN9OagS73GgzD23fpk478sYDuVlCkVoVzOBqCFv+QyX7cyefMv1Dqb2TvZLqfUDp2N4KfuhBCSztcXtN+9MIJ1nHeWUeCln7BMXwdHaRMMSfwcuGP+WMlOMNNUES/RHFCXkYkYov++lzHAb012E8heNlbM+Pc+6uOL/r++gD6LSKd3m1YE/8kKKr4A3vvDQvcf153FsVKPqZrLM0mx83XX5eoBV/CcEAnLpEUjx331xMagBoHFDx3UiKHw9M3gGu95HMzlep7khJPWUSh62WwI0XU8BKFVfP6XIQUp3hspnvz5POsOy0mZP/sm94h9rR8oOc+U8YsngaE38Z3dMvNb00tdP2KpJTPZ7Iob6myKqZOkKyEf82nEGV1NUXVnXQHJ7pEsA4nuEl6meN69sCFl+BGZbBFAk7jbLpt+adUno4NEgHGm2Mi04jvXuWeuH0zsbyIFLLRFpPxT+aiCtOtn3TdifMhMDWTBb/qhXZFRPCY+MrO+dPF5ghxXiov/jUEVDhvrETMtAipgR8GZH+DJCamNvxyS5p3deElDpDtrVLNj1A7zZHWr0CX0EkGjiFmVgNKkALuVxejYUn/oZewNv52xRWyPR6Ba5YMvE13+IB+anhzVcAmxATziIEUHpyhGxM9VDHwUsOqPJ665ZYm5oErJkBvzQwZLgvrUQ0PGTaHu3N23ijqV1cQgRQknU4xfAcbZdSI1J8V0CUJoWvRdWcy22akuumUfwfpMmHUo/rQwKbaFzYF+rfhQ2D5+KZqlpmbAG9U7PttDgly52p4XQfw2Gvda7fx85dAkLJD2EMA5q9nrLcVOcj2r0XPTJVMh5QE+WXZ8eVJGwrG7UlSa0AGlWOD7sc/n8WHX8fjd2Wg2qISmfxArBwj1sYSMjLUS7ti0GqrQRIvijSFWvEiLElDPqa4z6RmPKf2Hg0UE2NKPr57MPnNZ0f9oyghXquB5dWczHJj3o0cu5Lq+OsYn+1iA+TCnPKkK0F4DRor5SwxpV6aEARX/67IkWcu8GvUpjBI4vSp80wvqjUaimrqoqzK5luGlc40g/A9nB/bdk6zZQyqYjMBfCq2JJimj7vtBbZY+bLJg34v8QgTAe6X0f3tzlqusMDHDdH6RH8x9Izj+kDI22IZHBMXzSzGWdHYUcOyK6kDVu9yjXQnUepUlkR+soK4BA3+5k68MCnYWOaCQZN6l86p3QvcOJlhMnJ+kH6SqjAj94EGeGYp7On1qaMhAXoMueiJKKM1EhJ57S7QKv65QaFj2ga42xPwaQsLotGq+552tXAeTyyMy6W7A5l5eYoSV7xS4fskdWEtaxuwNQdD4E94iRlaRR/msHhq7s351VmcXns/UNULrriGq8SmAjCOXLSH5dfjMatn73EBRYiaGO3SYkWbeNjOy7mcMPLhmsI51OZN2EvyJE8hd86yfcoj60IY4UvFzZN/Ewg+iwqHVigJxkVaft9q1+Jv+2Ni2plj2h9o/uf6nNPpL7fVHZSbqcRJNofaGHOhTSVpHZkGGknV5dpZf4M1a9VDqs49WdMqCPGD1x/qoeIucCZeqMTSZpAD75MtXfSjled6poibFpIwoU/0aX5TF0OtNO5/1pS6vYteFBcE0qK+ha3lkOzj+sgDuCikgmzB1ayHEkqg8ZHlpbyoKO3L9yP1xuapemg7nb2LiDDKHCssc5Z4VyKsKrhENVu5eAykURYIV7eiSbiXBE4p7bA7iFbhrFab+1GPWG7xiPC0N6qHF+AuYFkvVGKKtIgEaV1G/lVU0MjDNw+016JHClK9qe/0V8NuPP8w9MZFDLL4D0lTnsLaaugSq0EJV2GkT5sdM1hNFbmefEOdTx48oZYVWuRgGD7ePFzfC/I6VeX83Hfv6IgpwnyWtiLy2ZjIkEl4zqcCutoqjnnAZpJbUCTb7U1oe7A4MeYkKLwgsym2mSi/3lLGm5tB+y1sG+5hOYIDkCBIQmhi+N7n8jM/NqA57FBLagI8T0VIKRHavKkggL2QKcb/JBQL47N5hqYyF5zI0zJVGvpfzn3MTpjZrwxp62MhfxiU3SLVCdPvurYc+KvBgLlawxRQaYJkkLTXrmjboqp8sFx5/otYsSihueEzrvyfJyTFGoM/j056kUEFBkyfIxwzcXVIs4OafA+vOO8UmQOt9Z9rkn0HNHM10dzQnLPUhhHOHbBloxoi+0A9Vd6eHb7/QAUPUIO7PD14J3A/yfAplh/LIlJhr313AKbj1sy4dO661aDWnpy1CrNUGhTzd5Da0RBfI2dnFa8A/ugoZ7iR8fiq+mUbgeMt54ZFkGEl+G/W/bCCQ0R67EmmXN7E4teOuTFOPDr7uw9BpcD6rLMkdxDxA4Hx2wnG3G36pyn37Mkn1eIjG5u4XgsX+bpNZJe+pHwIK7Cbkh8JENJxrcbzXcVHt52ZYCIbGnnB4hPtVgYia/xYD7O6qwrSGV4K6eA6gk8i4S79C1dXTn+Lb5La3EF5zeReUhRFwBw8GFIQYCe04wpJQct1Vgwa0DhRCMyafE/3gzoajzLUCN/ld3AOGx6GynIisAsazfaMFXGGASDLGMEkdtbezyKGwrAaaH53uwAVBKKM9FtW0UZDEIVT1HrA3F8wsWHw23PIRVfCiejAu2LxgQw4veYkjnq8nDQMQVGaGd9xRr9gLh2DOSGS8+me2n5IJylmj7sua25uopkanNQj1R2bVdcH4WKcYDHcYm93syXYHVhyQ78bOKXU5LeIbYL2Fee19Tyb7W9avzVjqxNFbqI7u0C8X//uLbbtdvrjtEMtLmOOEREdMZWPc5KVkuB8r4sXJtM4snwLSyseC3YvPj5td8W8gatLN3C0Mev7iisKSGQ2blKKVFE5UAO3s34UUleU3lY2rYxUG15ryZZPQjVyNFpufhtzrwVvZaTsjjJzCWOGLlFB4t7ZgsHlQhHAt1lCJWJLRCn4UaO9z7+OWyhJHYcLd+VHGERP7ALKHVg=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>