Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxdb8d016b-20df-c601-e46a-7aa33a52f7e7" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxdb8d016b-20df-c601-e46a-7aa33a52f7e7"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>koAzOSpce+FcBP5w0kKkSca0jBU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>CgDVjDZhCE9XCfXm5RuM4L/Jg60Ybk7rSyBwTGaJ/I8Q7v0+Wx/GPc0QIlMvM0H+2CHFQ4FawKTT5WI2JW4+YZpuzDziIM/nPmQMVVdBTkMnBerCw0W1lIqinaW2cBuvT3CZ3A+WSAjqiUBh955zUFXtp6BmX//ZluOO7UMyC4I=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxb1a10942-7290-4f18-b9f4-6b11ac1a2187" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb1a10942-7290-4f18-b9f4-6b11ac1a2187"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>YWl/jJUb9bETYWEHsh0ROZ/9/7Y=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>WXv1o2OReHMVpbyCTxwDyvrWGf29LxpBmw/F6AQb/OkvaKEhbytkhSjN2C88W/21/8SUFh4jEi5n5p9N123KuwWoedhoxU81zvvRcwTP9tPnzzH2gceTbBc4oh/dKJRvC5ObQyM/gj+AUKpqsC9JniqqKjQUC+vwu0H1RaaXErU=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxd8e4eb34-b0b6-5d22-d346-b37e953b82b8" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxd8e4eb34-b0b6-5d22-d346-b37e953b82b8"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>DlFYenKxEwtqDywWhYdT7bE5rkE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>HW162vm9AqRcBuKd28maoBJQjLOYfW3Gr5+Se3ND86gkqQCMhkE2pWqLrmIYhvh6Ph7EAHsxY5YVBKl/lhpEL6zT3Q3OcSlgfvKRAM4YCREqj+IWr6x0sgF90kbhMq7kD1opi3sag32F8EG5yZMRZfeRhVVM3W2IdqRAB9gmV68=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx3666b6bd-4ad9-53b6-e4b8-d7fae2a36fc4" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx3666b6bd-4ad9-53b6-e4b8-d7fae2a36fc4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>h2jSLuMCZAKP+RO/fTIcG6mtv+0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Q76+6/TmZ+FDnKLti1UgeoZaU7IvnWw2hAQxTtkTxZiJ3f/EtOat4PQQ1unADHS41Enc3V2JGDVuRhqgCVPBOoV/1pIimhfXUrq8iINTR0AcMK9xB/6LdCah9nXwyccULsM+LQMQPevXFQz1RHvdplCB18MQKi5wif2g3ileCqQ=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>si0eqsL7REzfUivAh9WVZz/8lW5W5GOyhtXjp8Os0f3DVdp7/tXeT6SOpuiGtvjc7HxcSXnMbAWsak6wLSIzqapphgJKjTpFl5Id1o+dEk/Ccvz12WOrH700YrpODO2ggdiFftE2elsZhEJjJnZYxArgq4Q6btvP/0/6aWrZ0WY=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>8Qb7Fl9HlLngkwsz3B5+ZFdWqD2ML6xDXddbqa9WTENbhtHEXJw9ht0lP9Hpei75I9KQT5wU6HSEE23Zpyt7DFnOnljDOoiGj5T2LrSAl3498UvxnFk1kBsgA0SKxZd2QqgPIyQaecoU+xX4aZ9gAK6r/vfAOkCLy8cH8ZrKoSsRNB1JstmduSxwwJ3Gb7zzpKCOxfK++PJnAg65jXIj7AIEXm+90NKKEAbII6GHufAlT8eoP0udP1gdWF1mkyNXyO2q4KMfokkE+T+8dZ0VNXWVZR+x+dRkPl6K/VQf5GU2tK4GKY+aGBdpSJ6XdpE6k+W82h3PqY5lU9M4nR2rWeOv6XpVkpsKlLn+6Qu4iUbrTYxnSX87yGvI1mDX+MMQtfVepVz4LCcqJpLOh03t2XcXzh8fk9XVdYTa7c2eKx2tozXZEbeLjWfkWlMdsnunHdWwY7gtIhE0nc83EuUFVXE31hukdqeOEz/jnTb/PRwJQoZ1oCSjQjce08Y0s6fX5QobVJhCPDaurKw93bRa3wV5bvHHegYRRbNWP4g5cpWXsLqlFIBfiLJfyjINko52u8ws+ehZN1mPAP5VgslfIPRPZRhtTpMMPxK3pDxd7axo8H/1bPS/2QhGjtpitSYuW4pqpcF7gri/00A0G6XYZZm7W+yJSAbTq06xYWMHf9siwtKlUo4jYDHv4j5VBDpHNMlaYMrt4kyuaXg0ECM/vD0Uzm5yI/A0YcfSJ6oLKO7cVIQ8IsFRqlTZ1Wbtxub+ZKB+jIHoEKfRjGcN5IqnMcyQKPSdp3nJ79cRzlc6nxZJWyr2Z4lK7+p0lOYv1wtd/nAyKDKgro1QsTq3L7Qh+9OZMzYlzBuaSFLSs7oZRq8LnD2vJ9KKmb/parRRU2EXZrtaFqYTAT95EQoOn7gMcs2+xjidXanC17Esk6qZ4OofN0novEiRQbSuGflTFXkPM/rZr4gH0RLHP7oxfaHO0PKv9yKZR+PiyWzjl9ms68UPxaRNtyLsWehwpzwJ/c2kscY0RNYb6MvfPf2izMdTEORpV2VjWLDhTMawHsr+ThO5eMOkGTJmZ3tmcMjEko3bT6qi2Cz3jPpFZpQzcY0g3pHgWs7ovKc1Lj4gKh6k0B2oc8dpvnGH8gUA4SrAh/6PoHUPxqgkuLrFvx4uFVoCe6uzChA9KVZGeoIPNXFFuKfhdJ1Qs36LTnqDynLKonhp2SSITMqp4iyfWsW9RHVftLxoH/XG2vly9mRMAjJdF9YvbS8AO6t++4fRSvdSWDSPqt4l2KAsJblfPrWGWiUVEEs1h/hyiHYwnHGhbLx3UMNqUXWvZqKogk38ESjObohqurTUj/JWNmiVFyol43Hal9qzftAu4+2H7xPYSg2ywL3x/7uyqn2kLfxozuHWVjqirL1n3wXfljVWGC36fBnFl4XsmfkwZIc8jyayWMbMCL+CA1CQv4+xGZzEN+PU3K3AvJ3NQ1OzLTS1JvaDrOUdDBJCI/SPsACIkCvu4VfED/EP5//E9I8IzmS1YrR8HVusoVnLi916yBAxmCt2I2HVB/4qtl/djg74MaYth2ziU3zNlekHlFMhwKybtlhDDUeWTW653HxQNwYUgibx5OeLR4vfoB1WDzTZe2YQt7LVmm0Wv8bY43Y9YY3XiBh5AxG8B0Tas0ClNftX4L2Wmm89d2UnKQcDd36Ks5otcR6uJMK4sUNp6SrJsMcjpHvf2q0Qv85a7XKpuskngTLfcBXBm4kQU5vLTw/x7OEzwqovCp9QzYeEt+aKfuRFHmDbbHbWkxwLjIbH+VMvoBootB6HBj1XO59FwhMoyabNFCIMo+Y3lU+uavwlfT2KNl9aZ+EgsFVpiixB65BKVNVYGUjRc87DKa2gzaaXCgZcoQmoLZdOuAVHRe7RK3FplYBfY0eRZDRKcT+++aaIC0LS/B+CEUSV0vC8p55ET9qzStusD2AzsCXwpQ1MZ6qCghDnN3ceOtiwe5C/LGwisechlwBD2As4fZUlSrZG9hhRPgqXEj/D7jPKEYIlDCIB/NK83nyQanME13AkhBL6sBXBMvAA3wLGhPOcrT05Yjxue6w8sckeYwfZiCYee+ijyjgHCZIVNsfmVmg/WXgwYg5NMcL3Mg9N227colYHVTOEG3Xrzum+yyY6gs3KYIojQNjqV29kOaRKocjQaWA8puq/PHO2Py77Uf8eaD2CvLSS9DQqAPZvFHrw6L9NMqrX/ilQN+74VmK1Re75iTyHxs5vi6sYOTBTUbGIWSlo7f0/LmMc6SKw5qUpXFyPJomAQ7PIRGe+t3944RI21l7zi5h7q4N/Mo+wocECZHlNH+FHdsF4PE+Ct9ninJ/PvBKb3+zKgExUQzf/sr/MUrXZXN4oDf823DHk+OaoHqsTDdfy4rIj4+HGHwdUXpMXw/j+3356/t3wadWLHOPp+9jO4O1FeT8J+T/mAHAqHFNf2Sk82IwjCISITjFhGKHGx/kZQylW3UwbcknMak3UiL0oUcOkJt8dakEDUn1C2c54xdrvYq8S1H6fj42p8S6LTcU22VHKAGnRIfXoDwKpo9IfGZMwplFe7WROIKmxIva8JjzOIT4klBFJVto80xGwi9QXgjswKkuY2olMPulPZLa9h4jwe3LFEwg8AlxUNE0rvILIHivDfsvOSWljVNYhGHuf8R4aaOVpI1caBp4GLpjySyMe0shKHTclSYS+NYX1yUKX/USopFhbwmB9msz4GlCGxGMPLiXj84NjoULM4LRWqn1PkMWzGoVoXqW9CB1C33QWaFlo7ce+0CjGKCrgK8BBBFaAxgTzJtsJWOZ4gVEBwCZrbelXq2laKjf1Tl2fY32+HHyU+NwPbQW5hhFyWHjNVmEQ2DK1t9QVhUdQs66tjYbSut4N/z9/v0XuI6Shlstxc4edZNM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>0ovzHGpbghnCLS0I71SGwC2ierfGb1TmE5dNQFKk0DVW2wuXNqQW2/GzIyeI0DEWWLhHCAy5f3nmWIhtYwq+3wWQkw9SMnnMYptqlgZhFdpB1NZUBEquDOuV6FzItTPQGh4WVnFHXZmuUv0tqdZs6zpelOpXiwmDipBA9qFaci4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>2sngdtX91MVNE3pbfAcYgFreQvbMdvhA7MtHufHgzJxz9hflChTNNzLgF7IySN+IK2G/8VRiHeYKewM+RY9h47fLv8OJOPhb6oKVuCGVv5RZ2WtjGHOetDaNn98A6BViQQFxVHNppVYVXGWe8mRbVu10XmcGGPOt81RG/e8p5u+sWW+SxIX4Bl4KhYAa18VeC2Lj/Ae5WKdAZuq2TOHOWxs/3KFQDFAs8kd4b1EYZnlWUYEaGzPPt7gIf4zuiBxf0lB9Rn2+lKEIcqeAGzw2m32q8peqRNlpxCRu9IoJBqcyWlK2dqBNgH5Xj2TYi9gV/42YWDqAGiCGty6ZTq6IXnD+tITnnoaEpgzzs22MujJwUwXIhz5BIyFywE5HA/EIb4R5Wyq38/mK6lr4Q4dUSewh+Jf7/C2dWCT9ZssMeuQfEcswLqn/uEGt0Wfy7DILYOA4McjbGkPvplstLEl/R13G+9ex/G4NqCp/8S9gJb4eNUWdFKApSCcC2Yv0c6mkr3hkyYwKCKTjzAyOGOXqAdf5Mvgl/pHAS6IhEOtVjqserAk4BpCuESZC6cxnxzo53200U+kXGxd7iOP1BNlas823oaljT+6y1RkDHslLaMwUNbaBvy2y+N1rA4E8TWihakdID81OU0LvcZ1fgHeZ+yUCFN5C4dVznEqEeBDqUyFz8M3Eqt84R1zzy0CpshwEFmaCJTxnzKhVqkbDSmizlTGgLHGNiAZoU7/IMwW+fMEdCd1U9+8nNRk9giK+IDJrTckn1y7UKea4il2FUP826QPBLivP3nw1UGGJWey4lb0ePjhvfQCB3jme90XBv9TlruBnH0ThFldMX3PDa3aQLcCIWan4vm7HDmdXKLv96RDjb6rxO1XwBFSUP8aeb8WorBo09YE3z6Otknt4EtFDY+d+krsUt1jJYkgiYnKJa1DOAm4Swlax88hgQcuV9ZpxEeB9kIQihWf3YWSqWTJrZaqd8aWjwELEVffYS4RaQqgON88uoORraTFYZ8oTToSQbALvOGLC1l/6U9AEl0CKKoq7ZtIEz0azZsRotIwfSvO3vMt9pvji/J8KwtS5/dCXkyvUmpMyM/5uFMCR1CJITcS2nhR/c+l6pTVSsvlfNBQnPv6U+YXYWoM/GI45V/QXBjO7EVPgwUCowEp1NQqthH7VMTUejwgo0Gv+6PxTx15VgFQkLLAqRKidhVjNlBODcoknH5S7djyyVa6RbHalTH/jUGkECdk8keQ5nzgVacPfJCwoBTMAfiw5VcWco6AAThoNdfFQe1Y1sW4eMSyEw8ZTgHh+h+IS5U1KVXxtUHo24HaCPzJ9SRgL8C5rfuDcIUMo2UtcU4o3k1L3dCI+KjilsN2vaHitqU6hXNf08z3qGC3ftF2gV2rfy9HaoYCkYD1yMVPecAiI0SNzy867GGsuSx1eM4R1D6l8wLeAv7HV10Nfk5ob5VWCJ96KHvQ0C2ZHi/n6Gfk4WQQCcVxQJplK8MmywV2DWCd0opJvrmwrZ5jg/k/5tezv1zmhMbesQQWHNTDj44zdxykyRu7ZANaYBgtmWCaDaEwSytNwoLlyoU0Fd9n9LbUGwkDaOR5LyNv+Hw5eE0Avgb/7zOoTnabR0YLx1Z7KvI45ri8R1hg9G4wBHnAUqySkggs/7h1vNQeQ/sE2iyF7buKnrI+pwz9FVexnZRNyB8I9cLnz3N/WNqG5DQMGjiFAe/UCznSmFLiETIvGAKGPOW02gMnmut049+/lYSyWj9FmPNQupElvx8zPGGxHFHkDBQJ4cOwsKFR/l6jArY54iRO77gbrV/veB0cYv9Il3OCPNyJufc6EbghQuRFvn/jvJAEOiQynIarTWKYChv7+av/XfQirjGTZPe3I9kEzq7dU+LzhoSl4xKZDoSzejA2Qeb6A67Hi+xi/xWJLDRTZ6Sbyi+5qWhYGEdZRw3AHf9j0JHpT5nv8F5vdNyXZ+xI1o5v7k8aSskUHBGJPokeGUaxfD0ZypFTg8QqWgMfJ622XvWP6DdI9dtPsXPvp9q3nsyxUWi0jsmOFlYEZEG4j+CHiJkpKBWDEDUp7mshGFvVrrWJIi6DLeKuxsotRMr0Sz9qkb+xvlOhfdz/kpF0CPUEO8z6S80igXop7IBZKRM6F/hKCky3KyZCwa/f5tq2LqvY+BAzY/ZYCuGhi/0t5RFx7eUsy/ZcTgWEwpcnpP1LeALdhvZd3cozZLaiXCzGJsVQkHuCzLEQye+hWwG9bpL2y/iRJrDzCV5XDGXcg85yBqjJ2PkqygCb19EFVF5kMKW1cZFgwm30zF0B4BHQttOK03LzG0iL0YFmp9jPvR73x/QbcOvree0cADCctIY1RbLYfUz3eQpwwQgLlJ3AR7xkN7BifauVmCFqVc6q6sSv+aPrPGCOuUJxtcwoj20VC2PEdNSfbXVi3qtCcd+ikDDWz8lb/3ZIClZBGNBavuC4TZlHATMVTR7V8a9P4R1F6rco6cbEt+LMD3J03KI+x8pT58pZ5B65tWvdZK5ORi8ZsgW4UyJ2wywTdV6Nr7W62qLzUfjScxKUXNki4nBhsnC3+Fe5zPH4sdkUqmhJm9aFMHpEOIP9Y7PfSwde3ZFDxyoFygztdK7fuBPkjHwkN4JD3wbxpNMi1jkbl+lN+oivjFyrp3yWQT2t4dIdYt6BRZpBFI9SZPXEzmWhLNWgyaPZfsI/rufG/p4Zmv4Y9FzfObZ1zkyM+qrO5oXkGDrpU/t54RvqfuUjU/bdDak3uvarcAG2boPTMm6OMXvHB5gU+ckRLjsvinTSGRtLsXBqVqnwjlgZXCpy9xv4BqKQKvlZWFkXBTYLhys19DICNAF2hs5WOf6oPBgsrS4XyhmJ2QaxgzfBbHhpuM7FFGROOMLfT7uaBkpzrKsZu5jcv+t20KupO08M4rokTuli4U1iBGiITHXbmK/K5RJ5rwJv4Pwc8enWTefnSmjVZS2EsWZbtdhF2EFhyKiORIjo22Lpv7dWy2Ssk8s/RqpthPQxcnm7CAUAbV3BiVuhsqdGfvM0iMrtQz5HEjrLekQY1LjgMiFNY/4mhyZCRjbu7NYIqLq8vf5SDD0thWJTMxVzxqL/VaCRt/rfybqnU6RONvZvYc36YargJXxBV5xKxDjfubPn/DJ+hzCfLMyD6gdZ41W4BsPvFIZNOGPg8MpP/0QcvypORpwFrpaRe5VcHgr/iQcoKda4ZuMNfEAOT1STGT/sObBQ7ev2NrM6V+vRaz+O6ce2vHzAGn56voh6atZFCkNXsSVCWDT8lv1QH4M/JvUSaxT4ctVbvMEB7BYk78uBPteblsbRqHnHfO457KeP1GoFZIfBLUFSI8QyJBeAiuxYei0JXf0DUDXeBDOabqVUcVYDYotImQrlqWFvvucymciSCwIoLApWP0N1oRoCizcbkqKxP503W1RpRQ8CZAqDk0xDM7UmULY+4sRL2QGbGLZG96tN10xHDIH+OPedxChbqBPdlUSNrJsY02z1zWycdMBWKfzkDW38ewDmY6zIee1PtAdQs6LbZXow0GYUe5QGS0FlLEh7Vz5mfql9r2qR4wrmbdE2DC5jIL2Xgjhtgeypr8H667/5dJAGclODsRSav6UYaHHF1/TZ7zY1Nh74iKJmSFE+srQpE+/32hg64fP7TdhwqwBEKiSzE7rhEIYDY+obm0TsslXVZNhN+0oAC8r2xLqQmheUxDuI9r6QFrcuR1n+v2OWT6ZLVq7hpqrqQY2/gqDPpjo8Nv07GqPSXfHJLthEWi6ogsUt/q1Njx1mHLRh0kERUK1m5nDpkZ6jAT7TW3Cu+FFUvwxFNwh35hgRTWyY5O9WmQWnJRobvxUsgIBPlBR0daTAhDnqDLk0jfDPxpdaOg+BkrHqguYrsGwjrkcgksVbzv4HpLAY80IYw2QXMFPiCUn5hHBGS1aJD/OS9QtpsDCmZBoqf577+5VO+vX4j1HoOhPKkFw1zs/wvkTNldToVErnsWTwuYEl6nXLzwUaWJNsNOf/US9NXa/4NYq60+R2wkk9MPUARYsCiIwEb2jHe4xXirZfQ5D4Q9rFCPdx+CKqTQUIjzlsqjXIlfpiSU/cJkfg0RfCQcPBqCnPgFzBQwlrkFYmi02GlO6PJJ2fi8FLNA8SEUUpHvjcElmWsZZNleM1pryYyTPfMYtEAjbwt+aWUG9aAC3VpqCm0nAIBomDLcY4EVNfXkFhVWsrGIHyvfVZzA60fU5OoNZjTqD9urQmP/2eqK8hTw0+97F5XHR2C4mGz9UpQajxXA5oqyC7OWQb4vkO0Hlefk0KsQgA5+vbdGJX5EdRIs10KRKMzG6RCnc52rVQamH9fMdMCTA95Vka646QFRpUG2Ptpu1u7zp9a+MFFyqs/2njiSzordBLvZIvh9wgzSWKugoPDW06QhfRRdK59J3+GZFlNTWnnFyeBgyUoBFWNaSoi7sXDZJV1wa1Anud3IzXKLnpgpatDKjM2mvQ0Pl+up4b7HibNZ+ATQeEIPNCZQpPQDMDTmVoAMmCwcGcVm/IggLqQHVKpGb58aZkYHmmq0GlnDhTZXgfGZLYKs368Z7PcxkNtgbZmAdBQd5mKZ3SQVqyKHE6MXobhCVBXqgOtryr174MWmgpcVXS9Qnv11Q8QyQmghZJ2+8CD9MFcrYJHcm25qRqr/IZZ+bmKsF56SrIHch0rnSKblJHNth45lvJ2xkytIqzxoxZgdMn7B+XEhv6ChKhejJVWzpVnESsC2VI/haFcZvmAbRHYH5GV/7RQ0bYrkFeml/qKemjCz6/bw7kAtelRJxd7xZ+i/Q1p2ozKirM7rLU+vp6KrxngvGBViPQA5dXJtw5V6SJbHofI5Qnzws1OFZIXPCxY5ARgJ2K9UwW0D736N1wwTw+0+CltT3xoAKIVyrkBGf/uK/+pGQ2kAussfmUIhv8PR9u9oM31GY6PYBk2UDK248KPatm/zcSMxisrf/OEPFYUZjmlkZHPo2Dm8TPuiS6PaHbNd584nJYJywz7UbOmjO45FkR6vQuAdc1FkLjCmsEb9z+6H+VajaA2gA+nyFParAXFj1/3mjGpvBg13N79oY+OmL5v26sgmq2bID6+0mDJbkVU8ZkV/iiDpiO74qdAJMw06hZkHXLx74nsUCZ30s2gcdx8a6DgvS9X6VQezOXDExN+cooMy+MVNZrSkKu1f46vxK0bXluCZntSn7mJ+KhD+TrFp5rQA9z4XW1+JaiiPQEJ0jQT2H3XX8qUk58vTdF27GCV0OgAUgwDYT5qZQrTPefNN5aKi86hittWA7P3KcmDyb6XXUCoE+jFWXgk09eGYBKCI4unb1gaIfu8z0iw1Jcc7+JYAfVf4TBD/9HTN7sDoSYhalzXso+So2qufs4VYD8SLa8trNuAmn5p9Tg0OPdOcH5x0iQ9A1f+thjo+pvvZZXz8VK69dBeNoy9rOTsy1jEK1P7bemW5RfKLnfHz4KMVZM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx58191a76-32aa-766a-4e1d-6cd82ab6dd28" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx58191a76-32aa-766a-4e1d-6cd82ab6dd28"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>dbttT312lp6Js8UghZePmFJWlDc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>tjBgBTidWiFfadFhlrwJ/7sEf/sDNTFcb/AS+1VY7yNqOz2yk9xSsSjHsjvkp0QTU2UVm/RD86N+ijdnkCRJRqkIoE+WY7aZiHva8jUPulrpGzLGFyU/aE2lmPnQYXO4BvZ4HwFvrz83jQSSdJPV+BaYNvkSPhI27N3dUc1XFl8=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>si0eqsL7REzfUivAh9WVZz/8lW5W5GOyhtXjp8Os0f3DVdp7/tXeT6SOpuiGtvjc7HxcSXnMbAWsak6wLSIzqapphgJKjTpFl5Id1o+dEk/Ccvz12WOrH700YrpODO2ggdiFftE2elsZhEJjJnZYxArgq4Q6btvP/0/6aWrZ0WY=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>8Qb7Fl9HlLngkwsz3B5+ZFdWqD2ML6xDXddbqa9WTENbhtHEXJw9ht0lP9Hpei75I9KQT5wU6HSEE23Zpyt7DFnOnljDOoiGj5T2LrSAl3498UvxnFk1kBsgA0SKxZd2QqgPIyQaecoU+xX4aZ9gAK6r/vfAOkCLy8cH8ZrKoSsRNB1JstmduSxwwJ3Gb7zzpKCOxfK++PJnAg65jXIj7AIEXm+90NKKEAbII6GHufAlT8eoP0udP1gdWF1mkyNXyO2q4KMfokkE+T+8dZ0VNXWVZR+x+dRkPl6K/VQf5GU2tK4GKY+aGBdpSJ6XdpE6k+W82h3PqY5lU9M4nR2rWeOv6XpVkpsKlLn+6Qu4iUbrTYxnSX87yGvI1mDX+MMQtfVepVz4LCcqJpLOh03t2XcXzh8fk9XVdYTa7c2eKx2tozXZEbeLjWfkWlMdsnunHdWwY7gtIhE0nc83EuUFVXE31hukdqeOEz/jnTb/PRwJQoZ1oCSjQjce08Y0s6fX5QobVJhCPDaurKw93bRa3wV5bvHHegYRRbNWP4g5cpWXsLqlFIBfiLJfyjINko52u8ws+ehZN1mPAP5VgslfIPRPZRhtTpMMPxK3pDxd7axo8H/1bPS/2QhGjtpitSYuW4pqpcF7gri/00A0G6XYZZm7W+yJSAbTq06xYWMHf9siwtKlUo4jYDHv4j5VBDpHNMlaYMrt4kyuaXg0ECM/vD0Uzm5yI/A0YcfSJ6oLKO7cVIQ8IsFRqlTZ1Wbtxub+ZKB+jIHoEKfRjGcN5IqnMcyQKPSdp3nJ79cRzlc6nxZJWyr2Z4lK7+p0lOYv1wtd/nAyKDKgro1QsTq3L7Qh+9OZMzYlzBuaSFLSs7oZRq8LnD2vJ9KKmb/parRRU2EXZrtaFqYTAT95EQoOn7gMcs2+xjidXanC17Esk6qZ4OofN0novEiRQbSuGflTFXkPM/rZr4gH0RLHP7oxfaHO0PKv9yKZR+PiyWzjl9ms68UPxaRNtyLsWehwpzwJ/c2kscY0RNYb6MvfPf2izMdTEORpV2VjWLDhTMawHsr+ThO5eMOkGTJmZ3tmcMjEko3bT6qi2Cz3jPpFZpQzcY0g3pHgWs7ovKc1Lj4gKh6k0B2oc8dpvnGH8gUA4SrAh/6PoHUPxqgkuLrFvx4uFVoCe6uzChA9KVZGeoIPNXFFuKfhdJ1Qs36LTnqDynLKonhp2SSITMqp4iyfWsW9RHVftLxoH/XG2vly9mRMAjJdF9YvbS8AO6t++4fRSvdSWDSPqt4l2KAsJblfPrWGWiUVEEs1h/hyiHYwnHGhbLx3UMNqUXWvZqKogk38ESjObohqurTUj/JWNmiVFyol43Hal9qzftAu4+2H7xPYSg2ywL3x/7uyqn2kLfxozuHWVjqirL1n3wXfljVWGC36fBnFl4XsmfkwZIc8jyayWMbMCL+CA1CQv4+xGZzEN+PU3K3AvJ3NQ1OzLTS1JvaDrOUdDBJCI/SPsACIkCvu4VfED/EP5//E9I8IzmS1YrR8HVusoVnLi916yBAxmCt2I2HVB/4qtl/djg74MaYth2ziU3zNlekHlFMhwKybtlhDDUeWTW653HxQNwYUgibx5OeLR4vfoB1WDzTZe2YQt7LVmm0Wv8bY43Y9YY3XiBh5AxG8B0Tas0ClNftX4L2Wmm89d2UnKQcDd36Ks5otcR6uJMK4sUNp6SrJsMcjpHvf2q0Qv85a7XKpuskngTLfcBXBm4kQU5vLTw/x7OEzwqovCp9QzYeEt+aKfuRFHmDbbHbWkxwLjIbH+VMvoBootB6HBj1XO59FwhMoyabNFCIMo+Y3lU+uavwlfT2KNl9aZ+EgsFVpiixB65BKVNVYGUjRc87DKa2gzaaXCgZcoQmoLZdOuAVHRe7RK3FplYBfY0eRZDRKcT+++aaIC0LS/B+CEUSV0vC8p55ET9qzStusD2AzsCXwpQ1MZ6qCghDnN3ceOtiwe5C/LGwisechlwBD2As4fZUlSrZG9hhRPgqXEj/D7jPKEYIlDCIB/NK83nyQanME13AkhBL6sBXBMvAA3wLGhPOcrT05Yjxue6w8sckeYwfZiCYee+ijyjgHCZIVNsfmVmg/WXgwYg5NMcL3Mg9N227colYHVTOEG3Xrzum+yyY6gs3KYIojQNjqV29kOaRKocjQaWA8puq/PHO2Py77Uf8eaD2CvLSS9DQqAPZvFHrw6L9NMqrX/ilQN+74VmK1Re75iTyHxs5vi6sYOTBTUbGIWSlo7f0/LmMc6SKw5qUpXFyPJomAQ7PIRGe+t3944RI21l7zi5h7q4N/Mo+wocECZHlNH+FHdsF4PE+Ct9ninJ/PvBKb3+zKgExUQzf/sr/MUrXZXN4oDf823DHk+OaoHqsTDdfy4rIj4+HGHwdUXpMXw/j+3356/t3wadWLHOPp+9jO4O1FeT8J+T/mAHAqHFNf2Sk82IwjCISITjFhGKHGx/kZQylW3UwbcknMak3UiL0oUcOkJt8dakEDUn1C2c54xdrvYq8S1H6fj42p8S6LTcU22VHKAGnRIfXoDwKpo9IfGZMwplFe7WROIKmxIva8JjzOIT4klBFJVto80xGwi9QXgjswKkuY2olMPulPZLa9h4jwe3LFEwg8AlxUNE0rvILIHivDfsvOSWljVNYhGHuf8R4aaOVpI1caBp4GLpjySyMe0shKHTclSYS+NYX1yUKX/USopFhbwmB9msz4GlCGxGMPLiXj84NjoULM4LRWqn1PkMWzGoVoXqW9CB1C33QWaFlo7ce+0CjGKCrgK8BBBFaAxgTzJtsJWOZ4gVEBwCZrbelXq2laKjf1Tl2fY32+HHyU+NwPbQW5hhFyWHjNVmEQ2DK1t9QVhUdQs66tjYbSut4N/z9/v0XuI6Shlstxc4edZNM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxb4ac1177-b5c0-1c2f-5beb-08a8b7aa86d8" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb4ac1177-b5c0-1c2f-5beb-08a8b7aa86d8"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>a3DmkaPC0si/9EcQLzYkZBffB8w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Q1KJeMnEme0CeKKfRarZpUzlIYVGC9+jH0qfibV6HuAixdK5/Bjy5VpYWPJNsB7zaxfPiiBgavmA58f/TBnC1+cKdzy8h80eqFurDnuFhqpe1jDvPBtURVCPvg+mPKiONp4izy9tEWeUb8+22V1DNM8DWkjZ6fr6NFAn3w4hOSY=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>0ovzHGpbghnCLS0I71SGwC2ierfGb1TmE5dNQFKk0DVW2wuXNqQW2/GzIyeI0DEWWLhHCAy5f3nmWIhtYwq+3wWQkw9SMnnMYptqlgZhFdpB1NZUBEquDOuV6FzItTPQGh4WVnFHXZmuUv0tqdZs6zpelOpXiwmDipBA9qFaci4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>2sngdtX91MVNE3pbfAcYgFreQvbMdvhA7MtHufHgzJxz9hflChTNNzLgF7IySN+IK2G/8VRiHeYKewM+RY9h47fLv8OJOPhb6oKVuCGVv5RZ2WtjGHOetDaNn98A6BViQQFxVHNppVYVXGWe8mRbVu10XmcGGPOt81RG/e8p5u+sWW+SxIX4Bl4KhYAa18VeC2Lj/Ae5WKdAZuq2TOHOWxs/3KFQDFAs8kd4b1EYZnlWUYEaGzPPt7gIf4zuiBxf0lB9Rn2+lKEIcqeAGzw2m32q8peqRNlpxCRu9IoJBqcyWlK2dqBNgH5Xj2TYi9gV/42YWDqAGiCGty6ZTq6IXnD+tITnnoaEpgzzs22MujJwUwXIhz5BIyFywE5HA/EIb4R5Wyq38/mK6lr4Q4dUSewh+Jf7/C2dWCT9ZssMeuQfEcswLqn/uEGt0Wfy7DILYOA4McjbGkPvplstLEl/R13G+9ex/G4NqCp/8S9gJb4eNUWdFKApSCcC2Yv0c6mkr3hkyYwKCKTjzAyOGOXqAdf5Mvgl/pHAS6IhEOtVjqserAk4BpCuESZC6cxnxzo53200U+kXGxd7iOP1BNlas823oaljT+6y1RkDHslLaMwUNbaBvy2y+N1rA4E8TWihakdID81OU0LvcZ1fgHeZ+yUCFN5C4dVznEqEeBDqUyFz8M3Eqt84R1zzy0CpshwEFmaCJTxnzKhVqkbDSmizlTGgLHGNiAZoU7/IMwW+fMEdCd1U9+8nNRk9giK+IDJrTckn1y7UKea4il2FUP826QPBLivP3nw1UGGJWey4lb0ePjhvfQCB3jme90XBv9TlruBnH0ThFldMX3PDa3aQLcCIWan4vm7HDmdXKLv96RDjb6rxO1XwBFSUP8aeb8WorBo09YE3z6Otknt4EtFDY+d+krsUt1jJYkgiYnKJa1DOAm4Swlax88hgQcuV9ZpxEeB9kIQihWf3YWSqWTJrZaqd8aWjwELEVffYS4RaQqgON88uoORraTFYZ8oTToSQbALvOGLC1l/6U9AEl0CKKoq7ZtIEz0azZsRotIwfSvO3vMt9pvji/J8KwtS5/dCXkyvUmpMyM/5uFMCR1CJITcS2nhR/c+l6pTVSsvlfNBQnPv6U+YXYWoM/GI45V/QXBjO7EVPgwUCowEp1NQqthH7VMTUejwgo0Gv+6PxTx15VgFQkLLAqRKidhVjNlBODcoknH5S7djyyVa6RbHalTH/jUGkECdk8keQ5nzgVacPfJCwoBTMAfiw5VcWco6AAThoNdfFQe1Y1sW4eMSyEw8ZTgHh+h+IS5U1KVXxtUHo24HaCPzJ9SRgL8C5rfuDcIUMo2UtcU4o3k1L3dCI+KjilsN2vaHitqU6hXNf08z3qGC3ftF2gV2rfy9HaoYCkYD1yMVPecAiI0SNzy867GGsuSx1eM4R1D6l8wLeAv7HV10Nfk5ob5VWCJ96KHvQ0C2ZHi/n6Gfk4WQQCcVxQJplK8MmywV2DWCd0opJvrmwrZ5jg/k/5tezv1zmhMbesQQWHNTDj44zdxykyRu7ZANaYBgtmWCaDaEwSytNwoLlyoU0Fd9n9LbUGwkDaOR5LyNv+Hw5eE0Avgb/7zOoTnabR0YLx1Z7KvI45ri8R1hg9G4wBHnAUqySkggs/7h1vNQeQ/sE2iyF7buKnrI+pwz9FVexnZRNyB8I9cLnz3N/WNqG5DQMGjiFAe/UCznSmFLiETIvGAKGPOW02gMnmut049+/lYSyWj9FmPNQupElvx8zPGGxHFHkDBQJ4cOwsKFR/l6jArY54iRO77gbrV/veB0cYv9Il3OCPNyJufc6EbghQuRFvn/jvJAEOiQynIarTWKYChv7+av/XfQirjGTZPe3I9kEzq7dU+LzhoSl4xKZDoSzejA2Qeb6A67Hi+xi/xWJLDRTZ6Sbyi+5qWhYGEdZRw3AHf9j0JHpT5nv8F5vdNyXZ+xI1o5v7k8aSskUHBGJPokeGUaxfD0ZypFTg8QqWgMfJ622XvWP6DdI9dtPsXPvp9q3nsyxUWi0jsmOFlYEZEG4j+CHiJkpKBWDEDUp7mshGFvVrrWJIi6DLeKuxsotRMr0Sz9qkb+xvlOhfdz/kpF0CPUEO8z6S80igXop7IBZKRM6F/hKCky3KyZCwa/f5tq2LqvY+BAzY/ZYCuGhi/0t5RFx7eUsy/ZcTgWEwpcnpP1LeALdhvZd3cozZLaiXCzGJsVQkHuCzLEQye+hWwG9bpL2y/iRJrDzCV5XDGXcg85yBqjJ2PkqygCb19EFVF5kMKW1cZFgwm30zF0B4BHQttOK03LzG0iL0YFmp9jPvR73x/QbcOvree0cADCctIY1RbLYfUz3eQpwwQgLlJ3AR7xkN7BifauVmCFqVc6q6sSv+aPrPGCOuUJxtcwoj20VC2PEdNSfbXVi3qtCcd+ikDDWz8lb/3ZIClZBGNBavuC4TZlHATMVTR7V8a9P4R1F6rco6cbEt+LMD3J03KI+x8pT58pZ5B65tWvdZK5ORi8ZsgW4UyJ2wywTdV6Nr7W62qLzUfjScxKUXNki4nBhsnC3+Fe5zPH4sdkUqmhJm9aFMHpEOIP9Y7PfSwde3ZFDxyoFygztdK7fuBPkjHwkN4JD3wbxpNMi1jkbl+lN+oivjFyrp3yWQT2t4dIdYt6BRZpBFI9SZPXEzmWhLNWgyaPZfsI/rufG/p4Zmv4Y9FzfObZ1zkyM+qrO5oXkGDrpU/t54RvqfuUjU/bdDak3uvarcAG2boPTMm6OMXvHB5gU+ckRLjsvinTSGRtLsXBqVqnwjlgZXCpy9xv4BqKQKvlZWFkXBTYLhys19DICNAF2hs5WOf6oPBgsrS4XyhmJ2QaxgzfBbHhpuM7FFGROOMLfT7uaBkpzrKsZu5jcv+t20KupO08M4rokTuli4U1iBGiITHXbmK/K5RJ5rwJv4Pwc8enWTefnSmjVZS2EsWZbtdhF2EFhyKiORIjo22Lpv7dWy2Ssk8s/RqpthPQxcnm7CAUAbV3BiVuhsqdGfvM0iMrtQz5HEjrLekQY1LjgMiFNY/4mhyZCRjbu7NYIqLq8vf5SDD0thWJTMxVzxqL/VaCRt/rfybqnU6RONvZvYc36YargJXxBV5xKxDjfubPn/DJ+hzCfLMyD6gdZ41W4BsPvFIZNOGPg8MpP/0QcvypORpwFrpaRe5VcHgr/iQcoKda4ZuMNfEAOT1STGT/sObBQ7ev2NrM6V+vRaz+O6ce2vHzAGn56voh6atZFCkNXsSVCWDT8lv1QH4M/JvUSaxT4ctVbvMEB7BYk78uBPteblsbRqHnHfO457KeP1GoFZIfBLUFSI8QyJBeAiuxYei0JXf0DUDXeBDOabqVUcVYDYotImQrlqWFvvucymciSCwIoLApWP0N1oRoCizcbkqKxP503W1RpRQ8CZAqDk0xDM7UmULY+4sRL2QGbGLZG96tN10xHDIH+OPedxChbqBPdlUSNrJsY02z1zWycdMBWKfzkDW38ewDmY6zIee1PtAdQs6LbZXow0GYUe5QGS0FlLEh7Vz5mfql9r2qR4wrmbdE2DC5jIL2Xgjhtgeypr8H667/5dJAGclODsRSav6UYaHHF1/TZ7zY1Nh74iKJmSFE+srQpE+/32hg64fP7TdhwqwBEKiSzE7rhEIYDY+obm0TsslXVZNhN+0oAC8r2xLqQmheUxDuI9r6QFrcuR1n+v2OWT6ZLVq7hpqrqQY2/gqDPpjo8Nv07GqPSXfHJLthEWi6ogsUt/q1Njx1mHLRh0kERUK1m5nDpkZ6jAT7TW3Cu+FFUvwxFNwh35hgRTWyY5O9WmQWnJRobvxUsgIBPlBR0daTAhDnqDLk0jfDPxpdaOg+BkrHqguYrsGwjrkcgksVbzv4HpLAY80IYw2QXMFPiCUn5hHBGS1aJD/OS9QtpsDCmZBoqf577+5VO+vX4j1HoOhPKkFw1zs/wvkTNldToVErnsWTwuYEl6nXLzwUaWJNsNOf/US9NXa/4NYq60+R2wkk9MPUARYsCiIwEb2jHe4xXirZfQ5D4Q9rFCPdx+CKqTQUIjzlsqjXIlfpiSU/cJkfg0RfCQcPBqCnPgFzBQwlrkFYmi02GlO6PJJ2fi8FLNA8SEUUpHvjcElmWsZZNleM1pryYyTPfMYtEAjbwt+aWUG9aAC3VpqCm0nAIBomDLcY4EVNfXkFhVWsrGIHyvfVZzA60fU5OoNZjTqD9urQmP/2eqK8hTw0+97F5XHR2C4mGz9UpQajxXA5oqyC7OWQb4vkO0Hlefk0KsQgA5+vbdGJX5EdRIs10KRKMzG6RCnc52rVQamH9fMdMCTA95Vka646QFRpUG2Ptpu1u7zp9a+MFFyqs/2njiSzordBLvZIvh9wgzSWKugoPDW06QhfRRdK59J3+GZFlNTWnnFyeBgyUoBFWNaSoi7sXDZJV1wa1Anud3IzXKLnpgpatDKjM2mvQ0Pl+up4b7HibNZ+ATQeEIPNCZQpPQDMDTmVoAMmCwcGcVm/IggLqQHVKpGb58aZkYHmmq0GlnDhTZXgfGZLYKs368Z7PcxkNtgbZmAdBQd5mKZ3SQVqyKHE6MXobhCVBXqgOtryr174MWmgpcVXS9Qnv11Q8QyQmghZJ2+8CD9MFcrYJHcm25qRqr/IZZ+bmKsF56SrIHch0rnSKblJHNth45lvJ2xkytIqzxoxZgdMn7B+XEhv6ChKhejJVWzpVnESsC2VI/haFcZvmAbRHYH5GV/7RQ0bYrkFeml/qKemjCz6/bw7kAtelRJxd7xZ+i/Q1p2ozKirM7rLU+vp6KrxngvGBViPQA5dXJtw5V6SJbHofI5Qnzws1OFZIXPCxY5ARgJ2K9UwW0D736N1wwTw+0+CltT3xoAKIVyrkBGf/uK/+pGQ2kAussfmUIhv8PR9u9oM31GY6PYBk2UDK248KPatm/zcSMxisrf/OEPFYUZjmlkZHPo2Dm8TPuiS6PaHbNd584nJYJywz7UbOmjO45FkR6vQuAdc1FkLjCmsEb9z+6H+VajaA2gA+nyFParAXFj1/3mjGpvBg13N79oY+OmL5v26sgmq2bID6+0mDJbkVU8ZkV/iiDpiO74qdAJMw06hZkHXLx74nsUCZ30s2gcdx8a6DgvS9X6VQezOXDExN+cooMy+MVNZrSkKu1f46vxK0bXluCZntSn7mJ+KhD+TrFp5rQA9z4XW1+JaiiPQEJ0jQT2H3XX8qUk58vTdF27GCV0OgAUgwDYT5qZQrTPefNN5aKi86hittWA7P3KcmDyb6XXUCoE+jFWXgk09eGYBKCI4unb1gaIfu8z0iw1Jcc7+JYAfVf4TBD/9HTN7sDoSYhalzXso+So2qufs4VYD8SLa8trNuAmn5p9Tg0OPdOcH5x0iQ9A1f+thjo+pvvZZXz8VK69dBeNoy9rOTsy1jEK1P7bemW5RfKLnfHz4KMVZM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>