Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx26261c9c-4e71-9a20-1ba7-b0e8ea51cc3d" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx26261c9c-4e71-9a20-1ba7-b0e8ea51cc3d"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>mteWzieRoOjbsQAgVTrGqi1jk0w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>YrxEFG2gfuE7IwriFZCtNAJFx/s5dmPx1zpNGZ/EhWvcJsImvGYNhKNIDNdwiflzRTXJPb0W8xAB/4Q6Tw/dJIMhHL7zlwoOVkjPiEIbs4MNm3+imbh5FJhyLl/BkS1oVUjC7X6AH0yzYBn0C39UfLxJP3ZGTe9uX24BY/4/s68=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxe3abc9ad-7e8d-7e63-cb50-99d33faf0197" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxe3abc9ad-7e8d-7e63-cb50-99d33faf0197"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>QO1/lLLWG1xmDQzAaU4RGVjcGBY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>VVR1SgZVC26gzzJwhOWxxz9ynDwu0PE2bn0CPO5ti/y0E4iSrWFG5FV+E1baCMxjvcs1744tJLWMB3O3Kv1PfVbm56Rshth+K/2KiplRFWl7eXOruTlQNSYmkC0ISYh3ac0eMbG/6lSHAuD4tGWtpsYptSFoYc4bm4HOYq0dZhI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx9cad0873-39b8-52da-1082-c7ced6a6e7cc" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx9cad0873-39b8-52da-1082-c7ced6a6e7cc"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ChT89Zjmr9PTTILis1xoR6pv0as=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>OxomjexkvM+86fPmRr9hVDE0jrg8Er91LOVzHjf7JeQ0uCZUbmR+l2mANj5WQPsW1PqCN0Zsjjkvpl7bVs1XSsrXeZoQTGeJ45+8fas2aRtC3ZkCyx8XGzem5cFfm5qoBIoE4944S1/INAi2eWblsmbUobOUhXU6U2pVk/yeIvs=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx629d5741-c163-fb31-cb5f-8048fa6298b7" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx629d5741-c163-fb31-cb5f-8048fa6298b7"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>0/jm17mwuJO9dSUK8hCGBTt3eFE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TE8xw8NuHS62GRdryPY06xL6Qnvc09TJ2NB95aFEa8USvGvJk/7KuFgvi67lDN7ncFBkNKDq9g2661Qpk/1uPSw9z/L5eAFYBrNU5jQ3y5b5SBlz01CbpqEKNNGcrpjEunMsi+O7XdLHVY8ommM4N28o9pYoA+GK455wfylWRGY=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>qKu6XEany3ZA5gQMRCV3K2UHQmtkoPcYWLebnADSwEUvYujozs0xMhddHaKzTVLTnGqpCHoHZGoVcmPeAhGjDjUvJV0Fi+sAIb/MOt71/e82rgiV9GbcrFrzojycqb6CmLBm8K9mX5WfsD8DBcu3AJk3z87zAIABJEReAzm1udI=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>96WDNhBLqL6IDiEUM+qvD3KGBeo7/aVesYxssnc5qud3+MMdUbtCUkN0lP6i7ssewD6YPAtMY+JojjPJ6myOrKwyXPQCndEtYxv4RgaJyW6xYI/ZzMUm/FpwX12eYcmrNZrPsJqsMcRftPuSPcG8WhsQWTJAo1/3QXuGJKaW2lvO8xT+wh0/1wgiLM4hgMkfzQKYem1wV/txS/mG20pIWz4vPjNRkw+vI63Ln+HWXDXJKHo+eamUhnn0obvLwo6K0sxVEtetcAH1iEdfnyNXZhZ1BdLENVb20HFvZQVYqaJZy/e20lj+/o/tTaw3cXOieHzkVm+M4aZjOnWiuHZ4uUFCey1UHP52zh2IyWwGfiNsR4ChhQJYA9YCccsXM3W6XA1zgk5GgVKbr5mf8o7+d1Vn9Feh5Ta6xnDK0xjHp4k2Fedt70LMTKy8JyWXxliLuHQDjBpjhetmYYWsGCrr4y3UAbJZuPOry+FZW3qwrJt3/K0xjZXbB051HGjS3jY6iAcDkPHGNi/30MhsDr9Ya48535a+/z10h0wc3naEVOKqnyunOiR4AvwlEOL8ZLde8gJPNyEM+T9wNVtchRCKl6zEvvnfr34HozX/v9QlLEE538v7enPoPdKL0wOHYeo2Yi4hYkcx/U8g7brrVzOMsXCrVwbxfbsDpQJLvXooC4LJpTO6hmFBkpU8I2FoeqwdGF3ThlA2/xxPNpQFt6H+alg8tserEgrOWuLBtUtYBMSMySy2f8QaMGsswQVlMEEB8wWZSVn0JsJ1U1klkEPCGD3JeULi5pcAf6vCnkGq9/HXjXpx2UdKPvyb6CxrPLAPQ7r80doixVOwvcuwTu/mRwIIqWJGuqU5GaD4UZQcPKHsSpbJgPmV5KgzC7VPE6bo/KdZ15Gy1fOei+CHFcNZrtPOP+2CRBrcwZp6wvfgII/9ekwgL4SL5R2v7cP8fhkhCpVwwwNdQE1/Hn7QBjELcEA/AdOtc65DugFPt+VaMuJG+b5qzgjQN0xlX68+MmDwm1BDtZ/Jx5KXDjBDZueNNEAxB68N2p5nNhHLKbVZM+e0SZGFlPqa+LMD3BQ01Py+Y2JKH1Hv4MP0YXwdqUpOEz8y5YM+Jy397ZltwwFOGkqQ2IJhUrx6Tt1G7MaNlJgJ0pmVif3EduDCGlUJQnBffMIg2MQpuW8U3k5oxTeZx3sPJiTRR0idroG5fs75eWx0XSGwI+54cI7xEwpExAmbg63YwXQgGe9Qe7FY/dBEbqY/sJi6XXhDQVJXle8zWga79sduF6GHtn/E44PbCBqoEhT1D0RGGqvCetPKrQUy+Q3QXFCBiTuH+BwSCkFQcVeYXnpekuRbKu50prcjpr21Gq/UNR2QcgnLiPgSVDLQE0JBWB/Ych+z02Fmz0Lj7aK/kJqqceUoiLDMw7R8kc4451dGph3m4WBPXLayI1/HkHsoPf9eIHQbD06oyXyP3pQYa5O/ekN9Y+DpzPiXI1GIqWwtcGZTlunTgCPVN3Ul/eiMe3cXl+Nbf2Oi6Ef9Dc+JVYwYxpROVzBr5Dw8ciS13Kgc7n1tjLYsAT0e8ZHXQbFYedXTw1I+l3lc+6uZ0It21AzcGrUyOtd2ZLaFffGqoSg95i1+HVQTs1uA4DmDz0Xyq3YRJVbt9ifo/Sil34NOROUioxJX214Ibyw+wVevaKsR0QGyCUaJJBeahh7wAG5rjypXO3BGIunCjMo6cNYT/BHvhiH0OXMtPCFZStOKkN3VeeZFiIExyTijjR3rCh4DBpmFzWEWL2oi3iZYhK1gt1Wtp6y2sz7snIBUww4bp0f2dYriMpRpPA4pQ1FIpdoG9gvzRY0ocblY7PMU6S6N64BNqXsSxb2CSXW7uBRE5C/PAwA899EUnQPbFZ+uglWitBuK6fxZUZLmzLRD2uv6UI9MEMB4kzBMXdY682BDpFMSGPHqxQokPTjZt3ZzIGtnwupSibwIJQY/LdMXA7Xz8Kz7LStWMA7Z2CgXpaI8xkbMBx7+v2qGYBjqbSk5ys5sbhE+raoMEUC1hh9L/tHOrZJs8nvBT0mXBKo/XMnqzrvX2Qu0Daw0SnjDiCyvot3cH6trXOdS1EgSER4cOoLHBEMkHPOYUviajOQrRM8WwrQLoEg8favu+oaf1YaGHc3ZtaIBw5JjQ5D29hQ7LXmzlteoXBhxa30sw+T2Xz/38TCiLbJVbW7jhys5BzzzXSaETQ4IECqOaQjuP6Yednt1h3HOz+ZckEeRK6hUmEVggzdg4nXwTuq2D/sD17zZWKXWMYQcI8D+zJXo8gk3GIZP5BfRTVsTgn0kKu1RDPLX++L1CA/Mqp6sPjTUNs5HJZuxU/IKq/jNTe12YeW2QNnh6CfyJTM2llQOyXd9cpFDCIlQZYHmDCO0Yk+6Vjz792CcRLwTs1IbBr+AXKmRnj6BZL1zqTvw/UtI1R3eBfn6rDTtwdvJeTWXGlGrkGQmoKIGsB0PSHCeCxpV+5++cA7SYqWCZIpIEOfmYIQUOOJIqkHf833PzAwNENbpjvRBbX13nbjlPC1/rzx2zHMVomTJnoYDkexWBAFJLt5pLjFIETusPJ/cBsZGVaOpioG7EIAY7se8OJfaaUYemxLDzxXYY8KdMYB3ySDAeg93Q9mrZQemMGgdy8WTLWi2ayCPMISMHU+W2ydc+7UdQZHLCPpyVkgTxKza4ydvg/Q+BB75AvzW7NPM/TZklhy62t+6hnR2ozvV63oilgHdAMli97tAyCIzqCx1EpgyxBWtod1XSl6VbEdVmkQm1Y/R1YivDuwtPMKzFqakgkKhM+/2IYbsJUBK96cgDUQbdFQUhyrJlOx501BJH71OY7lgMlRnOFz2JL3ttxFfFdNthiaanAsxxmFW55pWsQOTw3mJsx4ME5jUycTwuqo5zHyKrbdittk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>AEVg+NihAic7EZNKPsKdrg6ENX16uc+RFQ4WQcCjewdvYpsDHX3rQhJ1bTmLpu2VJpw3Gs5+h7mNU6fJaYlBdOxn/8bVBlwU0U7T1lA2vSK4Hm1XGpATf4AwE37MHXe9EDksb1RUHmz9J3RVCGb3uY0oRw0G61n+5+zeIjmc8VE=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>5p6t13W+frrgMxF3pvO2G/uiuP1BxXGthsBLQUZvlL0b5H5soduGxLJK8NBJ+emBKlJHEpmQ793IwrAdVAJ26NpFcmgHq33eDhC+4kUG/erAs2StTBFf/jOIkeVNzKhdeO9Xw31ThajUq1tSG5nKNIv0ISO/2Rz2qs3aWIZM3yJtpeCIBRD6PXJXKv8PPXS7ez8mJRlU69+yvJMnTTXeTQjr/Icp8YnBVFJQmCwpnQ6SBxZxQxhivMGOwrJdLfARGH5kEEkJt27qbKF9RJmhSg8hSpXk+jQQ4PlkuQYqga0W+Tc2KPyh6e5WYH0VvyaB4c/yrosRoJEEYeyyme7m9uUUxOd6p6vQru3rQsXUJV5ev1873YHUAkZVf26no4sukExL4SIq2JkMFukBEWD9jUQmfqcL9GfUOYnM+OUvLiSQEDFuDT2/P1kNVehjTah0LCZ64nJTmARyWPQHiQaIbRoLbid7j7vAQgyFpOO2sPaDSbYgKPuxiCJt0cIZ+q+qYoWSKfsNe1/8/oUWZDaQBYfigXBxWVC4y5aE8FQ/dVCjAfmDFwrZDX00qRtWKHluovXt0Mija8FlyeExO7xDRZGEQiSilWaEvEFfbBfhSIZYoowaQD6FLvgDkcYD6Lr0uiCn6jYrnrQpAF1QCpDlikeVu4WxjnnoJLT/TY4l7zAzztpTAmA8isgHZ6uz+yHzqQ95EAefTPLtfSvuGa8YA2b3m+hvpWcz0TsLJhvmaBY5AUTnLvym1Crw45/T9HSW/0bajFZNvxQ2D6oTv+iOsnDOz4Z5TfjXosTws7gv7NEaSzgv9m7pKw5yRuo+tyDva2sMkwHk3gZ/AYKNqWUOUzZ3MXsXaBOrlbAC3XJVIoFEnM2xUxJIUrXAS/267Nmg8fLRreixD4BRw5EFI855xmTjmS/dM4UCXlzxtN44Bz5f0GRrvM5Rb+XAFOfLDqPtKkWg8StSQqATXYq2LUwkeKlkvo4e4V8AB4zWIJ2j45mmTNgxrt6FQFj7//ZqpPlEpz2Ul7NK+FC1HxynoBbDsTFRJmdHV0rLC96W5pvqpeS6tsMGoNfE25DT/X69nIgzkzG25CBMA1+u1s9xV50ezXJhgnYbiglD4sk+c7P0abRywDoGnSDXypeLtUg5UnBFIoRiRTLS5fPYwf03v0kV5HDynLMG9K2ta812DV8/AE37T6IJMBr9l7P57FqJ2jMMYakoTaotQ+TU47nB68/u/hrYRCjHJUZ8xg/2nbucL/W50d5nyJuZFU2OhU0cLdAZRtsboKL5utAcM9DVUVFhBLTp0gcn8BbV7BqcBdOEI/R7tImNsl4wTewqm9Yv+lOdLny/3QyA+JqxMGBUVDv84JpwfPM8l3i2+DXRslkpYLvVvK5x9+PYvpp2B33DHlFABXN7WLKXJ748t+PH55hXQFFzlsvBAgdn1JaxvcVo8v/nBWnV23bHiMScmfljqarRv/CBpqEz2cgwruW9byulSdilfCgQyV8ynBDSbfxjh/zcCAPLLceiCIzF/FvDKC0at/v56mTxlzdWp/rpDVKK9damVdcvxP5dlPJxDzMjTPwsnX4MBZSz8eE5SLA3BZ6+7VSE0cf/9FvPyhztN8QzhEOJjqkZwOi86bdrPgybJL8XftPowS2oKNmE79WpKrMjwVKJtWhULic5niC2nqePIDoFonYGE8h2r7nEJLDc5HvmjhMY5lyoWR+ynpAmMJLNAFu/PWuIFCN4WfDKs4qS81q+3W4vhJEAkAvIzqZL5gHkBsMT8eNF+Aaak5RyUExHtVfrEJSVVI9rRTXZMK9jd8OFi9vnslGAsk8tXeM9KZGTBrXgxIgP1tOEmXhvD1z8hA4W+6YL4/ugbypTeyjxXKtUAsSTssrNc/Mjov/VCx1BEjc6p4YSTbAi6V1Flnch65vpCvKs2tmEYJGSCyaoFAAKuSRy5KB95SDp6dJyWY9DfcEngbEqURvSW1ZFCJz92nEEiVvFJAC+0b6QwqkK9nrqxJZykUbzl2SIpYR1+H4dITBabd9showVM3lJh170DCYFQuogJIUPFs5wOp5lxCg9YyGInkvO4hqm/nrRveGRXbOjYytNhtfdw2TrkTD1QP9JUE+aEmZUZtt08nP9yiIIATphQMZcZlPrmk//hkwr4uepbV/fbA6/8W7XlQ+GZ0k7mSmFY5ZWOP5QfvwhbEXmQlvkShQak1yBY43sffvuXGRTWnEtcqUFiZgpb5588C3RCszshp3O3z9uYXVoKFRCkzBakKdiMQcI3m0lUZiIURPfhJMuXbD4MGBV2lrRcHMhhvOYEVkgusdwtglJGeNqnjnl9F6x3DB+LXGrbSDK3Ok0x3j7qv2AWHUNSvXmOpOqgWsiQYSgLAWUm9bD/tHkRoWdq888jnpruEvisEAVqTOM2n8tHt7VwTi2LhOkCBZwueWfoOfBDGhOvehjr+FUPxtTfqrbAr0wHvzhNSQXvbaelHELJ74Vl0NRXZ2ktqzIb/QM3FX69c6NuHP6qoekCaUbPhuyCbYFMMvj2kCLZ8DP5PuFVk0a4aarTpyr6nAC9h/DKfO2tlFHhndz00+uycn8vfqM+zrcbJZK4lVLXDssynkzEVky1QBVEBeFX5ISq6dPmlwlulU0Jp745pPSLBAdEBFgB6+yQ+ALvD3QIA85X7h/9FfPWMcA7n85wpqEZh4foobAziwaRRS9iDDq4Rvhwe7lEEfGcOif/yXjIAYU94/LNTdsbEYdwF4wZJVKHoTYYuZ3MKgVnQJK5iX/cMgw/99cqR89nzJBkNaIMS6cH1LV6BICKp8C/VWJJDGh0jgOdNtHQp7COvKEiIXUJyM065SLUuAaLsWY/kPPHZAHV0Z12cZb42y/AeSvbGvoeSGExVvOIOusoyDK2nZA8lrQ0i90h07STfjZIpUkgVdJ1u0VeacU+q7LdNfURe3L0juN59BTq6OvWiBfnlCmWb0V/NkqVYB0GiL6mJvVfnSEFDJM+VO1W7B/0Gli/XYQxbRCFN0FM4zPpYI9EAKAwizp8eByz2epeok4CxxD/wcP8dJ4gECe3CKg3knGrO73ycQRuoQaCLpAFE/lLpDQEZ9YIAQ7YfroxiE5LdhnFdwvHl+c3oIxGvGPFJ05xcdL60WF85xHDfDfw4UzEyV0TQiZt7o0cbapGPEAMfMUBAB0OwlByRz2tH/tbgvSnumygWLY3gAaJ3BxAE+Fyus/w0pDMZs2CBZEOMuZSw6dQt21z4kxEjzrwV9jD7lZTm1bgcrjHoH7GI3TQ5FYzYcRar28MHYjilJUD5loKQj0tFOYEuG5PduNxOUU1XdZj7yWCJdXw6CYYc5J1huoLZeGugY9/qrcnnl6ERvt0utaH5Kn0nGfuTFYVWi2AtBU/lbY1ShPN+FQOCdFbysXH97yEqFv77/5AnLPNB47206UhJPYhejAp6trQO3RVUfkZ7t9yv+riLl4sjaFgw7b1NkdafGy4eI1K1SEjH+quBn0TEf1uIEKx/kWYDiyJKSwmTlsPL2H+NgmfrhZDGPdldLHk3E2fjOpxzhvJo17j0pX3ByERjjjrxLD9en0dM8txKtSBNBzOBf9UpfNecjwtV++D8JPYeX4JnQdobrPP0LUu3NN86HmU6JRYWFUZIr0xm0gWQIKfuYW2Tp4mv7Myv+tLmqufKSBJWIpg0qTWIMFVofkkuOGzOKjouX38fFuPV9C1mKCYLToCXfqNZ+BsY1k6cyKoxYsShzrAEXhaiyEDDoD4HCISi3zYMQZwewqQ+WGRqLuTgwGiJO5oRT1rliysstmfFtoy6rGVsbXfyrS6iXmzS50CJ5+/mtl9zsrcWtHMHmleo8vHksVlgMiho0uGhiAMnOeh1homx3JojQW3697lruYYudGnjveRAoFOUJ1W8XDZzSHOjcYzX9giv+kK+W/HZCmCixjI5nY3MluA4kNopCuBsKV0zcXG4R1tYg9DrCh5Zr4zcgyICIWhAXVDGd18+89FyN86F7+n/kX4aPgmm8Pp2hVryMZrHc8e7+0fditLEC42N1mR+XCOJfbcmanufjz8l/Rzc/2GheL51JWvaQcAAAUhzVgpg5GXFbzN4LN/g3IatUW7Fptp7j6pjP5uSzkC5UusEeymS8UvKm+1mdjPV8rvYPhtcGyfknnZRlKa41LphAAcvk5bXrMbIdaWp5PbBdsO2WHN4cjREjQRHXPnurK9cEQS94Kei865faiRIA4QXjgXasOfjJIdkeaGo1vzRaURZ4bQdU3txQPTkboxYk53dMOkS8FYtqRlgBVuZJE6CLA2yNvvSXCjqfw5VzQvcpQnvqmNWSpWEEejL+9FISqHDzWaGQ3ZWYhL+Om7rW2CMZYav3C+kQWEbN7m5hrJHkK/idf6SJQVKCcbaRCjg8qWNGNTuk1RgRBMPzre0x0NQBYGXwth8ZM6lmRV53rCpDRKlBnnrOab7tP3v0ks0R3wyHrOt6oQWmoinqMsfcR3GCb9pX2r4ZDFAnWn0YgctEXwNXU2z8gQe7zCWV+m3VIb+2PbEVoIwV7Ag5fYD/dnGp6u0f+2jHghfGCPQR9pDX7JIKKqF72toATh9/GG5gq0PTz1y3HFSF/U8yQZ/dPSRztpzx9pLE3rA7zaZ74iyCY9NbdKaxjW7VVYbCbI6tfkv090lwmgyonUy93hzctIttViZrUZuEUvUr1fWhjNYwhvAense6SYZQUSLHUcNK//m5POLPidJdkWxLNk5LjwbclMlv8k6NICY3vdZZv+cGhNjyvCX+dpOEM40OtETH7UQolieeqAb56/m18HyC17fDdZ4o0xEC3l3mDYjM29Fi/TaNpK4TBKiV4vuAYeBhwwuduYeSWDZZ9RRW/Y+R03PwfYTifKGDstQDcv3EUuO0YpBupHs+erhrKvz5YayMCE4HVzpLzaWOK1WsZOwVebm18ZdVcduxbjV8KP4lG4pDo8X6FvOwWsroMTeoofyJQ6aMUFsN2WTmJCOIzucSay9V0z03RM+a1IWHe6D+H85dEl8l26vAjbGKtN695retGrc/3Bog+zMFC7fFMcBVzMbU1j0pQ/Da0WtJAyymUN1I3Vrjjo8fCAsQbrm+byetvRaHH8OoYZf0Immef1qPetAmp8Za/X7aot0w1ZHAEr+uf+11ns+buzK/Rn+zgtcIl7erWUfiutpWXKEYgcSQsPvudDt4mvHi9YIMnU+nOodl5xngUw0MLtrQWQE56mI5cNAHpuhpDdimRlqHeHXuYC7BNg3kWIteqtNP4Cvzt/xrJICbFLuoKt5b/zCL6vYUHPB56GdJsrog14+S7Q9q/g/Wo+/4YFOOHCLkQOeIuAA1wXc6kGK3Q6/Qf1URjJ6Y4CCMVJsKbj2rar47zRqE2lQ38E2QFaT5EhUTh8m+7VmoD+GiqIc0V0fwlgu2UKfkCvwemeyh14s2QMU82NEGiTxmC2MKZXypXH5jk/3nzxQX27RYnqSI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx4041d8cb-9970-90f8-47dd-7307abcbf627" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx4041d8cb-9970-90f8-47dd-7307abcbf627"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>H1NCP3EYnGuRQa6nt0ltBJ7adR4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>aQIvRU7xfDQVLI3p/xVS8Y0dTLf4de0jQNpsDszcdMeGN3drY22UL/SaX0m7L7STc6XteAf1Cj1XhwK7lfRLZWdWReydQI5ZhwV82d+anWqSJIfWNbEdcYJAZtKyzr8PXbGUUk21+gFqV/+XMEe8wf7u3duoHqDLHWrIOVwSThE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>qKu6XEany3ZA5gQMRCV3K2UHQmtkoPcYWLebnADSwEUvYujozs0xMhddHaKzTVLTnGqpCHoHZGoVcmPeAhGjDjUvJV0Fi+sAIb/MOt71/e82rgiV9GbcrFrzojycqb6CmLBm8K9mX5WfsD8DBcu3AJk3z87zAIABJEReAzm1udI=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>96WDNhBLqL6IDiEUM+qvD3KGBeo7/aVesYxssnc5qud3+MMdUbtCUkN0lP6i7ssewD6YPAtMY+JojjPJ6myOrKwyXPQCndEtYxv4RgaJyW6xYI/ZzMUm/FpwX12eYcmrNZrPsJqsMcRftPuSPcG8WhsQWTJAo1/3QXuGJKaW2lvO8xT+wh0/1wgiLM4hgMkfzQKYem1wV/txS/mG20pIWz4vPjNRkw+vI63Ln+HWXDXJKHo+eamUhnn0obvLwo6K0sxVEtetcAH1iEdfnyNXZhZ1BdLENVb20HFvZQVYqaJZy/e20lj+/o/tTaw3cXOieHzkVm+M4aZjOnWiuHZ4uUFCey1UHP52zh2IyWwGfiNsR4ChhQJYA9YCccsXM3W6XA1zgk5GgVKbr5mf8o7+d1Vn9Feh5Ta6xnDK0xjHp4k2Fedt70LMTKy8JyWXxliLuHQDjBpjhetmYYWsGCrr4y3UAbJZuPOry+FZW3qwrJt3/K0xjZXbB051HGjS3jY6iAcDkPHGNi/30MhsDr9Ya48535a+/z10h0wc3naEVOKqnyunOiR4AvwlEOL8ZLde8gJPNyEM+T9wNVtchRCKl6zEvvnfr34HozX/v9QlLEE538v7enPoPdKL0wOHYeo2Yi4hYkcx/U8g7brrVzOMsXCrVwbxfbsDpQJLvXooC4LJpTO6hmFBkpU8I2FoeqwdGF3ThlA2/xxPNpQFt6H+alg8tserEgrOWuLBtUtYBMSMySy2f8QaMGsswQVlMEEB8wWZSVn0JsJ1U1klkEPCGD3JeULi5pcAf6vCnkGq9/HXjXpx2UdKPvyb6CxrPLAPQ7r80doixVOwvcuwTu/mRwIIqWJGuqU5GaD4UZQcPKHsSpbJgPmV5KgzC7VPE6bo/KdZ15Gy1fOei+CHFcNZrtPOP+2CRBrcwZp6wvfgII/9ekwgL4SL5R2v7cP8fhkhCpVwwwNdQE1/Hn7QBjELcEA/AdOtc65DugFPt+VaMuJG+b5qzgjQN0xlX68+MmDwm1BDtZ/Jx5KXDjBDZueNNEAxB68N2p5nNhHLKbVZM+e0SZGFlPqa+LMD3BQ01Py+Y2JKH1Hv4MP0YXwdqUpOEz8y5YM+Jy397ZltwwFOGkqQ2IJhUrx6Tt1G7MaNlJgJ0pmVif3EduDCGlUJQnBffMIg2MQpuW8U3k5oxTeZx3sPJiTRR0idroG5fs75eWx0XSGwI+54cI7xEwpExAmbg63YwXQgGe9Qe7FY/dBEbqY/sJi6XXhDQVJXle8zWga79sduF6GHtn/E44PbCBqoEhT1D0RGGqvCetPKrQUy+Q3QXFCBiTuH+BwSCkFQcVeYXnpekuRbKu50prcjpr21Gq/UNR2QcgnLiPgSVDLQE0JBWB/Ych+z02Fmz0Lj7aK/kJqqceUoiLDMw7R8kc4451dGph3m4WBPXLayI1/HkHsoPf9eIHQbD06oyXyP3pQYa5O/ekN9Y+DpzPiXI1GIqWwtcGZTlunTgCPVN3Ul/eiMe3cXl+Nbf2Oi6Ef9Dc+JVYwYxpROVzBr5Dw8ciS13Kgc7n1tjLYsAT0e8ZHXQbFYedXTw1I+l3lc+6uZ0It21AzcGrUyOtd2ZLaFffGqoSg95i1+HVQTs1uA4DmDz0Xyq3YRJVbt9ifo/Sil34NOROUioxJX214Ibyw+wVevaKsR0QGyCUaJJBeahh7wAG5rjypXO3BGIunCjMo6cNYT/BHvhiH0OXMtPCFZStOKkN3VeeZFiIExyTijjR3rCh4DBpmFzWEWL2oi3iZYhK1gt1Wtp6y2sz7snIBUww4bp0f2dYriMpRpPA4pQ1FIpdoG9gvzRY0ocblY7PMU6S6N64BNqXsSxb2CSXW7uBRE5C/PAwA899EUnQPbFZ+uglWitBuK6fxZUZLmzLRD2uv6UI9MEMB4kzBMXdY682BDpFMSGPHqxQokPTjZt3ZzIGtnwupSibwIJQY/LdMXA7Xz8Kz7LStWMA7Z2CgXpaI8xkbMBx7+v2qGYBjqbSk5ys5sbhE+raoMEUC1hh9L/tHOrZJs8nvBT0mXBKo/XMnqzrvX2Qu0Daw0SnjDiCyvot3cH6trXOdS1EgSER4cOoLHBEMkHPOYUviajOQrRM8WwrQLoEg8favu+oaf1YaGHc3ZtaIBw5JjQ5D29hQ7LXmzlteoXBhxa30sw+T2Xz/38TCiLbJVbW7jhys5BzzzXSaETQ4IECqOaQjuP6Yednt1h3HOz+ZckEeRK6hUmEVggzdg4nXwTuq2D/sD17zZWKXWMYQcI8D+zJXo8gk3GIZP5BfRTVsTgn0kKu1RDPLX++L1CA/Mqp6sPjTUNs5HJZuxU/IKq/jNTe12YeW2QNnh6CfyJTM2llQOyXd9cpFDCIlQZYHmDCO0Yk+6Vjz792CcRLwTs1IbBr+AXKmRnj6BZL1zqTvw/UtI1R3eBfn6rDTtwdvJeTWXGlGrkGQmoKIGsB0PSHCeCxpV+5++cA7SYqWCZIpIEOfmYIQUOOJIqkHf833PzAwNENbpjvRBbX13nbjlPC1/rzx2zHMVomTJnoYDkexWBAFJLt5pLjFIETusPJ/cBsZGVaOpioG7EIAY7se8OJfaaUYemxLDzxXYY8KdMYB3ySDAeg93Q9mrZQemMGgdy8WTLWi2ayCPMISMHU+W2ydc+7UdQZHLCPpyVkgTxKza4ydvg/Q+BB75AvzW7NPM/TZklhy62t+6hnR2ozvV63oilgHdAMli97tAyCIzqCx1EpgyxBWtod1XSl6VbEdVmkQm1Y/R1YivDuwtPMKzFqakgkKhM+/2IYbsJUBK96cgDUQbdFQUhyrJlOx501BJH71OY7lgMlRnOFz2JL3ttxFfFdNthiaanAsxxmFW55pWsQOTw3mJsx4ME5jUycTwuqo5zHyKrbdittk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx52ae6adf-dc5f-5b6e-c3a9-7a394612ac5a" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx52ae6adf-dc5f-5b6e-c3a9-7a394612ac5a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>OOE7zodTLlegurTE7m4YGXGwnEs=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ERzF/DoJ/orXe+SccFApIshk97o/t+GfWw4IK85Un6KnAPiP7sTCSuprk0yuuDiL+b4EGuoXNv+DQ4v7pdiY1U+2sLGAmDh66L8f3nWJrBp1vZpb7tfWInxk2/wCsVYNLUL7+DDBI3K3RiseKqRUgh/Wf+izeor5VvqgfAQdXHc=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>AEVg+NihAic7EZNKPsKdrg6ENX16uc+RFQ4WQcCjewdvYpsDHX3rQhJ1bTmLpu2VJpw3Gs5+h7mNU6fJaYlBdOxn/8bVBlwU0U7T1lA2vSK4Hm1XGpATf4AwE37MHXe9EDksb1RUHmz9J3RVCGb3uY0oRw0G61n+5+zeIjmc8VE=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>5p6t13W+frrgMxF3pvO2G/uiuP1BxXGthsBLQUZvlL0b5H5soduGxLJK8NBJ+emBKlJHEpmQ793IwrAdVAJ26NpFcmgHq33eDhC+4kUG/erAs2StTBFf/jOIkeVNzKhdeO9Xw31ThajUq1tSG5nKNIv0ISO/2Rz2qs3aWIZM3yJtpeCIBRD6PXJXKv8PPXS7ez8mJRlU69+yvJMnTTXeTQjr/Icp8YnBVFJQmCwpnQ6SBxZxQxhivMGOwrJdLfARGH5kEEkJt27qbKF9RJmhSg8hSpXk+jQQ4PlkuQYqga0W+Tc2KPyh6e5WYH0VvyaB4c/yrosRoJEEYeyyme7m9uUUxOd6p6vQru3rQsXUJV5ev1873YHUAkZVf26no4sukExL4SIq2JkMFukBEWD9jUQmfqcL9GfUOYnM+OUvLiSQEDFuDT2/P1kNVehjTah0LCZ64nJTmARyWPQHiQaIbRoLbid7j7vAQgyFpOO2sPaDSbYgKPuxiCJt0cIZ+q+qYoWSKfsNe1/8/oUWZDaQBYfigXBxWVC4y5aE8FQ/dVCjAfmDFwrZDX00qRtWKHluovXt0Mija8FlyeExO7xDRZGEQiSilWaEvEFfbBfhSIZYoowaQD6FLvgDkcYD6Lr0uiCn6jYrnrQpAF1QCpDlikeVu4WxjnnoJLT/TY4l7zAzztpTAmA8isgHZ6uz+yHzqQ95EAefTPLtfSvuGa8YA2b3m+hvpWcz0TsLJhvmaBY5AUTnLvym1Crw45/T9HSW/0bajFZNvxQ2D6oTv+iOsnDOz4Z5TfjXosTws7gv7NEaSzgv9m7pKw5yRuo+tyDva2sMkwHk3gZ/AYKNqWUOUzZ3MXsXaBOrlbAC3XJVIoFEnM2xUxJIUrXAS/267Nmg8fLRreixD4BRw5EFI855xmTjmS/dM4UCXlzxtN44Bz5f0GRrvM5Rb+XAFOfLDqPtKkWg8StSQqATXYq2LUwkeKlkvo4e4V8AB4zWIJ2j45mmTNgxrt6FQFj7//ZqpPlEpz2Ul7NK+FC1HxynoBbDsTFRJmdHV0rLC96W5pvqpeS6tsMGoNfE25DT/X69nIgzkzG25CBMA1+u1s9xV50ezXJhgnYbiglD4sk+c7P0abRywDoGnSDXypeLtUg5UnBFIoRiRTLS5fPYwf03v0kV5HDynLMG9K2ta812DV8/AE37T6IJMBr9l7P57FqJ2jMMYakoTaotQ+TU47nB68/u/hrYRCjHJUZ8xg/2nbucL/W50d5nyJuZFU2OhU0cLdAZRtsboKL5utAcM9DVUVFhBLTp0gcn8BbV7BqcBdOEI/R7tImNsl4wTewqm9Yv+lOdLny/3QyA+JqxMGBUVDv84JpwfPM8l3i2+DXRslkpYLvVvK5x9+PYvpp2B33DHlFABXN7WLKXJ748t+PH55hXQFFzlsvBAgdn1JaxvcVo8v/nBWnV23bHiMScmfljqarRv/CBpqEz2cgwruW9byulSdilfCgQyV8ynBDSbfxjh/zcCAPLLceiCIzF/FvDKC0at/v56mTxlzdWp/rpDVKK9damVdcvxP5dlPJxDzMjTPwsnX4MBZSz8eE5SLA3BZ6+7VSE0cf/9FvPyhztN8QzhEOJjqkZwOi86bdrPgybJL8XftPowS2oKNmE79WpKrMjwVKJtWhULic5niC2nqePIDoFonYGE8h2r7nEJLDc5HvmjhMY5lyoWR+ynpAmMJLNAFu/PWuIFCN4WfDKs4qS81q+3W4vhJEAkAvIzqZL5gHkBsMT8eNF+Aaak5RyUExHtVfrEJSVVI9rRTXZMK9jd8OFi9vnslGAsk8tXeM9KZGTBrXgxIgP1tOEmXhvD1z8hA4W+6YL4/ugbypTeyjxXKtUAsSTssrNc/Mjov/VCx1BEjc6p4YSTbAi6V1Flnch65vpCvKs2tmEYJGSCyaoFAAKuSRy5KB95SDp6dJyWY9DfcEngbEqURvSW1ZFCJz92nEEiVvFJAC+0b6QwqkK9nrqxJZykUbzl2SIpYR1+H4dITBabd9showVM3lJh170DCYFQuogJIUPFs5wOp5lxCg9YyGInkvO4hqm/nrRveGRXbOjYytNhtfdw2TrkTD1QP9JUE+aEmZUZtt08nP9yiIIATphQMZcZlPrmk//hkwr4uepbV/fbA6/8W7XlQ+GZ0k7mSmFY5ZWOP5QfvwhbEXmQlvkShQak1yBY43sffvuXGRTWnEtcqUFiZgpb5588C3RCszshp3O3z9uYXVoKFRCkzBakKdiMQcI3m0lUZiIURPfhJMuXbD4MGBV2lrRcHMhhvOYEVkgusdwtglJGeNqnjnl9F6x3DB+LXGrbSDK3Ok0x3j7qv2AWHUNSvXmOpOqgWsiQYSgLAWUm9bD/tHkRoWdq888jnpruEvisEAVqTOM2n8tHt7VwTi2LhOkCBZwueWfoOfBDGhOvehjr+FUPxtTfqrbAr0wHvzhNSQXvbaelHELJ74Vl0NRXZ2ktqzIb/QM3FX69c6NuHP6qoekCaUbPhuyCbYFMMvj2kCLZ8DP5PuFVk0a4aarTpyr6nAC9h/DKfO2tlFHhndz00+uycn8vfqM+zrcbJZK4lVLXDssynkzEVky1QBVEBeFX5ISq6dPmlwlulU0Jp745pPSLBAdEBFgB6+yQ+ALvD3QIA85X7h/9FfPWMcA7n85wpqEZh4foobAziwaRRS9iDDq4Rvhwe7lEEfGcOif/yXjIAYU94/LNTdsbEYdwF4wZJVKHoTYYuZ3MKgVnQJK5iX/cMgw/99cqR89nzJBkNaIMS6cH1LV6BICKp8C/VWJJDGh0jgOdNtHQp7COvKEiIXUJyM065SLUuAaLsWY/kPPHZAHV0Z12cZb42y/AeSvbGvoeSGExVvOIOusoyDK2nZA8lrQ0i90h07STfjZIpUkgVdJ1u0VeacU+q7LdNfURe3L0juN59BTq6OvWiBfnlCmWb0V/NkqVYB0GiL6mJvVfnSEFDJM+VO1W7B/0Gli/XYQxbRCFN0FM4zPpYI9EAKAwizp8eByz2epeok4CxxD/wcP8dJ4gECe3CKg3knGrO73ycQRuoQaCLpAFE/lLpDQEZ9YIAQ7YfroxiE5LdhnFdwvHl+c3oIxGvGPFJ05xcdL60WF85xHDfDfw4UzEyV0TQiZt7o0cbapGPEAMfMUBAB0OwlByRz2tH/tbgvSnumygWLY3gAaJ3BxAE+Fyus/w0pDMZs2CBZEOMuZSw6dQt21z4kxEjzrwV9jD7lZTm1bgcrjHoH7GI3TQ5FYzYcRar28MHYjilJUD5loKQj0tFOYEuG5PduNxOUU1XdZj7yWCJdXw6CYYc5J1huoLZeGugY9/qrcnnl6ERvt0utaH5Kn0nGfuTFYVWi2AtBU/lbY1ShPN+FQOCdFbysXH97yEqFv77/5AnLPNB47206UhJPYhejAp6trQO3RVUfkZ7t9yv+riLl4sjaFgw7b1NkdafGy4eI1K1SEjH+quBn0TEf1uIEKx/kWYDiyJKSwmTlsPL2H+NgmfrhZDGPdldLHk3E2fjOpxzhvJo17j0pX3ByERjjjrxLD9en0dM8txKtSBNBzOBf9UpfNecjwtV++D8JPYeX4JnQdobrPP0LUu3NN86HmU6JRYWFUZIr0xm0gWQIKfuYW2Tp4mv7Myv+tLmqufKSBJWIpg0qTWIMFVofkkuOGzOKjouX38fFuPV9C1mKCYLToCXfqNZ+BsY1k6cyKoxYsShzrAEXhaiyEDDoD4HCISi3zYMQZwewqQ+WGRqLuTgwGiJO5oRT1rliysstmfFtoy6rGVsbXfyrS6iXmzS50CJ5+/mtl9zsrcWtHMHmleo8vHksVlgMiho0uGhiAMnOeh1homx3JojQW3697lruYYudGnjveRAoFOUJ1W8XDZzSHOjcYzX9giv+kK+W/HZCmCixjI5nY3MluA4kNopCuBsKV0zcXG4R1tYg9DrCh5Zr4zcgyICIWhAXVDGd18+89FyN86F7+n/kX4aPgmm8Pp2hVryMZrHc8e7+0fditLEC42N1mR+XCOJfbcmanufjz8l/Rzc/2GheL51JWvaQcAAAUhzVgpg5GXFbzN4LN/g3IatUW7Fptp7j6pjP5uSzkC5UusEeymS8UvKm+1mdjPV8rvYPhtcGyfknnZRlKa41LphAAcvk5bXrMbIdaWp5PbBdsO2WHN4cjREjQRHXPnurK9cEQS94Kei865faiRIA4QXjgXasOfjJIdkeaGo1vzRaURZ4bQdU3txQPTkboxYk53dMOkS8FYtqRlgBVuZJE6CLA2yNvvSXCjqfw5VzQvcpQnvqmNWSpWEEejL+9FISqHDzWaGQ3ZWYhL+Om7rW2CMZYav3C+kQWEbN7m5hrJHkK/idf6SJQVKCcbaRCjg8qWNGNTuk1RgRBMPzre0x0NQBYGXwth8ZM6lmRV53rCpDRKlBnnrOab7tP3v0ks0R3wyHrOt6oQWmoinqMsfcR3GCb9pX2r4ZDFAnWn0YgctEXwNXU2z8gQe7zCWV+m3VIb+2PbEVoIwV7Ag5fYD/dnGp6u0f+2jHghfGCPQR9pDX7JIKKqF72toATh9/GG5gq0PTz1y3HFSF/U8yQZ/dPSRztpzx9pLE3rA7zaZ74iyCY9NbdKaxjW7VVYbCbI6tfkv090lwmgyonUy93hzctIttViZrUZuEUvUr1fWhjNYwhvAense6SYZQUSLHUcNK//m5POLPidJdkWxLNk5LjwbclMlv8k6NICY3vdZZv+cGhNjyvCX+dpOEM40OtETH7UQolieeqAb56/m18HyC17fDdZ4o0xEC3l3mDYjM29Fi/TaNpK4TBKiV4vuAYeBhwwuduYeSWDZZ9RRW/Y+R03PwfYTifKGDstQDcv3EUuO0YpBupHs+erhrKvz5YayMCE4HVzpLzaWOK1WsZOwVebm18ZdVcduxbjV8KP4lG4pDo8X6FvOwWsroMTeoofyJQ6aMUFsN2WTmJCOIzucSay9V0z03RM+a1IWHe6D+H85dEl8l26vAjbGKtN695retGrc/3Bog+zMFC7fFMcBVzMbU1j0pQ/Da0WtJAyymUN1I3Vrjjo8fCAsQbrm+byetvRaHH8OoYZf0Immef1qPetAmp8Za/X7aot0w1ZHAEr+uf+11ns+buzK/Rn+zgtcIl7erWUfiutpWXKEYgcSQsPvudDt4mvHi9YIMnU+nOodl5xngUw0MLtrQWQE56mI5cNAHpuhpDdimRlqHeHXuYC7BNg3kWIteqtNP4Cvzt/xrJICbFLuoKt5b/zCL6vYUHPB56GdJsrog14+S7Q9q/g/Wo+/4YFOOHCLkQOeIuAA1wXc6kGK3Q6/Qf1URjJ6Y4CCMVJsKbj2rar47zRqE2lQ38E2QFaT5EhUTh8m+7VmoD+GiqIc0V0fwlgu2UKfkCvwemeyh14s2QMU82NEGiTxmC2MKZXypXH5jk/3nzxQX27RYnqSI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>