Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx8f8602ae-d154-7349-cefd-90ca4f5e2801" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx8f8602ae-d154-7349-cefd-90ca4f5e2801"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>LJ0WZ6k915xVyAYQ7/MxFmIFAhE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>AVPgVr//nqG54jkLW+iy1544Pr/5LCA+7sV1KYQR50g5Snf6ZYjMBO/Suwflc9jFDs6+Ao9La75AwKe6R2taRcI3HMpK5EaQW09PXHRsXNghOzyzcloAYqIVwvOO/LgnGAWtCrxz6ClUeduNvVtN2S5BIsbgdPyXDSIueUVw9Kg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1b24f149-20b1-ca49-11dd-9f81641c7de4" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1b24f149-20b1-ca49-11dd-9f81641c7de4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>HlGekP6G+zaSP9rd14FN0SaqmNk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>MIbPHng2vEGloj3ZkYKeggfhI/Yh0mka3dtgQotkSKHNQydwvqck7lTRRgnomHqH3FP7EY4sgPtQLnHu/mk9ExArTOKQ+1XYEKvig51ta+UhBevtj+8QGT95mqUjhmOh5ojH0Un4zsdrceH5TthKYqVXueXnPbx0VwzWj8egzZc=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1af956b5-0dce-4fd3-6bf7-6098624ffdf3" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1af956b5-0dce-4fd3-6bf7-6098624ffdf3"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>MspCNwvnoDMSwNaNBkx/KN6rqYo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>saKdWYM4EQPpjkwKKqSN3dcwSLBmVi9pMbPQLIK0nk+hmWEOr8E4m4fyw/O4MDANenTLprvZ3ilULCqqgXcmpFLZvbFmqGodp/LizQgxnjw0vJJp/BoQoFgQLUJ2lW2YxrvbAM0pxrBmKVnyxKIBvA7GNy9oHXd5cPfp68/bHQ0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx88b773b6-3d44-4eab-edd0-2096a9e83423" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx88b773b6-3d44-4eab-edd0-2096a9e83423"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>wOINP5actXpNfN4t2amN06vrQ1k=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Ugqj753AZA+zfi+b9rWVgD3P7oZcNftaGLuL5j8ZAtWL2aJDidhilAdfUVnYottfuhmhdN9P+s/2ZAnvgsFcp65+eJfilMRjnaMb8BlbC32yCswTT0v6RAxmw2O0YbvVE/kdzr21CA2ia6wMCMd4MxfQWRVgfI0uEq8sKPQuGqM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>eLGLk0KU8uB2t9YFO9n9X1l2gxt1lQ+s80hEI+bLRP8MgjfpBzuAgk6Y8XCV/UFEjjd0JWkdgwRIpp7gBW3aewF8HuLig+a4jRrHopImXq9sVXiiCrGdsfZIn3cq755h8pYjL1Gr09vIj0M8qoniuGgkwJ4IenAfSOVvMQ3HAOc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>ts9eFUI0wmNAQ9uFw32uI8GIzSMc3v1SYJyrBDcPXwe+c3b9n+Dp0u3T9gm9EMYs8a1M7WJbwU2RttPGys9jAsgutMXIdE0YHIy3LsiT/nJzd59s+7Lh3QaJKK4JPoIFod1pV/1Kp3QkJe5y5RWbQ24VMT2d3njaXV9QKK5fO2SnnOXfhCVSrr2nM1IRPQdMndxt0oS/bNk+6sVmd70DRj+FYK+/Zj4nfUHHdpXdXxeKhiVF/N177e5WpNhbCJ1TMOzd+mTwPB3dc9K3DRXpbUGsWSZUAa0qKGDfaZG2aYewG6LylsuxR7cCXkoepeZm07s2w3GYgPdTLqaH8e35U/659QUYLcMzBUAJ6+hQpTZWLw33cl4aglN3JRVubBOH69YDDblFWbxdjwDzFlUPC5LhZzAK+WZIxXug+h/ACmkFm3zRyTylj3qGm0ZaNytHHE0l5cw++nFGzpCT0hV0nYDds/oW2qheEIi1VFi4UB6RbTamUu5U6rXn3aMGBFpveH/hJSIl2cmX8RVEnE61Yz+r4XP6MYkXTEbdsECj6aWJvwkPSKGRxUXFzuYhDee383av0i16zTKUUcsM24M32yQJ7eRnUC9Y1wAtPsst136dcdaOfYLmGEU2T57CZLfFnOoGUQOUJvHKHuaYYngfzqiRaLjzHnPjxGYeebzucQ32rKW8/06m84jZgnM5jFFA80Z1C4dbFYjqfr+2mtqybonOC2a8xXUcUif9DgL+bkAGUm/D7qkpiergv1wZbxrqduxEwXm3/v+R7NLFFZ9IOixgVhgddVLNgz05fetcgix68MaDqzC5bWxUZVbI1KFa/wXhuH6AjnPuzowpkEz2NF8pfkhl4H+5MeZDLMiPifKxIaM9yyJYCN4sf2JzSbIfltugB1m/oz+gSpTcdGXY/Cmy+9I/btw7RouRqGKuyo69dd8XhLqe42cfG1yJ9duYmy0Q0waQgdf4qwCO+Zj30yvr95HTn0Uqqvh3zKda5JpUWlWdrh5BTZyIv/1LOANdm0t8qadcHca2JhfdgT5WCYae12YCAy6Y04+DU9MnBBkwa3pmIQpZOLs0/M45bQc9YeW6Vc6DNm0B0+EDuESqylaB0ukaZoK8YVEr4m6MnYzQBjiKFr9/n8ozSKJgKHrE2cPlI8chhgBQWsAXXO3mDzwhSEx97950/3TAkhzxzw5Jmty+Q6qzRTgUAvENyIX5QO8cK7Qn7bUq//eD0EP2+1dZ1h3WqXVq6H+GaiNx1AxO0zfhKG3WS+J584XwCcf1dRLAecsSbviDb8opZLF4GsJt+Vesw8MXoQb/LYsXCbya8TQvMyJcH2u4tgz6gKndFR9TZAha8XD3q+JO0A6pNGWU45XLmLuERYZuK10uKRdFuReslfGZcJiAboHGqOvC9Yyu5VQHujOdORXXv9dx3KtX032fT6CFhDhaiKqhHSHm3vumwCAC8sjIP/2Y2tGSL+j63XS9TBt/rGAtMt5cUsFy4suCyiDSIy/fGCeeKH/1SQ9c67L6ve+RoTiJ0QcL+FEUteS8F6NzxFVhL1EsJ4Mon16tcX35PNYpL1ReRqHSUw15fqmMydaJ2b6R6xhai1AvU5D6UVGL9u3kyngLh+EI55PaM9+OueaV3Q7UKum3/BuxLBkE0mV7RDs7Czgk0hRs5cuC06uzJP/zfVZjD02vDnHIz5rV/N5MVUAou7UU65+i1bnFlGu0RXnCwhfho7x4xtlUOrQIoHTc9LTsGqXv77doL4yqw8qbl+WJ6oPkOSQy64NFjWRMwpeSMLLeuURfJ4n67VvpQVs0iKLyp13mSf+q+R7NQTMaZzN6BKAAc1BTq7/uCJOddbOyK+f9bunYFDM+kYOFaQ5aBMhn0+ATBAzYNMRsK9bzkhBKcfuaJ9S3AKb3IOXtcD75QPdaJC51B3DPc138KlVBIFOoC5EFpjj77mShLn5FfVRRADCC5O+XzLNQC1mpibXWzmGvTlInJKkdxbYd3dUqXxJtHV24CNyZbD+z5hsKhAPoPzWfJ+XjiFOeEG+dd0FfsnlQasHpL+p3l7UVGGFdOjMtrDUD8nN1NySQlBxx87S/Em7lTt7hOeL6YCgyYnkecHpy76vHPGW1RILfwAER9Rv3XethRTQ35S8UY+h56clrcoj9Ter2xEQsDnGyjIS/Xyj4LezqEsfCRoy8C1hG0Xq4q4BKisjy845dVUkTnEflm703/sfwXcM7f97u7r2RPsUu2AuEaP9CGtUicUXTQmI/xs5RcvFgJIkG3nABakwWv3ySIPOdV/zGMeOfWbvgSKMeimUQgvNXlrFJo5rBZ7rTbwMSxP/pfq4suxnsvHQpfoaYKttgC13hAAYjpXA0k7qVpMkCSdRqrghWl3wAy95OVzGHr35NbM64am4sXkQAtFem9Ywj6C12fauK98ZdhybvwL1oycXtwh3ZZQKvlnQWq+3dH13+WgFx5/TGRm8K5IsdynwHu7BnQgpLfjvyOrsoilsmJmp8rVCSQQoqV4auSa+JfZSO+E+TxkP8nGWXS/mwEf8HSHMX8BksFaMh/2grH3Ecylfm3pxflDjJji+DF1OWbhJ9nMLv2Jlq6C3N7xHnbiAn9tn2Jnha7tLhsE/QqR1Lz14ZqYAPIM8orDv0VC2HRZ+Dl3qEZElHaG3HyZHVGUtALQZmIQ5FldGsKQcIG8fvKbVstE5RXwvCSNP0lY+L4fZKXhghfb56v6GV5EB0GMX0zKakQ+lQPqK+pcHWL7Rvt9IIMQOhiL5l7Ub0AwqSstDjFOYE2gAlNqMy7PoRIb+6Zv076meEQq2Tht9I77AzBzVWF3rGBG3133878FUlYI7chKiCGBHL0Pn4HP/amqKBckUf5KSAgtd3n22sCABgzEiARiIKQId3Gh/2pEqsq/TibuYX8zLGl+heZdI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>bvpue7iUydYJ+EcpCAXZWsmXpbz/52H6MEjjzJd+nRv1aEBeIcJWrsEE9D2yVXVpZgm/3yhuR2Vw1H+S3F0r++IC3koaRQ+XtcdmEWuPjLhkd1iUzqQW+QlQmGihwMKfJ6jNLbHhwla8RsaCCbSbiJuwTHCauEC/4pMJHcU1my4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>zxAQrELNPJq4NB3VCAkyx+fTpWgO6Lw9gcD/AVSWojptev0dNGtclmIPw8/e+yZfnG+kx1g+Lq/1YTp5dIB1jJ9oxXPz4JpneV+Na+gzrdvdxxtXUGnAp6rL3vLQeF4mkeB5Mvi2Ti/qlVFs6QJzy2mrsc6R6Bov6Az0Mx90hAEpVyeP7OeO4cnE3sd1KgqMkXzXJCkGFuxdiQdpGBiYhcO9flvry1RMtjxhHzTbWUmgy7KB6T7kksb94JuqHHQyEpE3qJ2oVUfY6/VAnHtUbDLH4oWM3iJ7uKeXd+ndDM7G+fEq480LIJ3JcLMLyNETS5dHBOOFAoBIzjjIIHdPxjfYX9SqEOA3sM6F7GjMjG9GHkcnbYuhl+4iSy1t6Wb69wGgF3CzB5BU0UjtMhmRhST1QCeM253Tw4CiOPHzClSOduSpiZLrcfvhNwBMynpcJ9JtuTwcOo17WxZNffzx+/Tb3ehhqU+/yNBwk+XPFOx84r+xg/HiRr0WpI26SezqoPAOA/la5oiCciC62F+TqIGumPUdOM/IMX9saXuLrizhXYb8pTtJAHPvVaHJMbR2VUe3ZHqJxL52BdUQib5nwW9g4W7PeR88TVKqi0bjn8NQ3xGaITqkYJMyHCFs8dugIiRgKMjgrqEIxHRiA6Mb9B1vLdMeySxUozwzUhH32CmOtSRyfgr/3nenVINP1NvTAKcLk8uO+oWfNW6sYjGMYD2pSFj+D5xJcH8WDmEOBJdFCSDx17VZkhTiRRLGQS0K+FTGXaqVLvL4NCrd58c4SyivPWGMZ47oTB6ekfdZMwu7JDkIIIj8Om2TyHz0asdahpXkIh5eoxh2goR8Kky+lfJ3VkcNWCtRdhhY7IQkHB0bXzKNd4E9ms+XAHxIg6AQ6HNsYg81aKqZIIqKJVLnNs9/YIeHFx+2o9JAYgIRJ0rlRh49QWQRjfq8PtK/5vJWEnRnf2U09rOlGbd+Eab7qrE0VBEq+bujNAZj17D+QSfyqoAf/SJ6aG/BHzbsdQfVGF5ZHDIvJa+a6RO8GnZvPQPOvbUUMTpvE4b21f75q5sK1c2lMD4WaNumRycwmHB0FxoVz3YptBHIhToZ7OIM9cTU5zVqsqWDc3eweci4A5ue5JUX8zkCRWAqLoCeGeK3wTLonCCPEDKcPy2uPNjnYeE+CxJLf3YDtnn3pguzQkkNLhuWk5QkdNHI5AOlSTVfSfX8ZkwtxNJpzqNl2cxiilLP9+a3pYQF26WxyR++GFiZ8VDiFWh4EE7o9jj0qidkfzf4cjRP9hJd+p1M+BqGwqGBivpn9hizyl+GC/BeOgvf7ONPiVMYiY6MtMWSmt4KnYRqx99a5lepLwuTsR71bfxiBmgszmKvjHgcQQAvG102J9iH0Dod/RXbaz34iIzJPi/ySSsqPhh5qs7/eG98OPCaI9r4dJvQbcu2sl3j0J8dS57xWSqwJ5Q3Jq24R8DMGmqgpfazQqbC9nvuOnMhyvyEpHMYunhoTL7SKgG3K47seBz40P9Vq4RKmCubLZuxZOKGcETVB8NYWbZ8GH89S11pabVHnx7ztcZly+PTRaQ2wAQPJvm0/LesbTvwCIWxuUPWZXhnJ0HAigTwYc365UkwyjK3+tGDwHx1JE7pP0aNFGtyHAi81Pc7SFuBbnGSxcDBHKRfTlh+ETmLjBL1Pm8fentFqUAOx/A4xw9uD6+NycLS7RvfgXcXlFfzJSlNHGNahPFb06COflcU77xZfCivO5GvL/uKq4TbA8/z9QVgf0a5vQ7ru9ek2NfYTst8PU6R43QrA2Labczi7uyI7+eWxsK25BbAX4ivigQjIr8Mp3ZfLRSJvYwnmbfL27zw0UAmNIWDw2XyRPhaNoD+mfQUNt2N1eJ/3PKRCA6HM8CH//p1zbi0gJyvDirrZa9v7CvyyXLKuI+vxd/oQVbCDoCoWS0kFzFV8qLoesGcsgr/P1rOcGpnKTQwnT3JxyMH8gABbtEz+tEfLAbB4OkGy25DEfjo4E1BX3DRSHwFXyox5U5uaMBM3kCr22OSRYuvuhgAyJWsXrTKsYkJOE1W4yxbOcpc4ubo23spGitPUGsw2iEBNIfR8Bi4V5RZfPDMPSS9Hu+8ZO/6Pe3mNLhSSpMpduTVlUOEzhj26FEzGp6ZSlu4mj6atD1wHPGkxooOKUOoQY70ySBepu6d3KkhXfq9PWZj/Jjj6+J2fUhnsbnaKl4E3ViOYv3/zjFNRg+enhrSybsgCGQP011FZTuYHi//ORSXVXPajSv6bBhnMJDJ+Os8Puiz6OIPY6xLou71nK7Oevo4hfXnTG/soAS8Z+c0Rp4TWMwxElaYn07BZgXWVw8b5tgoPoxTjGqkWySfMBvB4EDTkmnD/lk2E5YT9TpyY+qOtYiI7ovwCXzUBLx/LkisOEqIWAch+uzhMWLJHKhamU0yJLykh94ve8xYR0LRBaCq+xSN4nhJ8/x/vT4ziXyV4ZbHQmbfSuL+/4lHx3mCfU62ClnNVeDvi0f8oI4GM+/2z9giX6JOi6lJTQ2lBCaSM1tyz/wvZg3ZFAPj4eBK8ANaUUZKYt0UaG8x5HJmBK9+o1XOMkkfgTnHbxS3wyVOQPQmx0GTz/U94jjRiy7KHP7mzXiOw8KFrHuhiwFlC9xRhdbR3yqSH1kiUq3B0IwMq4GYIFNYwN3vGqufVJ9fEssG1gU4qSyzFe+WszUTBoZFUA5z91kqYKQQG9zmFlpIv4WvQTnqX35/q+oCb9LF6+dT5znb4L8TpWdM6wnwU83f5P5kSpC3PGM/I624fvNy9Psph7Iu9f27ZVgQEg0qIDgO9H14lcERsW2JjeKurCjkQIIqlp0cIXLzVhU+yCDAAlfNodlHhTz9aRorKsDPb0Zu74d5WApgJPRa6ticFSnT4q7wYV+S2B6ZHDo3CFyyQQuCv8Hu0AvPUheZVUdCmzEy2T80N9IfLapWJrZyU2/c8qYzuCx9C8eeb3pP6+5pN9gr04twOcuG2d2UoYDmtqZZF76ErhuT9npMniiSi2CgidBwUD87s+H1GRvmVAnlhnJ/wsTRzut1JZypP1PTos07PhQx6Y9UNTaCVcGgvsPWgbFDodtCOBBSkTBFNbYPRPuH/qK/DPNjfmDmlg7Uu84UT7HfoUYxstoZChbeP1D/FOMZ79+EYXgRbqHeX11YE0DMC+x2cDLwebPi/RHPYEiATOIadDynrVIsk3AJdHxznrs9a3HGcWrf/4G0MJBOaMmBTfULJ5bOensTBmAVHmeeIiAS8af8Ha4iinZaLQDaCb8mTMjDjiLNY9iwODI8j9oYb4reetRzigGCMqDAlCDPsLqoG2iC76Mfn7tNq5ACd79uZ4L2e6BpKxHhbsK24Lqr+UibP6dTeRDGx3q64nSYXVMoVISJvWTrG6AcKn+L1ltEbhuqQkOSN5kOalIIFlFuxFTsn+4I1AcQSyi8C4+SCJF3mXOZK6evEkSEvtdHWJBA1ADCnp4b5eDXTc6I7fyNphtvsX801VOI42Q9GBeqeX4JuuJteGKsVNKlmHyX9UEL54RPlaif4FixOYP0gSAv3k6GR/a6kAEBHDseXgChuymTDvgpgEI1gQ7KzbX7s5H8HG33hPqEI1dWwXX4V2QAWZX/nHvqwT5N//F38YyQ5Vu3mncw9tvywmpOzmcri1PZ1PdJ2niogKPYaEDETev545+0GwcwBa7FYijvA5l+jCXakbgCdjk+40Bk1iiDDbgp694bwYo7misvFaPAnQHA70NndzYqRFQTi4sFxRC7sIkxNSC4Tqa7ywqtcXFIbaLtjJ1BoPTnYFH3gX13Hnaa0WJ1APj12D/WWYAyV+B10trk0/2ETPDFjJAvSypky3qjaSE3/5GsWgkCZjAF8aJfM4Dt5Vw/cBD8e1ZH+xaPa5HgxU4DOT8MkhxTm6XRcdRJGgjbyKQxKmorRAUSZWVezC3RbEMRmyVMlY6XU4WvIp8eGh9GEEj7jrCvSJUhttoITLoCR9QCUiWjdOplnD3eXtvT+FS8ORtD6F7E4Mi7izqfLbI7kEXU+cum8gTO0ubNrnQetEubTb/x9fWqUWBCKS+TYAcm3vATi/NKfijJYwaiBBvMAipRngaKgLvmeiCCJj+C5pDrqIBCiKI1xgQQQ0maDTpIWGkUea0YLz1YznpzzrnXK8CyTiB5d4EfQQI2q+x1t2L0fk5K4XrQLecmv1AzO4nOjIq4mabQU4sGoUlahVMlexTViXP83/8+4iGfYAfID+bjagGR42RzUy/9DUrb0DE7XcSxQXjWEz+Sz/Z6YrBowPFyGFfIWoh54EXGEHCbcDobiL/nJckOPM7KNt5zmGMeNadYUty4N5OusFaeTqofordpHMDXpXDmOUKQ7klSMIwUTVBZc4jw/DCp9EUD8ZJmPR6DmsCX8w6r6Sli+qqu68aq8nDzw2rDgK+XwtU8eecN560BNbrnIoCkwnToFT49i2lNNf4bQWLA8mIAYPk8vaXbxluNMDPuHfI1PHTWlsRrjGxajOZv1PseIn3+cQmbor5AQM1gt1mlWwDp1719AA57Zimuj3xMkGxZ7A6nNHYnNOkhAV2l0CTNDw9ulmF0RB++O8JK4kqQZCBvoaAyqm/EC1dexBCtg9G1iRsCe/pf+UgGVY+VG1aO34mq847sO09C5LDkViKUR8v7Lw5eEMt/Wp++3jn1LE7f9oj4ldefVZFcqO/mC+ZbcKdlAMJjcytlUSQvmD6hzwL9/JBTKd63e/12gvXxcAWMXUl+DWS96gItxleRWdzSrBV4530dOUKhR1zycNomolXXtEAdS+WZo1uRALdJQcH55360bIBN+hJeTo5zdB8UzXXnRF4nFIZKMU+BIVFI+Ye5ccQ1tI4rRHpHezsyF/m3/aTjKpsYVvyEr7r/ZmjczCVGTlgNWQ4VwpAd9acLr4XaSSoIo+srsMCb/kXw2I6izRRQmBocwfJp5Zk5m88TKatq47o1xX9L+CN8nLujugS5UBFiWCyPIiQSdxanV1yL1cih/qQGydCsQO5Q5zyz4GnzCv0ZaZe5VrXg5yULE+HY1hxDL+pmXNPebayWFRo7M4QKFvpz+0SuOj1TMqpI4OTzm3y95GMRpVxSz38hLQBWfEzYMtv5+PPaH0uHk3MFKLOyc7S1RIaM9wW+eDUB0AMUnMkc0A4oGLy8cVzMwF1N8Jwzpoa/Ssunpo45RJKrSVcz3OJMxmUglRdDnZJNDQJvoOk3Ak9r/UrcTvUea3/MJI+GUUhUp13FNdEFCKXW9L1Zjf2Tm9ro2rL8Lz0dYAk10ZnWc6jWzrhXx73pJrhnOmRQGm0y6+vnO2Gksb1VVh+BAjnW+EuHXuaujJtereliT2XwkXwqQSiyC4wdixZQUleyeUaIdFAYOSaTQV3AL3AMe3Xtn1uS1IOcIVTqrsGfIr8Hns0cNpeSa8nmuaA6xf1LnNolzYvQnKXR/aW7b/PaN0tMPJw=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx776fab4d-0b88-f385-39ce-ea67c22d9f46" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx776fab4d-0b88-f385-39ce-ea67c22d9f46"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>M2zrpq09ozvcFpL+mmKEPKL82Sc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>0tlP6JYQ/9sofi43A2pvpoQjdx1qQWN/4k4Skt9GM7bQF6UGE8qiyAR5AUio60tZk0pw0FXgrDszRzskJwsDDANZJJwrbyxcBSMXpE9qnwSBXav7iFsAuUCe0HUkgZroNO1kFdAYz/S2ZNOqUU32vq5AXaxGi9OfESWewVoowNM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>eLGLk0KU8uB2t9YFO9n9X1l2gxt1lQ+s80hEI+bLRP8MgjfpBzuAgk6Y8XCV/UFEjjd0JWkdgwRIpp7gBW3aewF8HuLig+a4jRrHopImXq9sVXiiCrGdsfZIn3cq755h8pYjL1Gr09vIj0M8qoniuGgkwJ4IenAfSOVvMQ3HAOc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>ts9eFUI0wmNAQ9uFw32uI8GIzSMc3v1SYJyrBDcPXwe+c3b9n+Dp0u3T9gm9EMYs8a1M7WJbwU2RttPGys9jAsgutMXIdE0YHIy3LsiT/nJzd59s+7Lh3QaJKK4JPoIFod1pV/1Kp3QkJe5y5RWbQ24VMT2d3njaXV9QKK5fO2SnnOXfhCVSrr2nM1IRPQdMndxt0oS/bNk+6sVmd70DRj+FYK+/Zj4nfUHHdpXdXxeKhiVF/N177e5WpNhbCJ1TMOzd+mTwPB3dc9K3DRXpbUGsWSZUAa0qKGDfaZG2aYewG6LylsuxR7cCXkoepeZm07s2w3GYgPdTLqaH8e35U/659QUYLcMzBUAJ6+hQpTZWLw33cl4aglN3JRVubBOH69YDDblFWbxdjwDzFlUPC5LhZzAK+WZIxXug+h/ACmkFm3zRyTylj3qGm0ZaNytHHE0l5cw++nFGzpCT0hV0nYDds/oW2qheEIi1VFi4UB6RbTamUu5U6rXn3aMGBFpveH/hJSIl2cmX8RVEnE61Yz+r4XP6MYkXTEbdsECj6aWJvwkPSKGRxUXFzuYhDee383av0i16zTKUUcsM24M32yQJ7eRnUC9Y1wAtPsst136dcdaOfYLmGEU2T57CZLfFnOoGUQOUJvHKHuaYYngfzqiRaLjzHnPjxGYeebzucQ32rKW8/06m84jZgnM5jFFA80Z1C4dbFYjqfr+2mtqybonOC2a8xXUcUif9DgL+bkAGUm/D7qkpiergv1wZbxrqduxEwXm3/v+R7NLFFZ9IOixgVhgddVLNgz05fetcgix68MaDqzC5bWxUZVbI1KFa/wXhuH6AjnPuzowpkEz2NF8pfkhl4H+5MeZDLMiPifKxIaM9yyJYCN4sf2JzSbIfltugB1m/oz+gSpTcdGXY/Cmy+9I/btw7RouRqGKuyo69dd8XhLqe42cfG1yJ9duYmy0Q0waQgdf4qwCO+Zj30yvr95HTn0Uqqvh3zKda5JpUWlWdrh5BTZyIv/1LOANdm0t8qadcHca2JhfdgT5WCYae12YCAy6Y04+DU9MnBBkwa3pmIQpZOLs0/M45bQc9YeW6Vc6DNm0B0+EDuESqylaB0ukaZoK8YVEr4m6MnYzQBjiKFr9/n8ozSKJgKHrE2cPlI8chhgBQWsAXXO3mDzwhSEx97950/3TAkhzxzw5Jmty+Q6qzRTgUAvENyIX5QO8cK7Qn7bUq//eD0EP2+1dZ1h3WqXVq6H+GaiNx1AxO0zfhKG3WS+J584XwCcf1dRLAecsSbviDb8opZLF4GsJt+Vesw8MXoQb/LYsXCbya8TQvMyJcH2u4tgz6gKndFR9TZAha8XD3q+JO0A6pNGWU45XLmLuERYZuK10uKRdFuReslfGZcJiAboHGqOvC9Yyu5VQHujOdORXXv9dx3KtX032fT6CFhDhaiKqhHSHm3vumwCAC8sjIP/2Y2tGSL+j63XS9TBt/rGAtMt5cUsFy4suCyiDSIy/fGCeeKH/1SQ9c67L6ve+RoTiJ0QcL+FEUteS8F6NzxFVhL1EsJ4Mon16tcX35PNYpL1ReRqHSUw15fqmMydaJ2b6R6xhai1AvU5D6UVGL9u3kyngLh+EI55PaM9+OueaV3Q7UKum3/BuxLBkE0mV7RDs7Czgk0hRs5cuC06uzJP/zfVZjD02vDnHIz5rV/N5MVUAou7UU65+i1bnFlGu0RXnCwhfho7x4xtlUOrQIoHTc9LTsGqXv77doL4yqw8qbl+WJ6oPkOSQy64NFjWRMwpeSMLLeuURfJ4n67VvpQVs0iKLyp13mSf+q+R7NQTMaZzN6BKAAc1BTq7/uCJOddbOyK+f9bunYFDM+kYOFaQ5aBMhn0+ATBAzYNMRsK9bzkhBKcfuaJ9S3AKb3IOXtcD75QPdaJC51B3DPc138KlVBIFOoC5EFpjj77mShLn5FfVRRADCC5O+XzLNQC1mpibXWzmGvTlInJKkdxbYd3dUqXxJtHV24CNyZbD+z5hsKhAPoPzWfJ+XjiFOeEG+dd0FfsnlQasHpL+p3l7UVGGFdOjMtrDUD8nN1NySQlBxx87S/Em7lTt7hOeL6YCgyYnkecHpy76vHPGW1RILfwAER9Rv3XethRTQ35S8UY+h56clrcoj9Ter2xEQsDnGyjIS/Xyj4LezqEsfCRoy8C1hG0Xq4q4BKisjy845dVUkTnEflm703/sfwXcM7f97u7r2RPsUu2AuEaP9CGtUicUXTQmI/xs5RcvFgJIkG3nABakwWv3ySIPOdV/zGMeOfWbvgSKMeimUQgvNXlrFJo5rBZ7rTbwMSxP/pfq4suxnsvHQpfoaYKttgC13hAAYjpXA0k7qVpMkCSdRqrghWl3wAy95OVzGHr35NbM64am4sXkQAtFem9Ywj6C12fauK98ZdhybvwL1oycXtwh3ZZQKvlnQWq+3dH13+WgFx5/TGRm8K5IsdynwHu7BnQgpLfjvyOrsoilsmJmp8rVCSQQoqV4auSa+JfZSO+E+TxkP8nGWXS/mwEf8HSHMX8BksFaMh/2grH3Ecylfm3pxflDjJji+DF1OWbhJ9nMLv2Jlq6C3N7xHnbiAn9tn2Jnha7tLhsE/QqR1Lz14ZqYAPIM8orDv0VC2HRZ+Dl3qEZElHaG3HyZHVGUtALQZmIQ5FldGsKQcIG8fvKbVstE5RXwvCSNP0lY+L4fZKXhghfb56v6GV5EB0GMX0zKakQ+lQPqK+pcHWL7Rvt9IIMQOhiL5l7Ub0AwqSstDjFOYE2gAlNqMy7PoRIb+6Zv076meEQq2Tht9I77AzBzVWF3rGBG3133878FUlYI7chKiCGBHL0Pn4HP/amqKBckUf5KSAgtd3n22sCABgzEiARiIKQId3Gh/2pEqsq/TibuYX8zLGl+heZdI=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx11e372ba-73b6-00f4-904c-15bcad45a0eb" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx11e372ba-73b6-00f4-904c-15bcad45a0eb"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>AT9VaMjfDBnP65jeD74hbhhbUk0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>gSDPPJX+VHE5dVjUqFvv8cdOFvn563qCxUAE0w6UOX3HFla0LkGeMFRyGc/NlgB9BuHSZQowl6ImPqsybrbQvvUZ5PAeuuM0mM586vTNldUlAOTWy9tkG4mxkjm4qCcXD/59//qkjbWKhEJSGZOzu31ro0XDTW+vFlUHNpLwUY0=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>bvpue7iUydYJ+EcpCAXZWsmXpbz/52H6MEjjzJd+nRv1aEBeIcJWrsEE9D2yVXVpZgm/3yhuR2Vw1H+S3F0r++IC3koaRQ+XtcdmEWuPjLhkd1iUzqQW+QlQmGihwMKfJ6jNLbHhwla8RsaCCbSbiJuwTHCauEC/4pMJHcU1my4=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>zxAQrELNPJq4NB3VCAkyx+fTpWgO6Lw9gcD/AVSWojptev0dNGtclmIPw8/e+yZfnG+kx1g+Lq/1YTp5dIB1jJ9oxXPz4JpneV+Na+gzrdvdxxtXUGnAp6rL3vLQeF4mkeB5Mvi2Ti/qlVFs6QJzy2mrsc6R6Bov6Az0Mx90hAEpVyeP7OeO4cnE3sd1KgqMkXzXJCkGFuxdiQdpGBiYhcO9flvry1RMtjxhHzTbWUmgy7KB6T7kksb94JuqHHQyEpE3qJ2oVUfY6/VAnHtUbDLH4oWM3iJ7uKeXd+ndDM7G+fEq480LIJ3JcLMLyNETS5dHBOOFAoBIzjjIIHdPxjfYX9SqEOA3sM6F7GjMjG9GHkcnbYuhl+4iSy1t6Wb69wGgF3CzB5BU0UjtMhmRhST1QCeM253Tw4CiOPHzClSOduSpiZLrcfvhNwBMynpcJ9JtuTwcOo17WxZNffzx+/Tb3ehhqU+/yNBwk+XPFOx84r+xg/HiRr0WpI26SezqoPAOA/la5oiCciC62F+TqIGumPUdOM/IMX9saXuLrizhXYb8pTtJAHPvVaHJMbR2VUe3ZHqJxL52BdUQib5nwW9g4W7PeR88TVKqi0bjn8NQ3xGaITqkYJMyHCFs8dugIiRgKMjgrqEIxHRiA6Mb9B1vLdMeySxUozwzUhH32CmOtSRyfgr/3nenVINP1NvTAKcLk8uO+oWfNW6sYjGMYD2pSFj+D5xJcH8WDmEOBJdFCSDx17VZkhTiRRLGQS0K+FTGXaqVLvL4NCrd58c4SyivPWGMZ47oTB6ekfdZMwu7JDkIIIj8Om2TyHz0asdahpXkIh5eoxh2goR8Kky+lfJ3VkcNWCtRdhhY7IQkHB0bXzKNd4E9ms+XAHxIg6AQ6HNsYg81aKqZIIqKJVLnNs9/YIeHFx+2o9JAYgIRJ0rlRh49QWQRjfq8PtK/5vJWEnRnf2U09rOlGbd+Eab7qrE0VBEq+bujNAZj17D+QSfyqoAf/SJ6aG/BHzbsdQfVGF5ZHDIvJa+a6RO8GnZvPQPOvbUUMTpvE4b21f75q5sK1c2lMD4WaNumRycwmHB0FxoVz3YptBHIhToZ7OIM9cTU5zVqsqWDc3eweci4A5ue5JUX8zkCRWAqLoCeGeK3wTLonCCPEDKcPy2uPNjnYeE+CxJLf3YDtnn3pguzQkkNLhuWk5QkdNHI5AOlSTVfSfX8ZkwtxNJpzqNl2cxiilLP9+a3pYQF26WxyR++GFiZ8VDiFWh4EE7o9jj0qidkfzf4cjRP9hJd+p1M+BqGwqGBivpn9hizyl+GC/BeOgvf7ONPiVMYiY6MtMWSmt4KnYRqx99a5lepLwuTsR71bfxiBmgszmKvjHgcQQAvG102J9iH0Dod/RXbaz34iIzJPi/ySSsqPhh5qs7/eG98OPCaI9r4dJvQbcu2sl3j0J8dS57xWSqwJ5Q3Jq24R8DMGmqgpfazQqbC9nvuOnMhyvyEpHMYunhoTL7SKgG3K47seBz40P9Vq4RKmCubLZuxZOKGcETVB8NYWbZ8GH89S11pabVHnx7ztcZly+PTRaQ2wAQPJvm0/LesbTvwCIWxuUPWZXhnJ0HAigTwYc365UkwyjK3+tGDwHx1JE7pP0aNFGtyHAi81Pc7SFuBbnGSxcDBHKRfTlh+ETmLjBL1Pm8fentFqUAOx/A4xw9uD6+NycLS7RvfgXcXlFfzJSlNHGNahPFb06COflcU77xZfCivO5GvL/uKq4TbA8/z9QVgf0a5vQ7ru9ek2NfYTst8PU6R43QrA2Labczi7uyI7+eWxsK25BbAX4ivigQjIr8Mp3ZfLRSJvYwnmbfL27zw0UAmNIWDw2XyRPhaNoD+mfQUNt2N1eJ/3PKRCA6HM8CH//p1zbi0gJyvDirrZa9v7CvyyXLKuI+vxd/oQVbCDoCoWS0kFzFV8qLoesGcsgr/P1rOcGpnKTQwnT3JxyMH8gABbtEz+tEfLAbB4OkGy25DEfjo4E1BX3DRSHwFXyox5U5uaMBM3kCr22OSRYuvuhgAyJWsXrTKsYkJOE1W4yxbOcpc4ubo23spGitPUGsw2iEBNIfR8Bi4V5RZfPDMPSS9Hu+8ZO/6Pe3mNLhSSpMpduTVlUOEzhj26FEzGp6ZSlu4mj6atD1wHPGkxooOKUOoQY70ySBepu6d3KkhXfq9PWZj/Jjj6+J2fUhnsbnaKl4E3ViOYv3/zjFNRg+enhrSybsgCGQP011FZTuYHi//ORSXVXPajSv6bBhnMJDJ+Os8Puiz6OIPY6xLou71nK7Oevo4hfXnTG/soAS8Z+c0Rp4TWMwxElaYn07BZgXWVw8b5tgoPoxTjGqkWySfMBvB4EDTkmnD/lk2E5YT9TpyY+qOtYiI7ovwCXzUBLx/LkisOEqIWAch+uzhMWLJHKhamU0yJLykh94ve8xYR0LRBaCq+xSN4nhJ8/x/vT4ziXyV4ZbHQmbfSuL+/4lHx3mCfU62ClnNVeDvi0f8oI4GM+/2z9giX6JOi6lJTQ2lBCaSM1tyz/wvZg3ZFAPj4eBK8ANaUUZKYt0UaG8x5HJmBK9+o1XOMkkfgTnHbxS3wyVOQPQmx0GTz/U94jjRiy7KHP7mzXiOw8KFrHuhiwFlC9xRhdbR3yqSH1kiUq3B0IwMq4GYIFNYwN3vGqufVJ9fEssG1gU4qSyzFe+WszUTBoZFUA5z91kqYKQQG9zmFlpIv4WvQTnqX35/q+oCb9LF6+dT5znb4L8TpWdM6wnwU83f5P5kSpC3PGM/I624fvNy9Psph7Iu9f27ZVgQEg0qIDgO9H14lcERsW2JjeKurCjkQIIqlp0cIXLzVhU+yCDAAlfNodlHhTz9aRorKsDPb0Zu74d5WApgJPRa6ticFSnT4q7wYV+S2B6ZHDo3CFyyQQuCv8Hu0AvPUheZVUdCmzEy2T80N9IfLapWJrZyU2/c8qYzuCx9C8eeb3pP6+5pN9gr04twOcuG2d2UoYDmtqZZF76ErhuT9npMniiSi2CgidBwUD87s+H1GRvmVAnlhnJ/wsTRzut1JZypP1PTos07PhQx6Y9UNTaCVcGgvsPWgbFDodtCOBBSkTBFNbYPRPuH/qK/DPNjfmDmlg7Uu84UT7HfoUYxstoZChbeP1D/FOMZ79+EYXgRbqHeX11YE0DMC+x2cDLwebPi/RHPYEiATOIadDynrVIsk3AJdHxznrs9a3HGcWrf/4G0MJBOaMmBTfULJ5bOensTBmAVHmeeIiAS8af8Ha4iinZaLQDaCb8mTMjDjiLNY9iwODI8j9oYb4reetRzigGCMqDAlCDPsLqoG2iC76Mfn7tNq5ACd79uZ4L2e6BpKxHhbsK24Lqr+UibP6dTeRDGx3q64nSYXVMoVISJvWTrG6AcKn+L1ltEbhuqQkOSN5kOalIIFlFuxFTsn+4I1AcQSyi8C4+SCJF3mXOZK6evEkSEvtdHWJBA1ADCnp4b5eDXTc6I7fyNphtvsX801VOI42Q9GBeqeX4JuuJteGKsVNKlmHyX9UEL54RPlaif4FixOYP0gSAv3k6GR/a6kAEBHDseXgChuymTDvgpgEI1gQ7KzbX7s5H8HG33hPqEI1dWwXX4V2QAWZX/nHvqwT5N//F38YyQ5Vu3mncw9tvywmpOzmcri1PZ1PdJ2niogKPYaEDETev545+0GwcwBa7FYijvA5l+jCXakbgCdjk+40Bk1iiDDbgp694bwYo7misvFaPAnQHA70NndzYqRFQTi4sFxRC7sIkxNSC4Tqa7ywqtcXFIbaLtjJ1BoPTnYFH3gX13Hnaa0WJ1APj12D/WWYAyV+B10trk0/2ETPDFjJAvSypky3qjaSE3/5GsWgkCZjAF8aJfM4Dt5Vw/cBD8e1ZH+xaPa5HgxU4DOT8MkhxTm6XRcdRJGgjbyKQxKmorRAUSZWVezC3RbEMRmyVMlY6XU4WvIp8eGh9GEEj7jrCvSJUhttoITLoCR9QCUiWjdOplnD3eXtvT+FS8ORtD6F7E4Mi7izqfLbI7kEXU+cum8gTO0ubNrnQetEubTb/x9fWqUWBCKS+TYAcm3vATi/NKfijJYwaiBBvMAipRngaKgLvmeiCCJj+C5pDrqIBCiKI1xgQQQ0maDTpIWGkUea0YLz1YznpzzrnXK8CyTiB5d4EfQQI2q+x1t2L0fk5K4XrQLecmv1AzO4nOjIq4mabQU4sGoUlahVMlexTViXP83/8+4iGfYAfID+bjagGR42RzUy/9DUrb0DE7XcSxQXjWEz+Sz/Z6YrBowPFyGFfIWoh54EXGEHCbcDobiL/nJckOPM7KNt5zmGMeNadYUty4N5OusFaeTqofordpHMDXpXDmOUKQ7klSMIwUTVBZc4jw/DCp9EUD8ZJmPR6DmsCX8w6r6Sli+qqu68aq8nDzw2rDgK+XwtU8eecN560BNbrnIoCkwnToFT49i2lNNf4bQWLA8mIAYPk8vaXbxluNMDPuHfI1PHTWlsRrjGxajOZv1PseIn3+cQmbor5AQM1gt1mlWwDp1719AA57Zimuj3xMkGxZ7A6nNHYnNOkhAV2l0CTNDw9ulmF0RB++O8JK4kqQZCBvoaAyqm/EC1dexBCtg9G1iRsCe/pf+UgGVY+VG1aO34mq847sO09C5LDkViKUR8v7Lw5eEMt/Wp++3jn1LE7f9oj4ldefVZFcqO/mC+ZbcKdlAMJjcytlUSQvmD6hzwL9/JBTKd63e/12gvXxcAWMXUl+DWS96gItxleRWdzSrBV4530dOUKhR1zycNomolXXtEAdS+WZo1uRALdJQcH55360bIBN+hJeTo5zdB8UzXXnRF4nFIZKMU+BIVFI+Ye5ccQ1tI4rRHpHezsyF/m3/aTjKpsYVvyEr7r/ZmjczCVGTlgNWQ4VwpAd9acLr4XaSSoIo+srsMCb/kXw2I6izRRQmBocwfJp5Zk5m88TKatq47o1xX9L+CN8nLujugS5UBFiWCyPIiQSdxanV1yL1cih/qQGydCsQO5Q5zyz4GnzCv0ZaZe5VrXg5yULE+HY1hxDL+pmXNPebayWFRo7M4QKFvpz+0SuOj1TMqpI4OTzm3y95GMRpVxSz38hLQBWfEzYMtv5+PPaH0uHk3MFKLOyc7S1RIaM9wW+eDUB0AMUnMkc0A4oGLy8cVzMwF1N8Jwzpoa/Ssunpo45RJKrSVcz3OJMxmUglRdDnZJNDQJvoOk3Ak9r/UrcTvUea3/MJI+GUUhUp13FNdEFCKXW9L1Zjf2Tm9ro2rL8Lz0dYAk10ZnWc6jWzrhXx73pJrhnOmRQGm0y6+vnO2Gksb1VVh+BAjnW+EuHXuaujJtereliT2XwkXwqQSiyC4wdixZQUleyeUaIdFAYOSaTQV3AL3AMe3Xtn1uS1IOcIVTqrsGfIr8Hns0cNpeSa8nmuaA6xf1LnNolzYvQnKXR/aW7b/PaN0tMPJw=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>