Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
` 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx2e42d12e-9132-b061-a912-c0805c19b0b3" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2e42d12e-9132-b061-a912-c0805c19b0b3"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Kqvpxq9COAoYXvrPNFv58OaU3UY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jyx/8OrPYjTg78MxUge7em+5CW4mUjmtZlSChaQrsn9QgG8mgWB5anAkEo5INIiOAR5zmke+3VHgYrfVfkOf6tjipJzZ37OF+zLMo8yjxyE11XI57ACGKHKGjtAOUPMiroqxUjywcBj/K3U4NBcPhNXntdP8xj/sD4fNOf1TM6w=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx6c217e2c-b84c-ed99-d69a-1c8187e6b6a4" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx6c217e2c-b84c-ed99-d69a-1c8187e6b6a4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>aCvKzMYaTVe+dRafDg65nRcWGfE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>F5WfLE5Nkf6F21yXxNv7rut3ldDhPgA8tjvvAdpAiN6pCX/WlL0uIo6XjC/JncLZ/hfb1HBMYDijPeuApLSMpiJeKPjbDVZxrdZ+OT+I5PTwzhsM5xpIhVQxpiVBNhAkaB9UuTPG+7nP4DtS6R4Gc9lchha+ab3DtOS2mqeHNk8=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx248e6426-6728-4f4b-bfd9-0c8e92d238d6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx248e6426-6728-4f4b-bfd9-0c8e92d238d6"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>CnAzqk/BQiclhXzXzzjKUw65giQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>UMDKw+JNvuZuXQ6/U6+jfjOBUJXqxyb9yuL2PBX/EX5RwjJ3jInF85bXhxEpu6WxbpTRXYeorXeJI+ouuR9pJviEDIFXiQ83mqbDvRGAv2o8XATmelhWdwMT21tDkGK8GrbDMrdVRxaniKfSrVnZ8ngUF/7r4stpG4HCgcikC0M=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx2fedc0af-4b73-d1ee-216a-dd0566a9f5f3" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2fedc0af-4b73-d1ee-216a-dd0566a9f5f3"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>W4mPgbQUO1A3enZQ45HWKZzNH18=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>e4IaAyJi1UooR5DcP5LS6EHTxjPCP04U5v8jZWtIOC3FLd+Yi2/ddd6U5cARAdAe2/06VhRc53qc/m7HBjkOtw2URrs675E3UKAKnAfBX4a4bUn3h0zvoI3mUtuf+ItICMjEZlVyWwXayU/Z5cjiuY92WNDfFyqnuEP3O9plh5w=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Bz75Q8ZA9LnZhztjAR1qer34XTNV1IXFDC2uJp1zFQsR5buEii3Ej5KmKChcqvtsR6t5Z3sz4gXwreuqRYZEqvpwZtNE/riTumDAe6zBb4fj6lysx2coaywPjcISiAqbfxJwHvz9Pe76dWMSMWviBfsJuVeJr12DcoRGtb4eFqg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>s+7XVwIOfFGALb/M1SjLcfWggw3lswy2XMMmAHniKKtXFnc9eSVcWKgj7kJ4p8BCs+bJot7HWNE8/5jlAx8ElnbB2waJvEW80wmbz19FBxPWHFRkJ9ZkV165SqKRg/EJSU/l468PchhGR+5eD5xeTI7EG1wt8WnGi+jyKYaQvLRJ7vWS111TgXp1+63kNUavRUIiu3ycII/kmmMl128YGgVhRrS1DcHttS5m6yWxPaOOC4U81uM+4MNmfRe6iDNqPNVOgk7rITs6YyVePeg135WcoXGYNZJ+9UweG4hGZ5+8RcH/to4GoSR9dVu3D0md7t2R+7OXXPjiI7sglhAn1/MiRciomS/bFkG00ucU0+afxBRfxhYCowsBCh3RQk0w4TMEmA/hTFwOsOPo6sSC+enLstps47uUdNe4+ybRwpTRaKDa7/9rC0FL7MkslvsI1+HDMHrYzoyUmZD7LflhfCutoPqVTX/8abBuvocQn6WFKJauWP6LEvvAPEaZuTWab/kUtz9P0YcOaud7oArQXRP+kvNzyGA+w3vPjuMgMA3oBPDxGJFyuhWauujD8XhloBClfgByBy0d3UCRR55Cz4qu/AJp1bNZQTJ8au/k0Hu87aRsHcFCGUIpazUL7WFqlms2VebFDR5yBQAlOdmSDwFUhIwdBWxLM56wTxvym5cl2ySCPEfgpdA+iNPgUiufK/w+bP3txqRVODFwxU0bGu3hP74qn/vyuliPePy3SQEUJJqf9Mazv5bxifZo7dcbiMW15jdBrc7HYrMDTqMs3lEhPBnDdrWMW3FNwddha+fK4JNrgTobOJW+n60TbJIkV1dRufPux51hlgV0a+9VglGoEpSZzPLZnNhZ6KexMjXztxUqBpFmuxT+0mYWkzNKd+0IB6JfWr1ApJu5VLeemNCiY4lLybjj5XwZ4TNzjv0dkyzX24+SvFesXHtt3rigReLPBURlqOsi2J8QhKQCNf4x3fe7SINs5zcqMzgj2vdIbRfqNBEAZMY71+oXzbi85z6hfvi8ueJJFd8vKmoVYB462KbjRgt8GkjbqdAVncrEapoXczOL806Aq20WoFF+VXFar4GdMnc14aFfoY+2hasnfkd+E2lFA+WGnlKkJjvesMm7TFhJWWkCbl5YfDILxmMe7LDssadt0eTFncuDPwCsG39vRDFgtoG3/daQZsETRYDacBOY5TqmQIQd3EF6vGlE59zrXM+56uyWTQorv+8gAYa9e+nXJdYFktv5TGEFdhFpmt32u3Tofn5Atytv5Ej9SRkN4rHvBIJ29j7UQKUzhJKonwIU26Tx52yKEGLSYtK81ec44Bk7G8ISb224s/iMzoutZQiaW7xDxZnee8tHemy5qRnceZoUPbSo7/9cGmAN7SUfUOAIiJCYPrPvzHmfMWTL+Gb93+e6WMl5t4ElEq0nMGgw+BiA49YGxVOMV8t2zZpsFaJ+7ZWszWnjHf98C3YpxtY4yn9Tos1veuT2qt92TG/DhCQffx2jrzXW3vVhNKY3h8EGhqrE8HvHWBXqATqVYxilVstoSa/iRxsqH45gnosMsqqxzrDPt046CyY6Ii1AtGSAlm18HXNVPVgNqIIrWA5ux56WCD2JtdLxWFRZ5g9ypYDcQlme5Nlc9fOICg86RurDuyFxleiFfxjynj8QSckg6SebBh8FWbPDHNGyjtkKnjx34KFndP70vCdsDSBTAVvpfL5WPevk4rCmPuhEU1AT7IaUGJUSoUuTvskSySuKmRLTqcum5/MMa1z1thAV4j8XwKJx+VtvXA1lfHmb+pZC51I2UNZ0hnvKRKymTWBXL7ttHa2WzbRFx6DuDKG2B20CQwbc1JdHJV4VKRRA5c6yMY86nv+qXDWVqkPv0tKiJiDBb4u3h7wEmlucZtzfPFiZpWdqgwWdIUnGpnlTdk3ETGBtZPsa69B4YZIEgTD1Q8Ib4Zf9iQIl0JqiwP2K5f4eIzjasO2Sv6ZI7O8GUevjPGKBxneGK559zo5KiPme8iituPQxhG+8Vs4nZv1X+FXE1QNoxWT54xaEuK4oZQNZ5xIrpWuubZq3NFOTiuqG9+V5eqYvWlZM2ZDaHF1WwKT50gtBvsywl6InUFs0t+QXkdfTwb1GY4rIu4Cmmyrts7MU59Nm9OGGfyr4D3SXes8d7LO+TCq4/PYaEG+1VzlX+h4Kt/2lfzNkdmxcWoCjGqNCdged5/lMIeUifhhkYTpkVVkWnOFuxBtbapP3nms6dKSfrePuEOqzyA1CMn1iF9a52Q15b+1UBEfZpO/yEjjZh7kfSirdg/c2hqBTz88CKfP6TrcQ+3dUWN9iRRrqAOlZayR/v6Ou7HQ2nXb3izu9uJAA5IU2GVQSVl34FGdVVMGsyhntCOqbLtXGSelScfl3d3DtdnhueRUR/GjgZnqE5MsNBO6MqoNqf3HCB+fn2E+7XTww2flMqVBm9CcG9AbBJdIcwePs5bEkB/uvJlglFT1sxeyxFl3ElYp/6ajWf1ypEADB+P5m5Iy4EH0jyy2ieOdG2nAN/Rih7YMG2VBN0V2bj1OtTTvTjlnyWpXjvOu3LsA/bKTiNSnUiABo9JFucO3MIO7kS+oDPWWQJC+aaVfFBAR1/tqDyaHEPefsoseFlBALDaoIgZ5jnM0eEFoTkZBZiS50sTmkN04S+EZwxqvbM51NbhI7jkIIpJN+Rtoz+AWuWZU9Y64HBjSEJj7Gz609jnxsOJLTx9qvHZ13pBuB3KyXKqFs2iA0Jc13hRoJFlPNvcFVzbUrJSl/J/DceJvHyskyzH3x7Hu6fv8G2D0wjt+p1A4aemMvo+tGOCpB3GOz7oZA3wy7COLcMcvtecbJiOWqAj2kSDN1VXtb0OaC9Bx+v5GXl6eIa8H5mquh+V37B4pZEaPjicLr8KslTVl911U=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>1gJwdMNsdIeXYS1YWuhd/C19ZBTFGYNpHcMzqCELU5qc2Dqt5TcqIFQCO3FQozDvTKinfbT7++iZ99BUUaUp9GRIOSvOxJFEPjxBWY1PmhPNYSjqADzmkjYUBMZwvKfWH+dOO42ETiaTH8MO0MRz3XmNncWIYEyL0u+yH/zxWHw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>WJxB5X00XStSPB/xVTyOoYzTydHaUlNr4UVYfx1z0TYpmgXnQSrNlxoHrPmQXQuV/+YXMqpTaelhvj91y74LnUftUbd2A3cRlKgdeTksNDIEuNO9y8RNt/xpBSdrhonk+cA85kKChacpQ4f90h8KY9xOaH6lsglHTwNcHUnE5oQ/oH/vpyhf8NJdX8htCk2Ox2Y4Q3i7TeF1EBujakKFGSy8FEIxYSJpF1bOUfDCRpm1F7L5xENP2tVepaypn+gPX2E5Ka2aMLR4W/gw5mwepqspWdyRPjklpBtHE4zBNe2Hb+fToLE2eLhvZ5gyuNvHWQozDhVDg68Zi24ycdBNGyY2U3vVHcHgCO2b20xLDyryTipSXdWlKkhHLxIPxFGuaXn5f6B270It07UFiLE0wMrK9iTAzLT7lm4DLfI6g9BSfj1QA5jQ42x5odEyqjU+aTaHWRMCveEsVOMwol7AAbKxdkeeo5uOYLpf9cTH/Byy+5H2DzdR2wSZ1O2wwmf75QTJN16rYN8tUpNUUtr88ueZu5HbeTLcYlujN9usNWRe3AEq/ArzR0SaZunowTV1ljUnnRF9yMJFG1c/hg4rV7FuvC6Rl04V+3vjtaJ5990ZeRzk07jnbHMM1zInDY7w8u2Hx6UmtETWKfPpqlhhLXL8SlEI3nwRptK65pJS/kaG36t7XHUENpq9TVMVM7TV19zWY7V3LZbAIdGGfuYq2CLOdyv0kVhajDZ4/LNRRqOLSP3DwOTPVr5s/IijgJdzH7PnYj0n0JMixKFVHyINOoKtPitugZ39vV+ZNxMXdFOA3qCTov5XKiD8JNmgSj8IDaI0+sH6sBXumgkOp91m5GnqOSaK87AUnTj+P8WYevHTs8BHzy/yRDiTSru91QDo9w7mVX6GkR0e+aaex5aC+SvDjFDKNwsT9o1zKCYCICxiAy7eA0hGZcAUSkO+sz+xnWkoL1QRd6iWpzF87PgzwaUxZu8AZp9QGTlRv9wj35sxiJvToiSdlDIDfOi9iDeSosf5/vHBzoUWO4Z86gxTiM86VSQVZq15DqYyLeVvWtDqXTIPep450WMeebQl8Pc6cNoVqU1v8E+Ajv0wWcKlQhWCvo4HJRnwbCaiFMwIj3rM3NbgGMQFcCNgJ1x3XAlSe6E6ZWi96oGlN9K0xMNGUTf5/3tqGoSo84Ny4ITPR1hDlVxaXPngq4ySSu8vJE7rPKAImk0VM4COMjnAo16yQFD9M85ZGArMG9mkHu+tIwGlixHfNhjDS0Aj+O0T579zGSe25dhFMS/YhrUVhGLFBCIlj3Vzm/DT04cCPGg+ycBLXf261Hoa+Q5e2DKIYHK3uR6Sf1SZhj6iLr2s5v4fJia8j5F0mlmg5tmGuPOAzvdVXEhc5SPW1kteipxYxfdyepSyDgy+bRmOQe5Dn5T1WhquR7txmFYa/SWkRmQ7x9IKqX1tWp/5oXYCZx2TgXZbLWMFml7UYjXz4Tu9Me7njU/K4z3FlO8f4R/z8ApCPmmk+yovy02yJdsxWqbW2voOgm8EbbEF409nslMY5xq8AUg9D4gnML5rRnadtZqoLt2Vepa9ZrXR4HD+XMcPW5kl9rvsDtrOvFGBET0BplgIGFvuOj8J4WjdNAYgGwsOoN0CYarAnSq7ys1760ETP0IWGileRB5nhjFLMJEXmbxHcrvO7aHDR+oywJU64eAY/qy8/5D1IYWo6CtmT7ci6p26uUSlRIQYhGD67s8+Ofm2RN3tWEE4VSlsnFFyoQdCdRuypnuX5i88nu4jEBJefC4bpdTaAp+F+dQYxD0DNX8H7FSNsrAty3wWskRckkBeiMoFXzg0QBfwD0//FpiNorr9aB0W9NuRP5/q/aGlzz5ATGpn9szUOhMERKrPIMDToFzjr9A0dUchLiBl4O8Z2CrA5p0Y9NDRwBZWXQOGqbx6by+bQEJ0mb5pb80+cvfPVPu5WwEqKDIP0f/020cUmLuK3NdYHZaynbNY1SQ21iVLQ+mhacHe0MtjER+U1MbFgwNe/wcPprR9KTpulr09HrfY9YhgaybGG6+jm88nX3+sHCR9w1te8A8UoqgUh8hJJm4KoHkrjC9UukG5h+GI4UU1b4mFsj6HabWFhuuRgQPO00ArMO6rVcY7hURo0X44rEGQSbbBhwXRvspi1gVCv86v8Ds4LdX+0LkKQZZg5O5z3To/davpAOROUAWGE5/+efCqZ8MAGhYxCyunCKbH93gJaXtDw5ivSAUjUiTrm8zZlBpUw+bCnUINnfECtncUzDBn/nt75bKDUWV1eZIVJw5Q9PMoqTIX3W/IcjgM4LmkGDTp6sKBTIr2IVWjM8Ohyntixv4VjIBSpjvfH9rd+IcT085y2R6z0jCnXqk7q+7TLUtx6InJ0Og67Xgo3cFFq1k9U0jeQQUtfzrT4rbIr+sQlOmBpTi6uX6aD+Ws6J6BWJ+3mcfJsNo8kRZ1oM2xHha7j69J2jHGoChH5QzjdwpkFiybLOp4v/KDhHkEHlIj9XAyDeArAil6qm5xKcJ8fBONht+6EwoVN02Ot99P4f9vWxCApol04csKE8liJMLwD9E/CQx3NlxzgnQqZAVgvDJXEWPqCyzeqxwSH8OlgXY3t1bT9TUN9rvcyaC2lza3jekVgLwew9LNmosx4Z70lae7in7IF3s5fa0IAg6+7dHEZMYPaaioXuF/8VBz4TRC2Rr50vEhSbl7D2m95xCy+uIGMXMxW3GABXgKGmQrRoN/47XFatj/WSqLOMNfB+jvPkfVCRpV1PqzaYDSRsntCFuaOTrVzRle0CaoMQWTk1xKCvTo7DPyOUmv89fpSOor+xTotM3ivWxKCzzZMn48tNEuegz2RLfifafqnztglp1WMYRfV87Jwwh5vwCsbfDnWd/QNPAEnTwDJstRRSRJ+ql1UqsgvI4PCrLtEhT9vGfRlg9vAmEc8tTlbFUfU7ZF8YXvNe7DYQMBs3QTTjswqlsfJ689HJZtg3e0EtkGs9DWp+lfCsNCQdl4igMi8ayyk24XNrvYh/1JycwRdGcOzTqmt7Or7zuODsk64hy69YlOaQ8tJhjDCDZNcrTnXRC05t4UlVJVsb5abbSvu6wDg2eF6pNwBEh0vaHqpzW0vOWtz7ChI1AphxDrof1TtAYxzyRvAoVM7iPf/ViaSvVsejh+2SWFOLTZnAnhADcJqy0ABXL3sDXpyN7ptvHD0T9l42wsOX45Z/Wjl0CXeexjCGWYctS3IIARvwJqamagtmVsVqjdUn/KY7pK6FRrj25bxh+rdIgJkowramV9jq9u0cEys6/S5LJZnq61DZOSPB7+NkSDIzr6lawoZLOLsgEhRtbT2dPatoyZOJSykVYCBnh1yQy7QHhJzPvQyfqA4fz/2Nfb51uOzm7iDPG6meyIsfUp5W9gdD0u3yeKcWtXxGP7Pn/PGR8uCQtwmopVL0P++h/K0o2xUKWOCa4BFoboMMYiFXK5deCCn1tK/3lovRQ9J1+BxPIjynvc5WSF23GDwr+C+GQHTqUIsUZ3jAlxt5nlq9qyuMwKyHat9dWyp0kvEzVGIeg2FpLT9B5Ah0FANEaJ+2SGCSlbcFI97POiKgpqv9+ECEez0DhJq2h7VcHPZ1ALUkbD8iO7JgbhSnlp07oJzh/iVenWHzMl3Vekf3trcvCODRUAuKlJnILaIQ6LQ2eqieb1U7f1+fOA7DXV+wxdf7Acv3IKBlvxhj8r/WbJCYa94ABnRW3wOy6yHKHp3jSFT+9cvFKG7qcjCGCndhLjAJfTidX8xw+3NDCNt4i56YucoNQhPQa37xnH/KZS3NiCnn2w9dlqIey0hVYTekBFnrjKY2KsZf1BkpfPCXXTZ7PP1U71UhjMEbb0pLWXcTJQvATeOsWxe0a3oAcOpNGZOaIXH1w6AEU0cNMlTi2Vf2cr36Etp1zOZoVx7eacoKK31JQoYb3rAOXwQ4cMdTWcbkx6S31W/NlhBWCguZZxs/6KxkcB88uVQL0s+K6uQpy/xWTMlR9MFlZs28Yd5pUPXbeGYW+9yMYJgPI63MjReQDLxPAmoetcox8Q+fMFv4hGD0jEafqXj5bvTiUdy4r1k7wedaj99GlQrj7/LA/WS78oMLuJMJhTcYCrOr6QZG8KDkihjVuRRJbWpFzKlI+hpRjYtCxyrbNDA/6uJLhAP5g85d/khHBrzWPHBLr6LuGsjJL6DkFEo0+nTTthx/aukAPVXq6DXvmBewQdqAJGIakzxM5OpuhWP3eFMkKi/c7pEJ4ZjKGnCa8u3GYh2dR2YdoEAQ5bKXCX5kf+7vfZn3HblNWuTR8IECamgFktNRxBWmlx8Mv/nTpxcNZFzV+g0zArvaZnQbA6CuWgP5FEWm5403ogXyoBCJW6Helz7GzBMRg/VUymZrSubuy3XspLCM/gApTmkCgDYeBoyRzXd9mJOJzGKK6sbLeHVVL4b0IAH6F3oRzn7qrnhNv+hNRz4tGvhDFJrOpoTBl12/vMh/oYhe48XIX+Gd3jvBKBNrzSN9dmwwpvvtBvaJV7PW+oV5ezKNehEvSxxNxPAlkVntqIG5mmliuIUaG0nc4Ajsod4/UMxVQ/RhtvFthnKbOWKZckEUC/p+2jgLl08+5kVbDApPqQMxwmvhzRmFEPiqd/HsWnezxPTg486k1xHJJPZEaygTazoOJ+1sBDO6hAcudrBtBjSnSarnQg0hulKpZ+rjRGs5a2LCzuB7tOth2wd4asSt0pq1j/HHILEajOdGK+abdL+rSYaocUkULvaIkzwJsoNciWcVF/rCp1h5jfnOwH536uuBJ6JouZw7bo+ep7CU5DXaLyakvmaoDQTFf1kLYfrjXwTytFczSrAcZd8tHKUzlD8Juw55Z/mr8fjd/8yE2zIwMYxxzoA0yD8XUWvQvd8FI+JQfCJKUlSpI8e+//MTg+Gf5k3qGuM9p+/XakhrwQW/MzXwQ5q6qCu61WW91mk2S8PJE5O1RSH3X0Eph0aAPm9DzgOdJgq/hIEXWeFpQzqQF0R1ad6R3TtAAfyUFhJ5cZkqsWrnEVDAvTzQyVsfG7TYYOxLhbiTPupWF93K0a+KC6dOFC5HjSvMUhfskXFpaXig/Kkie8n3Ja0VcxylaNoCi1V9Wq+yKLpRQrXRU/v3cI9q7KoUJwIaP3tSYHw8VVkimZMNpkghs17D1bREaXJYkY0/6JIWMpfaYpqbCxfn6jkcnC3qBNVXdFortfeRGgEQL7BKnwW524dYBkNdfsQ0tmvzxus2rV81x3rzCEIwxfCTKhx7blR4QRaHjecjdfsmGIDtUJ4X2u2YhS9KXdlIScQf32PLTf72IBlTpnmkRPOYRNnUznptvc3fDxzGFVDiPUwuIQRMXrwtl9WeFVP30ddf7zTL4TXfW9Q12wflh5lwzsWqG7He1UENz1Kh/DJ6Ho2Zk5lYVpkGydu1bV/xS2DBsc/a7sL2kj8gWFGEB9poMkBG0=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxd80106be-2606-cd6b-3297-10965570faa2" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxd80106be-2606-cd6b-3297-10965570faa2"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>pEjN0pY53ildxCKwK84UwBROp2U=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>w2K0Gtn9Gtnxcl/2ovsyPBEGu0oEikiGVvGkFYITp3gp81HjcwMFP0Vr9wKW5ujoKxkLFvuS9Kt4CLH8M+7Iko6dJZoTrLj0RY/VeBhV9Xif1/HzbtgPMRiW0qxXaH4setUoFtFdswaZvWt7+gvho7O+PAXdRMr3uvA0DZEiBQU=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>Bz75Q8ZA9LnZhztjAR1qer34XTNV1IXFDC2uJp1zFQsR5buEii3Ej5KmKChcqvtsR6t5Z3sz4gXwreuqRYZEqvpwZtNE/riTumDAe6zBb4fj6lysx2coaywPjcISiAqbfxJwHvz9Pe76dWMSMWviBfsJuVeJr12DcoRGtb4eFqg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>s+7XVwIOfFGALb/M1SjLcfWggw3lswy2XMMmAHniKKtXFnc9eSVcWKgj7kJ4p8BCs+bJot7HWNE8/5jlAx8ElnbB2waJvEW80wmbz19FBxPWHFRkJ9ZkV165SqKRg/EJSU/l468PchhGR+5eD5xeTI7EG1wt8WnGi+jyKYaQvLRJ7vWS111TgXp1+63kNUavRUIiu3ycII/kmmMl128YGgVhRrS1DcHttS5m6yWxPaOOC4U81uM+4MNmfRe6iDNqPNVOgk7rITs6YyVePeg135WcoXGYNZJ+9UweG4hGZ5+8RcH/to4GoSR9dVu3D0md7t2R+7OXXPjiI7sglhAn1/MiRciomS/bFkG00ucU0+afxBRfxhYCowsBCh3RQk0w4TMEmA/hTFwOsOPo6sSC+enLstps47uUdNe4+ybRwpTRaKDa7/9rC0FL7MkslvsI1+HDMHrYzoyUmZD7LflhfCutoPqVTX/8abBuvocQn6WFKJauWP6LEvvAPEaZuTWab/kUtz9P0YcOaud7oArQXRP+kvNzyGA+w3vPjuMgMA3oBPDxGJFyuhWauujD8XhloBClfgByBy0d3UCRR55Cz4qu/AJp1bNZQTJ8au/k0Hu87aRsHcFCGUIpazUL7WFqlms2VebFDR5yBQAlOdmSDwFUhIwdBWxLM56wTxvym5cl2ySCPEfgpdA+iNPgUiufK/w+bP3txqRVODFwxU0bGu3hP74qn/vyuliPePy3SQEUJJqf9Mazv5bxifZo7dcbiMW15jdBrc7HYrMDTqMs3lEhPBnDdrWMW3FNwddha+fK4JNrgTobOJW+n60TbJIkV1dRufPux51hlgV0a+9VglGoEpSZzPLZnNhZ6KexMjXztxUqBpFmuxT+0mYWkzNKd+0IB6JfWr1ApJu5VLeemNCiY4lLybjj5XwZ4TNzjv0dkyzX24+SvFesXHtt3rigReLPBURlqOsi2J8QhKQCNf4x3fe7SINs5zcqMzgj2vdIbRfqNBEAZMY71+oXzbi85z6hfvi8ueJJFd8vKmoVYB462KbjRgt8GkjbqdAVncrEapoXczOL806Aq20WoFF+VXFar4GdMnc14aFfoY+2hasnfkd+E2lFA+WGnlKkJjvesMm7TFhJWWkCbl5YfDILxmMe7LDssadt0eTFncuDPwCsG39vRDFgtoG3/daQZsETRYDacBOY5TqmQIQd3EF6vGlE59zrXM+56uyWTQorv+8gAYa9e+nXJdYFktv5TGEFdhFpmt32u3Tofn5Atytv5Ej9SRkN4rHvBIJ29j7UQKUzhJKonwIU26Tx52yKEGLSYtK81ec44Bk7G8ISb224s/iMzoutZQiaW7xDxZnee8tHemy5qRnceZoUPbSo7/9cGmAN7SUfUOAIiJCYPrPvzHmfMWTL+Gb93+e6WMl5t4ElEq0nMGgw+BiA49YGxVOMV8t2zZpsFaJ+7ZWszWnjHf98C3YpxtY4yn9Tos1veuT2qt92TG/DhCQffx2jrzXW3vVhNKY3h8EGhqrE8HvHWBXqATqVYxilVstoSa/iRxsqH45gnosMsqqxzrDPt046CyY6Ii1AtGSAlm18HXNVPVgNqIIrWA5ux56WCD2JtdLxWFRZ5g9ypYDcQlme5Nlc9fOICg86RurDuyFxleiFfxjynj8QSckg6SebBh8FWbPDHNGyjtkKnjx34KFndP70vCdsDSBTAVvpfL5WPevk4rCmPuhEU1AT7IaUGJUSoUuTvskSySuKmRLTqcum5/MMa1z1thAV4j8XwKJx+VtvXA1lfHmb+pZC51I2UNZ0hnvKRKymTWBXL7ttHa2WzbRFx6DuDKG2B20CQwbc1JdHJV4VKRRA5c6yMY86nv+qXDWVqkPv0tKiJiDBb4u3h7wEmlucZtzfPFiZpWdqgwWdIUnGpnlTdk3ETGBtZPsa69B4YZIEgTD1Q8Ib4Zf9iQIl0JqiwP2K5f4eIzjasO2Sv6ZI7O8GUevjPGKBxneGK559zo5KiPme8iituPQxhG+8Vs4nZv1X+FXE1QNoxWT54xaEuK4oZQNZ5xIrpWuubZq3NFOTiuqG9+V5eqYvWlZM2ZDaHF1WwKT50gtBvsywl6InUFs0t+QXkdfTwb1GY4rIu4Cmmyrts7MU59Nm9OGGfyr4D3SXes8d7LO+TCq4/PYaEG+1VzlX+h4Kt/2lfzNkdmxcWoCjGqNCdged5/lMIeUifhhkYTpkVVkWnOFuxBtbapP3nms6dKSfrePuEOqzyA1CMn1iF9a52Q15b+1UBEfZpO/yEjjZh7kfSirdg/c2hqBTz88CKfP6TrcQ+3dUWN9iRRrqAOlZayR/v6Ou7HQ2nXb3izu9uJAA5IU2GVQSVl34FGdVVMGsyhntCOqbLtXGSelScfl3d3DtdnhueRUR/GjgZnqE5MsNBO6MqoNqf3HCB+fn2E+7XTww2flMqVBm9CcG9AbBJdIcwePs5bEkB/uvJlglFT1sxeyxFl3ElYp/6ajWf1ypEADB+P5m5Iy4EH0jyy2ieOdG2nAN/Rih7YMG2VBN0V2bj1OtTTvTjlnyWpXjvOu3LsA/bKTiNSnUiABo9JFucO3MIO7kS+oDPWWQJC+aaVfFBAR1/tqDyaHEPefsoseFlBALDaoIgZ5jnM0eEFoTkZBZiS50sTmkN04S+EZwxqvbM51NbhI7jkIIpJN+Rtoz+AWuWZU9Y64HBjSEJj7Gz609jnxsOJLTx9qvHZ13pBuB3KyXKqFs2iA0Jc13hRoJFlPNvcFVzbUrJSl/J/DceJvHyskyzH3x7Hu6fv8G2D0wjt+p1A4aemMvo+tGOCpB3GOz7oZA3wy7COLcMcvtecbJiOWqAj2kSDN1VXtb0OaC9Bx+v5GXl6eIa8H5mquh+V37B4pZEaPjicLr8KslTVl911U=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1c0acbdc-d021-2667-b6f6-707dcbbc8d64" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1c0acbdc-d021-2667-b6f6-707dcbbc8d64"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>izPx4c59tBaNpvlnF+l8HxCpvy0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>N7qczrPqBIBpvo31KwmsnVGIfTWVuFPwM//PRAfSfgBQwD+5YA4pdz+7GWn6hOtBqrSk0eoDMEn5BUYKk7pbQ2teUoH8G8nnYmcNV2najXL+CmyB0YzYf3qfmo9sQ4kRwptAmM/xtnnNa6aiOO318PcdKHdY3rXAE4Mdq3uq1ZM=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>1gJwdMNsdIeXYS1YWuhd/C19ZBTFGYNpHcMzqCELU5qc2Dqt5TcqIFQCO3FQozDvTKinfbT7++iZ99BUUaUp9GRIOSvOxJFEPjxBWY1PmhPNYSjqADzmkjYUBMZwvKfWH+dOO42ETiaTH8MO0MRz3XmNncWIYEyL0u+yH/zxWHw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>WJxB5X00XStSPB/xVTyOoYzTydHaUlNr4UVYfx1z0TYpmgXnQSrNlxoHrPmQXQuV/+YXMqpTaelhvj91y74LnUftUbd2A3cRlKgdeTksNDIEuNO9y8RNt/xpBSdrhonk+cA85kKChacpQ4f90h8KY9xOaH6lsglHTwNcHUnE5oQ/oH/vpyhf8NJdX8htCk2Ox2Y4Q3i7TeF1EBujakKFGSy8FEIxYSJpF1bOUfDCRpm1F7L5xENP2tVepaypn+gPX2E5Ka2aMLR4W/gw5mwepqspWdyRPjklpBtHE4zBNe2Hb+fToLE2eLhvZ5gyuNvHWQozDhVDg68Zi24ycdBNGyY2U3vVHcHgCO2b20xLDyryTipSXdWlKkhHLxIPxFGuaXn5f6B270It07UFiLE0wMrK9iTAzLT7lm4DLfI6g9BSfj1QA5jQ42x5odEyqjU+aTaHWRMCveEsVOMwol7AAbKxdkeeo5uOYLpf9cTH/Byy+5H2DzdR2wSZ1O2wwmf75QTJN16rYN8tUpNUUtr88ueZu5HbeTLcYlujN9usNWRe3AEq/ArzR0SaZunowTV1ljUnnRF9yMJFG1c/hg4rV7FuvC6Rl04V+3vjtaJ5990ZeRzk07jnbHMM1zInDY7w8u2Hx6UmtETWKfPpqlhhLXL8SlEI3nwRptK65pJS/kaG36t7XHUENpq9TVMVM7TV19zWY7V3LZbAIdGGfuYq2CLOdyv0kVhajDZ4/LNRRqOLSP3DwOTPVr5s/IijgJdzH7PnYj0n0JMixKFVHyINOoKtPitugZ39vV+ZNxMXdFOA3qCTov5XKiD8JNmgSj8IDaI0+sH6sBXumgkOp91m5GnqOSaK87AUnTj+P8WYevHTs8BHzy/yRDiTSru91QDo9w7mVX6GkR0e+aaex5aC+SvDjFDKNwsT9o1zKCYCICxiAy7eA0hGZcAUSkO+sz+xnWkoL1QRd6iWpzF87PgzwaUxZu8AZp9QGTlRv9wj35sxiJvToiSdlDIDfOi9iDeSosf5/vHBzoUWO4Z86gxTiM86VSQVZq15DqYyLeVvWtDqXTIPep450WMeebQl8Pc6cNoVqU1v8E+Ajv0wWcKlQhWCvo4HJRnwbCaiFMwIj3rM3NbgGMQFcCNgJ1x3XAlSe6E6ZWi96oGlN9K0xMNGUTf5/3tqGoSo84Ny4ITPR1hDlVxaXPngq4ySSu8vJE7rPKAImk0VM4COMjnAo16yQFD9M85ZGArMG9mkHu+tIwGlixHfNhjDS0Aj+O0T579zGSe25dhFMS/YhrUVhGLFBCIlj3Vzm/DT04cCPGg+ycBLXf261Hoa+Q5e2DKIYHK3uR6Sf1SZhj6iLr2s5v4fJia8j5F0mlmg5tmGuPOAzvdVXEhc5SPW1kteipxYxfdyepSyDgy+bRmOQe5Dn5T1WhquR7txmFYa/SWkRmQ7x9IKqX1tWp/5oXYCZx2TgXZbLWMFml7UYjXz4Tu9Me7njU/K4z3FlO8f4R/z8ApCPmmk+yovy02yJdsxWqbW2voOgm8EbbEF409nslMY5xq8AUg9D4gnML5rRnadtZqoLt2Vepa9ZrXR4HD+XMcPW5kl9rvsDtrOvFGBET0BplgIGFvuOj8J4WjdNAYgGwsOoN0CYarAnSq7ys1760ETP0IWGileRB5nhjFLMJEXmbxHcrvO7aHDR+oywJU64eAY/qy8/5D1IYWo6CtmT7ci6p26uUSlRIQYhGD67s8+Ofm2RN3tWEE4VSlsnFFyoQdCdRuypnuX5i88nu4jEBJefC4bpdTaAp+F+dQYxD0DNX8H7FSNsrAty3wWskRckkBeiMoFXzg0QBfwD0//FpiNorr9aB0W9NuRP5/q/aGlzz5ATGpn9szUOhMERKrPIMDToFzjr9A0dUchLiBl4O8Z2CrA5p0Y9NDRwBZWXQOGqbx6by+bQEJ0mb5pb80+cvfPVPu5WwEqKDIP0f/020cUmLuK3NdYHZaynbNY1SQ21iVLQ+mhacHe0MtjER+U1MbFgwNe/wcPprR9KTpulr09HrfY9YhgaybGG6+jm88nX3+sHCR9w1te8A8UoqgUh8hJJm4KoHkrjC9UukG5h+GI4UU1b4mFsj6HabWFhuuRgQPO00ArMO6rVcY7hURo0X44rEGQSbbBhwXRvspi1gVCv86v8Ds4LdX+0LkKQZZg5O5z3To/davpAOROUAWGE5/+efCqZ8MAGhYxCyunCKbH93gJaXtDw5ivSAUjUiTrm8zZlBpUw+bCnUINnfECtncUzDBn/nt75bKDUWV1eZIVJw5Q9PMoqTIX3W/IcjgM4LmkGDTp6sKBTIr2IVWjM8Ohyntixv4VjIBSpjvfH9rd+IcT085y2R6z0jCnXqk7q+7TLUtx6InJ0Og67Xgo3cFFq1k9U0jeQQUtfzrT4rbIr+sQlOmBpTi6uX6aD+Ws6J6BWJ+3mcfJsNo8kRZ1oM2xHha7j69J2jHGoChH5QzjdwpkFiybLOp4v/KDhHkEHlIj9XAyDeArAil6qm5xKcJ8fBONht+6EwoVN02Ot99P4f9vWxCApol04csKE8liJMLwD9E/CQx3NlxzgnQqZAVgvDJXEWPqCyzeqxwSH8OlgXY3t1bT9TUN9rvcyaC2lza3jekVgLwew9LNmosx4Z70lae7in7IF3s5fa0IAg6+7dHEZMYPaaioXuF/8VBz4TRC2Rr50vEhSbl7D2m95xCy+uIGMXMxW3GABXgKGmQrRoN/47XFatj/WSqLOMNfB+jvPkfVCRpV1PqzaYDSRsntCFuaOTrVzRle0CaoMQWTk1xKCvTo7DPyOUmv89fpSOor+xTotM3ivWxKCzzZMn48tNEuegz2RLfifafqnztglp1WMYRfV87Jwwh5vwCsbfDnWd/QNPAEnTwDJstRRSRJ+ql1UqsgvI4PCrLtEhT9vGfRlg9vAmEc8tTlbFUfU7ZF8YXvNe7DYQMBs3QTTjswqlsfJ689HJZtg3e0EtkGs9DWp+lfCsNCQdl4igMi8ayyk24XNrvYh/1JycwRdGcOzTqmt7Or7zuODsk64hy69YlOaQ8tJhjDCDZNcrTnXRC05t4UlVJVsb5abbSvu6wDg2eF6pNwBEh0vaHqpzW0vOWtz7ChI1AphxDrof1TtAYxzyRvAoVM7iPf/ViaSvVsejh+2SWFOLTZnAnhADcJqy0ABXL3sDXpyN7ptvHD0T9l42wsOX45Z/Wjl0CXeexjCGWYctS3IIARvwJqamagtmVsVqjdUn/KY7pK6FRrj25bxh+rdIgJkowramV9jq9u0cEys6/S5LJZnq61DZOSPB7+NkSDIzr6lawoZLOLsgEhRtbT2dPatoyZOJSykVYCBnh1yQy7QHhJzPvQyfqA4fz/2Nfb51uOzm7iDPG6meyIsfUp5W9gdD0u3yeKcWtXxGP7Pn/PGR8uCQtwmopVL0P++h/K0o2xUKWOCa4BFoboMMYiFXK5deCCn1tK/3lovRQ9J1+BxPIjynvc5WSF23GDwr+C+GQHTqUIsUZ3jAlxt5nlq9qyuMwKyHat9dWyp0kvEzVGIeg2FpLT9B5Ah0FANEaJ+2SGCSlbcFI97POiKgpqv9+ECEez0DhJq2h7VcHPZ1ALUkbD8iO7JgbhSnlp07oJzh/iVenWHzMl3Vekf3trcvCODRUAuKlJnILaIQ6LQ2eqieb1U7f1+fOA7DXV+wxdf7Acv3IKBlvxhj8r/WbJCYa94ABnRW3wOy6yHKHp3jSFT+9cvFKG7qcjCGCndhLjAJfTidX8xw+3NDCNt4i56YucoNQhPQa37xnH/KZS3NiCnn2w9dlqIey0hVYTekBFnrjKY2KsZf1BkpfPCXXTZ7PP1U71UhjMEbb0pLWXcTJQvATeOsWxe0a3oAcOpNGZOaIXH1w6AEU0cNMlTi2Vf2cr36Etp1zOZoVx7eacoKK31JQoYb3rAOXwQ4cMdTWcbkx6S31W/NlhBWCguZZxs/6KxkcB88uVQL0s+K6uQpy/xWTMlR9MFlZs28Yd5pUPXbeGYW+9yMYJgPI63MjReQDLxPAmoetcox8Q+fMFv4hGD0jEafqXj5bvTiUdy4r1k7wedaj99GlQrj7/LA/WS78oMLuJMJhTcYCrOr6QZG8KDkihjVuRRJbWpFzKlI+hpRjYtCxyrbNDA/6uJLhAP5g85d/khHBrzWPHBLr6LuGsjJL6DkFEo0+nTTthx/aukAPVXq6DXvmBewQdqAJGIakzxM5OpuhWP3eFMkKi/c7pEJ4ZjKGnCa8u3GYh2dR2YdoEAQ5bKXCX5kf+7vfZn3HblNWuTR8IECamgFktNRxBWmlx8Mv/nTpxcNZFzV+g0zArvaZnQbA6CuWgP5FEWm5403ogXyoBCJW6Helz7GzBMRg/VUymZrSubuy3XspLCM/gApTmkCgDYeBoyRzXd9mJOJzGKK6sbLeHVVL4b0IAH6F3oRzn7qrnhNv+hNRz4tGvhDFJrOpoTBl12/vMh/oYhe48XIX+Gd3jvBKBNrzSN9dmwwpvvtBvaJV7PW+oV5ezKNehEvSxxNxPAlkVntqIG5mmliuIUaG0nc4Ajsod4/UMxVQ/RhtvFthnKbOWKZckEUC/p+2jgLl08+5kVbDApPqQMxwmvhzRmFEPiqd/HsWnezxPTg486k1xHJJPZEaygTazoOJ+1sBDO6hAcudrBtBjSnSarnQg0hulKpZ+rjRGs5a2LCzuB7tOth2wd4asSt0pq1j/HHILEajOdGK+abdL+rSYaocUkULvaIkzwJsoNciWcVF/rCp1h5jfnOwH536uuBJ6JouZw7bo+ep7CU5DXaLyakvmaoDQTFf1kLYfrjXwTytFczSrAcZd8tHKUzlD8Juw55Z/mr8fjd/8yE2zIwMYxxzoA0yD8XUWvQvd8FI+JQfCJKUlSpI8e+//MTg+Gf5k3qGuM9p+/XakhrwQW/MzXwQ5q6qCu61WW91mk2S8PJE5O1RSH3X0Eph0aAPm9DzgOdJgq/hIEXWeFpQzqQF0R1ad6R3TtAAfyUFhJ5cZkqsWrnEVDAvTzQyVsfG7TYYOxLhbiTPupWF93K0a+KC6dOFC5HjSvMUhfskXFpaXig/Kkie8n3Ja0VcxylaNoCi1V9Wq+yKLpRQrXRU/v3cI9q7KoUJwIaP3tSYHw8VVkimZMNpkghs17D1bREaXJYkY0/6JIWMpfaYpqbCxfn6jkcnC3qBNVXdFortfeRGgEQL7BKnwW524dYBkNdfsQ0tmvzxus2rV81x3rzCEIwxfCTKhx7blR4QRaHjecjdfsmGIDtUJ4X2u2YhS9KXdlIScQf32PLTf72IBlTpnmkRPOYRNnUznptvc3fDxzGFVDiPUwuIQRMXrwtl9WeFVP30ddf7zTL4TXfW9Q12wflh5lwzsWqG7He1UENz1Kh/DJ6Ho2Zk5lYVpkGydu1bV/xS2DBsc/a7sL2kj8gWFGEB9poMkBG0=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>