Online Tools Menu Close

SAML Response (IdP -> SP)

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

  • An unsigned SAML Response with an unsigned Assertion
  • An unsigned SAML Response with a signed Assertion
  • A signed SAML Response with an unsigned Assertion
  • A signed SAML Response with a signed Assertion
  • An unsigned SAML Response with an encrypted Assertion
  • An unsigned SAML Response with an encrypted signed Assertion
  • A signed SAML Response with an encrypted Assertion
  • A signed SAML Response with an encrypted signed Assertion
`
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxa3c55df7-3f67-9505-2ee1-e6623cbf05fc" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxa3c55df7-3f67-9505-2ee1-e6623cbf05fc"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>lJQVJUTs1WJ6ymkns+7dBG4JtXo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>nL9afdV03KqQFyWVPY0XQ1YpTkbYvPFiQFaPUvzNkklJjN0pMi6Q3RsrYIcJOf5XV96eQ4KD65nSm94+wxODmx55syUJ/AquvDmSe5AoLua4uGhxkpPnrc+wTuBwuxZFB+y4YWAl7yT8IjF/Cql4dAqLXUlFbjaprDBYlPGBzbs=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx04386182-fee6-d244-b2f2-a711d03ee305" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx04386182-fee6-d244-b2f2-a711d03ee305"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Ictvwizkx92D5py7i8BDUx2+3yg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>I3xiryFBDcjjltOjYea0CchaKlxYtvQvRyEYumIQQP2y21DVnuilciQCk0HirrJ61JYjBELeMLRNCge2GQiYU7EegLWXL/79ZWJ+wmOoJ863V1ky80oewwaNYbLDcUgmN8WMZscG/qsLBznCaZCwX36OHK8hrVTxOuEXAkHawb8=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx229d2cda-9d97-306d-cbfb-4bd75dd4fff3" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx229d2cda-9d97-306d-cbfb-4bd75dd4fff3"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Q52mqjxsT3auuvWkmvFQmKF9qeo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R2JUG6Mo3VEoivDbASLI7CnPzAcYaHVwJ3d+iQFy2MWzQyv06FPSah1rJNS5jMXN+mpcdLJsL6jfuxc321SIqrEGQMo339/cJf+sLz4al8sJYXoHTdyp5h4QG/FrL4MSJbY0fXNM++IDwqXP1T3tD2eKHaX0L59ZSnX6N+6bT8I=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx6dd0e65c-f29c-0e50-09b9-f46c6784ea1a" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx6dd0e65c-f29c-0e50-09b9-f46c6784ea1a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>SgT8jov/9ijyYLUpRrFx82twUSc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>C7p2xiOJUFc3q3NiiGkBaiBvNXPeQbbd/JqZGFpry9xaZLWy9VjaEzuSJhlGi2CQgQD/WkTwObuF1AdScLm9Esl5ZHY0+yIXwndWEutXXba9t/ExMMOAMCXMxxV2QpPIWr5FvQ/Je2VjcuRNNCZH/WNFkHrrzwaWBKtsuDiyVt4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>QtnE4yLFGeQo1ugixLEFijQWIEa3vGn7eY1BA6Sdm7wBRs7ELxrdgSlW7SRRPDH/GC31fInWHccgJBqbEo0ds/SgI7o8h8axhJZo/Hpp6iBJSNXWt+1QK28AeLhWxqwLFqUGNwlty2bemBTwagVBvrS5tClUeIs2lPjwUnnmxps=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Ut8u70DK8i1mr2fuIHPIbfI0yMlCW15H1gxqmD7h1TolfnC1eNp0ASg3HHZyVIvys5gt/Sv1AfK+kKV0+9NZBNM8voZPoh95MRs+Bxj0/7D4OkRcyxE0uss69FcvK4bOWkToc52w7sIVWeeqIPxAff8iF/6mkBZYGsjaXCgWNgXn4m+RwAXZO+/9rSF5r+VDibSJ9VrsehVVDr4jF65CSnHwFt57QdVeab4cUfb+x1wQieeGfnUBtLbSTGxkXnuOtIlMr2yhWksrkf4HGVX5vsUiNBGbkz54bwRSCptCilqp79qXm0htnmjbKo6QZxR/TECOGSoueqqdv+dCUK8xst6+7q3rRQHgO2eJOm8R5A8uuX6w8MehpAn01o/5NOOxl0R5AEQJ7lB5KLBRH0MUUqeJu9f/m0JBC5bZjujHJ/udtAm5s5mdUPKX0OAH0UTIKhUpRcMAP9pAICSYJshttzvVcnWY7oMohuQ4JFRtBiojyDP8C9hW5h7GpYC82+HvqidEfWCLCcO447QBjl3gtIY9N0ocfWbIg4be+VU9+W6PcfCanMiV1CmGqm7CCwsgDXoxY4tpwgTQxif6yVgp4dUrIEfpXapY3H3syOlhodqN6eedDA/OIihWiH44kIfuy0sGI2rF1M3wL6D1pbG7fMzoj2za+0yZqig6aripx0YJAIkAc497H+DNt5d92/dE5d4MKhyoMEkNgEad04xxE8cUEiGljtP1hibOrl3zH6yFO4Ow91tRT7ORoqkpFBOb4qvMYdYhF3XPZXmIdAGfZk2HijwHX/QRBUJijy305uB7Zr2FG4f5TDXY+GYw44w7TOLy6w102FPyVxgdMC8COJJakR/qmrYoRoEEktqPYKFiS1EBd6jGgXw5TUyEwQrE88540V6QBDjRV66TNwBRFcG3KSG/Jz2WSCzfnGVHjXrG8+KCoGpkNrO4H70W0PBk3Egx/tXn5ovl485qhh/gL6SH2VZbePC6OkMbAMA6OBXTueSiRj/fZyQcY4ZA2jXfnqiAkQNKJbL933mCIv1oZOwQyNQskHSZWd9vZrlx+8XGqv6iuFWx0f8/ddSBIEMoqKmJE4EvoaSVLbDt4iHT8I7DGVJ3WiAOmDNM24kxjy90nx5WuIWfMkfoNnmhkU5TO4nhaIY8LZ1tnVbopYwM8mAfnLh4SCF38vrL5r9EHRfVtdsjcGL7H16maiHLZNHf8HBPrPvlgYcSBOmIEE/ZrsPERc4FiTgrKeShGexINckoV7TD5q4OjxHKdpcbMysnjmGgIZ0nwxhc3RAt4/r6pK7vD8dzfRV7jhrWfhiEmSWuqzcdyTkFkTzTqAL/OGcusAKZze7KwbY4Chl6aIopW1W7MaQ6R6gr+NFAHtJoAK3vjllT77A7evpfD//lJvSRebuIQGPocigCNsw20GENY15Xomt/nL46hDKwaeWE2wZAeJMLNhM+F/JjWoiUPr0ocQUqpYBUK62lAtG56zfESMp/4eDNlC0tgU3wwYNGHuXqs1gogQPF14HYRlV8RmWU1E0xpGx23Xuo09Xof24uHh2apzrkI9lMOGV+K1yCUSoEvQOetpcxlTeYsCYNzRxCKY7gQ0fhjRmUf8KTJGZLy0am800tkCazHHogEFe1rqkLmbXgyqBi5UoMek7mF8YDUflxtyTfQvsvxB5P5wND6NBJUuwyUaUdFsDvfk1q8be+BeKdnqLudNTPl4EwQkz9ejFTqskv2H+U6yXFcBw8N6B+8wgQYXIehKXxwF6Bhw2lQjQscMwOidTAeykJlNWPDJ8ZZdh/3DOVN1CN9OSLG6X7o4IiIfm+4DpqSYyWfvp+Q9np1SRA0xyKXlq4UmeCZqnBCEMmJSVpydyYJOKjKKd0JFNr4Dght5x3tnlFmd9ljZ3lcgKKtgBltfezXnVM0gMe5fqyb894aLGy+W1MmRz3BE5HeyzDvGNcMTQvnPIwb0wKKxS9n5V8iQvbIZxOLpJkG2NykN3PE48aH3//U37zJSh62AkKKo/ttyY32YsDA4w57Vs6JF4eRsg8jAyqrGRbgAM02k/98eNtYU/6v5MMlxOPr4OvS3BRyVk/xVi7uktkCbA3xTjE//4rl1CRqrPgllt6qCXgcYyh+qQqY8tIovkR/ZmjKJXaY74jyjCvK3OlpZvkzVbGhTDkJftzw6h5LzEgpo2GvcOJKfxooX5rx0fIUqYfQxo57pX9ed+GhRfWOzcbGjiEjxXbWMAWUvq+I6SqiyQA+8K6+DVk9GVIxwwbvYDfFD6XpZjJzPURCSJCCCMrvpW6So1AzpvcgWJm3Tgtr0U/7uyuQg84r2Q84vqwPyCjpREHWVB85xc/cBOLQnGryqccieWsZgNGful4sU4jJOfhG6PlFb00hfthO/llXDdbJ6Ur3FC4Bf3nUVPrpW2wQtQP6veR5HiayzuBWxIV5s+j+BaHIkOQ5J7HH+YBTPqvtUwOm+2NtDExaAbcRPmbnSF9mldGRKsC4dpWy9zK6ZbKJfGPMYDj5oioqMM2wSfS+haNtsypdyEh8a5B1mVKJHBtIvnVeG3ula1hTQ9YI9gwIscO//0BUfmKEI+y5n4FXS9jDNegD3fO49rTBk2jMBq/7OcHmIfnPkRvgRaWIS4agSAIex/z7ujWuio8O3HdRVs368IdoTmFYaE8mKfcoXd6bbbTGiqvY5TpTIBPvDLq4GOaxrZF2zIqjRt3X031ezt7GU2BR2v6cWoHt5Cr/1s9JCiNb21ZqmPXcys0Z1w3ZvbBRoldpaO+7EGHl85kheOTH93kMI9mTE2vdvgUw/W48Yb+nRIV0s2CO/hOwSE+m+pz8g7s5Hy0iajVU54dScCcQzBIfTtJCJmkrx/gGi5fxz/8lE6aF60V+BI6eLNgELcN6ar/PjJL/nFCBU5lmCD361al0s8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>MPdAhRoT674B0BUwCQ9hDql4oUCUd4oK4tyRDsjGRdKJONvGFv3saIApS/lrfJEcQkGOSuQipRMa3PjYQxhFONrny6NUEQ73XdF7XMsKLIPqlSjD8PfSDw/TngRZ+qW5M6oavjVfuO0eWpXy58JQkfE6BcQN9q2wuz8Xyw3X9Zo=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>NG5fxi4FZnb3ARz3GhRyyQCnVQUl/nPC24Zy2MhPwCjdDC+tAeD1MdIS268/bn8Wxeurod90ZzZmHZR2AIKSjn9gDyjWPXMSMbDYd/nX+DJT4FgyYPmpuOLdbtWGgpjLZmcdHoZSqpe4Vrbi+gHNtrHvt/hK7sxGe7yMEMslC/sumuzzlaVjCcaaKnQc80pSmys2b4AohJ0t/cHTE6UaTfnJFzRJ4Apz3EGypa42JBqXjj6Ns5kh6LFHwn3WtgTTA6rv+esDGCEHDIagtamekgmkuurYXuWvm03QqGOyB5Y+W+q1nTB6xc7ZCOs85j34AgANMd/myKQhimPMm/EO8oc3GuC+V7uhg0qhFXYhynd3GNwQTUhPgNpTNcghQdtL3vqp+dd4p2p+F6etpbw1JkPyzMW/evqIkDzwNHPaiSnEhdOQ2MkWz5KQgTx58bMZDHJiqIRh4ZoMCTJUWR7SphCFIWSIgJHvwq4dggqHYjrRXAxDdBp2OfhaChO4HdQ1oBvAc0AOBvN89v3BYpIWUHCEPiWzLZOvZn+0Kot6C9mFD81+YrGF8q6LU4obTEnmxSMLtQAKwe8O6ed7GldzVqd+zVaDHcab0cwyAzDfrcUWWxbAlFuSNH0aUp7TERUf+44lD4Lk5TT4AAXu/Sgl+B7KgpNLTXd9UPoO8PM2iPf6vCxLE+z0JDf7h0HnIFrHxNBCJzXf7+I0ijeyy/0SWA8vjWX9rIJjkaMvr3prVVIKQpuPV9tjAdXRbwhTBInlFdxaNJA+ZoSzi/pjJZK1sZJo8iMY4wM11pbhKKinvXKroIoDaEstpXLu8kd3l6vIz7ap7qnlt5VfY2kUbWccKwftuj5a9c2X8RbM92Wd4+tWCjRZjdOYf0tGB8mTHKsyFg98vxRd8gQtyOdeVbiyhkOSAYq9qPRih4AOP6qBFN1lsNEdjVAPfcY4wVDRDh//hO5BvfmvZSjkonWLftGmj7BbEJLIhQ/ahWXL2zubs2AyTmxS+aIp0ZOZI5A2Y9lc8nFF0Gja/ZgRcbLwOt+479fRo0qj5kgfroBLu7dn3khCYb7gRaCOMg7395TNPXVXcZyxm8BltCsWrXr4hUrGrMEoxVg+h5KmC2v0xqfl+MJTbnCN10gL3FArXREBWAlF8h04T5q3+lhDErUfpI3Szuu6ieRSQYseEGBYRIFKeL1KVsOhQppqMt3riOVqR3J5hhORn/LiAqWkqk9cQWg9trLHULn5dGgXbTeF3rgth7mL+3S6vesN2rXdTW8dAFMBFY8gJibq5tohUghLmKeuC+bYtEB4ngfjuRQijJkKjjqNT0+NmiZ8XO0MU/xFMRMRgyHFGyNYOVJCyTWb8ov4ovBkwIFexjYjYzGf+7MCEhACBKyM6x2aOcykrDZkrc92cC09BzPe3DcCjDopjqveuvTv6A5M5Rdd1HN2n3m2jzSY/0G+7PtLPLipRBFOaQUjivk0jfJt4f+hCzI8xHSB1Mvr/d/L/rEhs1hYCvXJUfzDGPRaeIuyvKmnC5JvILOJHcIGDYEjRsQ4T9xf8PkcFMNXlil4LWluXpHm8gsgl1cQGOGH/AX2xETQH+JPBsyTcim9QiA8Mud7pYdh84EsrfAlcFz7/VhvapDVz1IdSF7cKMsqP34V2MH27jl0/tMoYt1gI0xru15HalhmI+cuXey9TIRiSTWDnbgQzw2sUxIwaT6vVSfw5rr9lknmnSpgze2DvhrdpmbdFnovHLk1tpr8oupyKpcrDf5T5Zl3CjJ254DnqIsIwYVXhi8ZT577iKoJ6QCiJPw12SgtmnzDEo0j1fkJC6mGTgCywWvDwV0TMV6wHHOXdG6943J9x4795oKJ80iFji72gAwdyCM39DkJQeidMG6fyRoL3/1TnatHep7qWfOOYwjIqQRq7OrLsgi5j/+d/M/a3gNngH7MmWt4PM1/iKN1WlIqk68pDT4BpBGnaxPkO1tioZSPXZsRBffOnHhAx6imyBa32T4vgemsz27Z0yU8K9PbPU4E6U0CrJc3BwDfn90XaJtM761YoDFBBegfBBmqbTZIGdlDfeH7GTmd/QUJbK/BNIb7jwgv+1sfpeV+hZtN9SMdq5ACnTeYu+PEdkpOrUkG11UdJ1cw91omnuzj+LvCH2jQF6CL/noqreibBkd4Vtop1ThZWMEO4czGhWU1pbrUVv2EaC81J6684iZJUO8ZXQxdjxAcM+IjCh87B8H4NVxxd3Wjttji9Ff58dJVyVgw6Tsq7BFU2m2nAheqosBWV4t4tkH/+4Fjc4iGvUCzN8DAB+uqOWFHuZQHjdzOS4RSfhx2pa00xbVirB6oHRV9ajNf6tyL7LUGEciFd+Q17u9kG9zKgoVPN1PJ4vJ5JkD7SAoTzHtw2qTKQAauzznvMAiYktlACiVwU1CDMR6GIFcH1/XNDLSN1ozwP3+bzXRo3pjjte3LPq35Cm56NNZhyS7bpu6q4YO+uAQQ7urj7hOvyKgS4D9tfIRR7jH27AUCBg0dARDCbsetpItvfclfjViiNDIUvuHGgfw8dmLwINlihKuCQ7yPOXMMgd8N9a8oquCBzxhi9m+ms6DV7fdjMrVmBldmy7tUqFZ+4yZg86eVPVnyFNMtJk80uAeMBLMNlKShw7P9EF8Kz0dp/PbpJKWIija0QnCKg5kvq+kt/+nSZ4linqWnoNwAhr6NmZ2SuAh3bL/+FML8TjnkePK9G/mZYHP/OdgukuNdeTRi1D/FN6/tUKu5zHmH2gA4chX8m2t0Tc7JXCK1z4HCvT4vO/xZat3ieYB2rHtAHJUA+Mm+tSTGc3yvpaW+il8hHgRuZ1d9ZZ3/TmismVDrIXC7ddq8mcj9Um7Vfq8ZkeTD035ilkm1L9zWmHbvbobAPQhzPOSjlVwOI98hMAUwk7FOmPimULGFjjo9z/FAWKdvVaOuSuoGUduj3YjXbL49048jEwec/0WKoUFtrz3oAEG9ENwb1bxI7/5oWjCPXinQRXMmJGda4wsW9y5sgudKmhEDmyR6th4XpDMW4UxbEdZTgs8NBt+7yrFAoxaU9rCOGrzzfsgKo8AvRYFStO5YQFU5Z1NK2OBhAOKrYfdvp4RQ5mBIg/2iExa07WISH2ERAAyBWDkM+ezhk07yU9gTFoe4fMMcCFsyap0g+OpE/fdCb+7drRBBS0k9Tpf1xbxulWW7WrzoK34zjVZXJ6bJ9dpk24JOgr8/+Uvt5GzwOb6sp0axu5m+WuzXfwptg91UDSeI6iJKO7g7h7HY0GQUPmC4KnbKt67WhcHITw2PAB3iI2F3kzmiN8AKSDCHrbXE9qSXOxxmnFgfKUOgKrFR2hZV9PBzbeaBMMfZxP3Gm2UtVIsG/MHVDRUk+MckvFiOZ9R6705Zw8qwRwNX0oEhB8DRSKyd7wGZS2b2KeZRSv4jRS8Pg9hafRUBfyM8nPDA78ygDh+UcJgZ9Jiir1IUICPRwRuZmZOk6z6gxd+GvCAryfltuOBuxmcwqhk+scFTzW6O/V/zq33aj1n7rChbCSNxY9BcGhcpEPa4t8r/Djkk1tzLhP1dNdyEQIq6qPs28TZjFf6c+5cr18zXZb0EDT/iJ1xbx6pCnsiq6VSm5/G+orPXZhrsA1GM7aXN9xnj44YUhLaXl5hGdcnnN+bEpgRXhZQ6vN/q/iQKa/1nj0WSj6gH4YUgJtfxL5UxTXrwT10vLsU1FOV4DJoW2A7PPtuts34d6LLtNHsUh48kGwNkHY4XEYdyCg1brNA0kGUisYLJckQJJk2B8JCCSWgx9IjGNFzeeF3StjROMvKYn1BXrHL48Vla7kVcLZurbEXuY/ppoBrKKcnSPFyX48q2VYQ0O5lvogr5wSdIzigvlRBwGc7geHLCMWdWjrVt9bDUhSA1I8a6BEs/GbxvAgQ5gteQWHVJByYHk0KySRDTeITuHnwBmaFeOGMnV7gyuY9Zw4v5Wxqjsv/fFbjB47kuuJ69jLt84UBB8I0vOAIvDw63ekabJIb2KjmtHncO8KSW7jSh6Om0iQnda3aKlMD5vK6JEMaSJvctmXy4877Hm0SclrMJdFa5t4sDUCmS5iZvhuP54O1KgclzaWXDyfS4EK+snJoo2T+VJlm6TzI7K/80EQNDciWXI7pZuX84jAgn94XhAMmg1zNVTH8vvYcKfWoMq8vSKz/DBpYzEXSsUlX8OuHY7cJJyXgVoZE29O5zpowN8zCqbLWmVXYsfEav9A/rlkcN+H3p1s0MRr4UmOiHdyPwFBaSiAkvcZuClh2icaOvbPA38iIUr+SFAblU0oIjl9TQiiIpyfYWSuXcFD91rBeRgDhhFnOovpzTmDMmkyZ0fy0r0CeloO6URGb8HL1c+pHzsVM83qPHfONMjdA2QfZvkvrV1Rv5xHbXifwsKe4oI//dK3+EvIl66btLE4W1O/n62wDCuPgfiB6kuzFBNCnLX00nlR6wbhDlO16jOlCgFmoz+dVZEUY9ChUyOaJ9cUHCynVSJ1OhnfNOZijK6gIspe2mRtpUPHd3sj5QCDm0aA36B8yKAn8eTWqaG0Dp2nS5MgjiQuXVsfrSAe5c96w2Lzm7bNYWAm1YI3grLzxcm8sWFwv+8BW71PVl2NT3yHlakiKhCTYKnT5bzkWnkZ7jWgn8A+UaDZh9zGs1jgcp7O6ezSJ2kZ7i88KAn46BHhR/zO3qPkLpD802eOssB6b4Zp7C+kI9lvmhfe232brZmxETSyIaW6e/PZGPiCgBhjo7Zc8Ngmxa5oqDrtcpgF/E2HCF9D5bY1pfDsYbxvYw7nRnwhbA3pOVQ9t885qsygGJ4+NIphaUMvmRHYaTurF6nKkPehg2IfColWUX5nUNKrXf1n5hr9Qm8pXCkRp9etql2x9ZH+LnJjaGStGWsD7ksu9Th5vOI23RaLlv7wZVwKpzXvUwPMkQ++gBMqCpmuT+FznzR0sK+CT+Xc1vvbtaqcT0tMJno+HU4aENHZ69K8tzddkbGRtQAECjFTtxRop+wewzv0xPSMc6+p1zL5cubPglw8MY8L7BukilOLENfmKPMwdDdd2ekgXV0XFuz2ErORJHddtV718cfckW9Do0MBrVGrKBJTgZQP3G1O7ALij4xXusFcwZPdMEZlusTvW/pqmAR1koBSl2A8lsDiqKAs8iGU900WOUNN4+OFDL8c2TpZO8RwGFJC4/MgEUsWV3jy+OZymx4b63vNVGIxvNgBUNrfUltpNCXiWYJ9VTTSA/JrdCrRzx4gsvMpF6DVPvkmKkF2/rUdD/1ZjVZYeNTDrI/YEYfCv0tq2iovQcD6l+wZ0kqOEFp14U4k4X9Zbzh66BxgZHKL815CtLgSkbzFEMjzRDXcIc31A+sCEKZvGJ7e1/KA9C5qo+p1qoMr7UCslHWMJqc/b+qaY/CMPeQ52V42w5QLqx/D5l0w6BKuGxkGaxUZb+B8f52e6YonlPKS/odPyCrqPAqzeSnG4EaXk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxed6468d3-b475-b766-9daf-44808c93d3e1" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxed6468d3-b475-b766-9daf-44808c93d3e1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>8XDA1FmU3DmgfN0j1ZTrpZTiY5A=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dFoQNJK347uYBhOo+dy3j0/3h4VEmCWm/1EaoOA6fEYCFi/PfXjozJOAwSp9e5IsR7WQ8AebK2fFx8KKLymR4/H9a+0xzugxsy0cVORyjuvrvdGsC0vaTQGqHnomCmuRgNki+xtcSzXCj+ezCeWeIWdr7tZXocsuT5n3m15ztQw=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>QtnE4yLFGeQo1ugixLEFijQWIEa3vGn7eY1BA6Sdm7wBRs7ELxrdgSlW7SRRPDH/GC31fInWHccgJBqbEo0ds/SgI7o8h8axhJZo/Hpp6iBJSNXWt+1QK28AeLhWxqwLFqUGNwlty2bemBTwagVBvrS5tClUeIs2lPjwUnnmxps=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>Ut8u70DK8i1mr2fuIHPIbfI0yMlCW15H1gxqmD7h1TolfnC1eNp0ASg3HHZyVIvys5gt/Sv1AfK+kKV0+9NZBNM8voZPoh95MRs+Bxj0/7D4OkRcyxE0uss69FcvK4bOWkToc52w7sIVWeeqIPxAff8iF/6mkBZYGsjaXCgWNgXn4m+RwAXZO+/9rSF5r+VDibSJ9VrsehVVDr4jF65CSnHwFt57QdVeab4cUfb+x1wQieeGfnUBtLbSTGxkXnuOtIlMr2yhWksrkf4HGVX5vsUiNBGbkz54bwRSCptCilqp79qXm0htnmjbKo6QZxR/TECOGSoueqqdv+dCUK8xst6+7q3rRQHgO2eJOm8R5A8uuX6w8MehpAn01o/5NOOxl0R5AEQJ7lB5KLBRH0MUUqeJu9f/m0JBC5bZjujHJ/udtAm5s5mdUPKX0OAH0UTIKhUpRcMAP9pAICSYJshttzvVcnWY7oMohuQ4JFRtBiojyDP8C9hW5h7GpYC82+HvqidEfWCLCcO447QBjl3gtIY9N0ocfWbIg4be+VU9+W6PcfCanMiV1CmGqm7CCwsgDXoxY4tpwgTQxif6yVgp4dUrIEfpXapY3H3syOlhodqN6eedDA/OIihWiH44kIfuy0sGI2rF1M3wL6D1pbG7fMzoj2za+0yZqig6aripx0YJAIkAc497H+DNt5d92/dE5d4MKhyoMEkNgEad04xxE8cUEiGljtP1hibOrl3zH6yFO4Ow91tRT7ORoqkpFBOb4qvMYdYhF3XPZXmIdAGfZk2HijwHX/QRBUJijy305uB7Zr2FG4f5TDXY+GYw44w7TOLy6w102FPyVxgdMC8COJJakR/qmrYoRoEEktqPYKFiS1EBd6jGgXw5TUyEwQrE88540V6QBDjRV66TNwBRFcG3KSG/Jz2WSCzfnGVHjXrG8+KCoGpkNrO4H70W0PBk3Egx/tXn5ovl485qhh/gL6SH2VZbePC6OkMbAMA6OBXTueSiRj/fZyQcY4ZA2jXfnqiAkQNKJbL933mCIv1oZOwQyNQskHSZWd9vZrlx+8XGqv6iuFWx0f8/ddSBIEMoqKmJE4EvoaSVLbDt4iHT8I7DGVJ3WiAOmDNM24kxjy90nx5WuIWfMkfoNnmhkU5TO4nhaIY8LZ1tnVbopYwM8mAfnLh4SCF38vrL5r9EHRfVtdsjcGL7H16maiHLZNHf8HBPrPvlgYcSBOmIEE/ZrsPERc4FiTgrKeShGexINckoV7TD5q4OjxHKdpcbMysnjmGgIZ0nwxhc3RAt4/r6pK7vD8dzfRV7jhrWfhiEmSWuqzcdyTkFkTzTqAL/OGcusAKZze7KwbY4Chl6aIopW1W7MaQ6R6gr+NFAHtJoAK3vjllT77A7evpfD//lJvSRebuIQGPocigCNsw20GENY15Xomt/nL46hDKwaeWE2wZAeJMLNhM+F/JjWoiUPr0ocQUqpYBUK62lAtG56zfESMp/4eDNlC0tgU3wwYNGHuXqs1gogQPF14HYRlV8RmWU1E0xpGx23Xuo09Xof24uHh2apzrkI9lMOGV+K1yCUSoEvQOetpcxlTeYsCYNzRxCKY7gQ0fhjRmUf8KTJGZLy0am800tkCazHHogEFe1rqkLmbXgyqBi5UoMek7mF8YDUflxtyTfQvsvxB5P5wND6NBJUuwyUaUdFsDvfk1q8be+BeKdnqLudNTPl4EwQkz9ejFTqskv2H+U6yXFcBw8N6B+8wgQYXIehKXxwF6Bhw2lQjQscMwOidTAeykJlNWPDJ8ZZdh/3DOVN1CN9OSLG6X7o4IiIfm+4DpqSYyWfvp+Q9np1SRA0xyKXlq4UmeCZqnBCEMmJSVpydyYJOKjKKd0JFNr4Dght5x3tnlFmd9ljZ3lcgKKtgBltfezXnVM0gMe5fqyb894aLGy+W1MmRz3BE5HeyzDvGNcMTQvnPIwb0wKKxS9n5V8iQvbIZxOLpJkG2NykN3PE48aH3//U37zJSh62AkKKo/ttyY32YsDA4w57Vs6JF4eRsg8jAyqrGRbgAM02k/98eNtYU/6v5MMlxOPr4OvS3BRyVk/xVi7uktkCbA3xTjE//4rl1CRqrPgllt6qCXgcYyh+qQqY8tIovkR/ZmjKJXaY74jyjCvK3OlpZvkzVbGhTDkJftzw6h5LzEgpo2GvcOJKfxooX5rx0fIUqYfQxo57pX9ed+GhRfWOzcbGjiEjxXbWMAWUvq+I6SqiyQA+8K6+DVk9GVIxwwbvYDfFD6XpZjJzPURCSJCCCMrvpW6So1AzpvcgWJm3Tgtr0U/7uyuQg84r2Q84vqwPyCjpREHWVB85xc/cBOLQnGryqccieWsZgNGful4sU4jJOfhG6PlFb00hfthO/llXDdbJ6Ur3FC4Bf3nUVPrpW2wQtQP6veR5HiayzuBWxIV5s+j+BaHIkOQ5J7HH+YBTPqvtUwOm+2NtDExaAbcRPmbnSF9mldGRKsC4dpWy9zK6ZbKJfGPMYDj5oioqMM2wSfS+haNtsypdyEh8a5B1mVKJHBtIvnVeG3ula1hTQ9YI9gwIscO//0BUfmKEI+y5n4FXS9jDNegD3fO49rTBk2jMBq/7OcHmIfnPkRvgRaWIS4agSAIex/z7ujWuio8O3HdRVs368IdoTmFYaE8mKfcoXd6bbbTGiqvY5TpTIBPvDLq4GOaxrZF2zIqjRt3X031ezt7GU2BR2v6cWoHt5Cr/1s9JCiNb21ZqmPXcys0Z1w3ZvbBRoldpaO+7EGHl85kheOTH93kMI9mTE2vdvgUw/W48Yb+nRIV0s2CO/hOwSE+m+pz8g7s5Hy0iajVU54dScCcQzBIfTtJCJmkrx/gGi5fxz/8lE6aF60V+BI6eLNgELcN6ar/PjJL/nFCBU5lmCD361al0s8=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>
<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx42108ce3-a4d8-6a32-fcac-bf41951a0e77" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx42108ce3-a4d8-6a32-fcac-bf41951a0e77"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>VG55cL09u1vBbFyTjGLBKU73E9s=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>wFKnLsgPgQqHudpiLHdOudW/yuRbabcEAP888k+q7twKc40Pj1Pr4KH5dUGxY731wzL3jgBSRipCVz8j7ZN45oGV3G8G4wn4DFSRMBjUzPk8x0/b0uLuAk1GOUiKFgraxajNwAfWosC6mEuCX4Yz8dQoRUjqZn9zxzBEbsgmFnI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>MPdAhRoT674B0BUwCQ9hDql4oUCUd4oK4tyRDsjGRdKJONvGFv3saIApS/lrfJEcQkGOSuQipRMa3PjYQxhFONrny6NUEQ73XdF7XMsKLIPqlSjD8PfSDw/TngRZ+qW5M6oavjVfuO0eWpXy58JQkfE6BcQN9q2wuz8Xyw3X9Zo=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>NG5fxi4FZnb3ARz3GhRyyQCnVQUl/nPC24Zy2MhPwCjdDC+tAeD1MdIS268/bn8Wxeurod90ZzZmHZR2AIKSjn9gDyjWPXMSMbDYd/nX+DJT4FgyYPmpuOLdbtWGgpjLZmcdHoZSqpe4Vrbi+gHNtrHvt/hK7sxGe7yMEMslC/sumuzzlaVjCcaaKnQc80pSmys2b4AohJ0t/cHTE6UaTfnJFzRJ4Apz3EGypa42JBqXjj6Ns5kh6LFHwn3WtgTTA6rv+esDGCEHDIagtamekgmkuurYXuWvm03QqGOyB5Y+W+q1nTB6xc7ZCOs85j34AgANMd/myKQhimPMm/EO8oc3GuC+V7uhg0qhFXYhynd3GNwQTUhPgNpTNcghQdtL3vqp+dd4p2p+F6etpbw1JkPyzMW/evqIkDzwNHPaiSnEhdOQ2MkWz5KQgTx58bMZDHJiqIRh4ZoMCTJUWR7SphCFIWSIgJHvwq4dggqHYjrRXAxDdBp2OfhaChO4HdQ1oBvAc0AOBvN89v3BYpIWUHCEPiWzLZOvZn+0Kot6C9mFD81+YrGF8q6LU4obTEnmxSMLtQAKwe8O6ed7GldzVqd+zVaDHcab0cwyAzDfrcUWWxbAlFuSNH0aUp7TERUf+44lD4Lk5TT4AAXu/Sgl+B7KgpNLTXd9UPoO8PM2iPf6vCxLE+z0JDf7h0HnIFrHxNBCJzXf7+I0ijeyy/0SWA8vjWX9rIJjkaMvr3prVVIKQpuPV9tjAdXRbwhTBInlFdxaNJA+ZoSzi/pjJZK1sZJo8iMY4wM11pbhKKinvXKroIoDaEstpXLu8kd3l6vIz7ap7qnlt5VfY2kUbWccKwftuj5a9c2X8RbM92Wd4+tWCjRZjdOYf0tGB8mTHKsyFg98vxRd8gQtyOdeVbiyhkOSAYq9qPRih4AOP6qBFN1lsNEdjVAPfcY4wVDRDh//hO5BvfmvZSjkonWLftGmj7BbEJLIhQ/ahWXL2zubs2AyTmxS+aIp0ZOZI5A2Y9lc8nFF0Gja/ZgRcbLwOt+479fRo0qj5kgfroBLu7dn3khCYb7gRaCOMg7395TNPXVXcZyxm8BltCsWrXr4hUrGrMEoxVg+h5KmC2v0xqfl+MJTbnCN10gL3FArXREBWAlF8h04T5q3+lhDErUfpI3Szuu6ieRSQYseEGBYRIFKeL1KVsOhQppqMt3riOVqR3J5hhORn/LiAqWkqk9cQWg9trLHULn5dGgXbTeF3rgth7mL+3S6vesN2rXdTW8dAFMBFY8gJibq5tohUghLmKeuC+bYtEB4ngfjuRQijJkKjjqNT0+NmiZ8XO0MU/xFMRMRgyHFGyNYOVJCyTWb8ov4ovBkwIFexjYjYzGf+7MCEhACBKyM6x2aOcykrDZkrc92cC09BzPe3DcCjDopjqveuvTv6A5M5Rdd1HN2n3m2jzSY/0G+7PtLPLipRBFOaQUjivk0jfJt4f+hCzI8xHSB1Mvr/d/L/rEhs1hYCvXJUfzDGPRaeIuyvKmnC5JvILOJHcIGDYEjRsQ4T9xf8PkcFMNXlil4LWluXpHm8gsgl1cQGOGH/AX2xETQH+JPBsyTcim9QiA8Mud7pYdh84EsrfAlcFz7/VhvapDVz1IdSF7cKMsqP34V2MH27jl0/tMoYt1gI0xru15HalhmI+cuXey9TIRiSTWDnbgQzw2sUxIwaT6vVSfw5rr9lknmnSpgze2DvhrdpmbdFnovHLk1tpr8oupyKpcrDf5T5Zl3CjJ254DnqIsIwYVXhi8ZT577iKoJ6QCiJPw12SgtmnzDEo0j1fkJC6mGTgCywWvDwV0TMV6wHHOXdG6943J9x4795oKJ80iFji72gAwdyCM39DkJQeidMG6fyRoL3/1TnatHep7qWfOOYwjIqQRq7OrLsgi5j/+d/M/a3gNngH7MmWt4PM1/iKN1WlIqk68pDT4BpBGnaxPkO1tioZSPXZsRBffOnHhAx6imyBa32T4vgemsz27Z0yU8K9PbPU4E6U0CrJc3BwDfn90XaJtM761YoDFBBegfBBmqbTZIGdlDfeH7GTmd/QUJbK/BNIb7jwgv+1sfpeV+hZtN9SMdq5ACnTeYu+PEdkpOrUkG11UdJ1cw91omnuzj+LvCH2jQF6CL/noqreibBkd4Vtop1ThZWMEO4czGhWU1pbrUVv2EaC81J6684iZJUO8ZXQxdjxAcM+IjCh87B8H4NVxxd3Wjttji9Ff58dJVyVgw6Tsq7BFU2m2nAheqosBWV4t4tkH/+4Fjc4iGvUCzN8DAB+uqOWFHuZQHjdzOS4RSfhx2pa00xbVirB6oHRV9ajNf6tyL7LUGEciFd+Q17u9kG9zKgoVPN1PJ4vJ5JkD7SAoTzHtw2qTKQAauzznvMAiYktlACiVwU1CDMR6GIFcH1/XNDLSN1ozwP3+bzXRo3pjjte3LPq35Cm56NNZhyS7bpu6q4YO+uAQQ7urj7hOvyKgS4D9tfIRR7jH27AUCBg0dARDCbsetpItvfclfjViiNDIUvuHGgfw8dmLwINlihKuCQ7yPOXMMgd8N9a8oquCBzxhi9m+ms6DV7fdjMrVmBldmy7tUqFZ+4yZg86eVPVnyFNMtJk80uAeMBLMNlKShw7P9EF8Kz0dp/PbpJKWIija0QnCKg5kvq+kt/+nSZ4linqWnoNwAhr6NmZ2SuAh3bL/+FML8TjnkePK9G/mZYHP/OdgukuNdeTRi1D/FN6/tUKu5zHmH2gA4chX8m2t0Tc7JXCK1z4HCvT4vO/xZat3ieYB2rHtAHJUA+Mm+tSTGc3yvpaW+il8hHgRuZ1d9ZZ3/TmismVDrIXC7ddq8mcj9Um7Vfq8ZkeTD035ilkm1L9zWmHbvbobAPQhzPOSjlVwOI98hMAUwk7FOmPimULGFjjo9z/FAWKdvVaOuSuoGUduj3YjXbL49048jEwec/0WKoUFtrz3oAEG9ENwb1bxI7/5oWjCPXinQRXMmJGda4wsW9y5sgudKmhEDmyR6th4XpDMW4UxbEdZTgs8NBt+7yrFAoxaU9rCOGrzzfsgKo8AvRYFStO5YQFU5Z1NK2OBhAOKrYfdvp4RQ5mBIg/2iExa07WISH2ERAAyBWDkM+ezhk07yU9gTFoe4fMMcCFsyap0g+OpE/fdCb+7drRBBS0k9Tpf1xbxulWW7WrzoK34zjVZXJ6bJ9dpk24JOgr8/+Uvt5GzwOb6sp0axu5m+WuzXfwptg91UDSeI6iJKO7g7h7HY0GQUPmC4KnbKt67WhcHITw2PAB3iI2F3kzmiN8AKSDCHrbXE9qSXOxxmnFgfKUOgKrFR2hZV9PBzbeaBMMfZxP3Gm2UtVIsG/MHVDRUk+MckvFiOZ9R6705Zw8qwRwNX0oEhB8DRSKyd7wGZS2b2KeZRSv4jRS8Pg9hafRUBfyM8nPDA78ygDh+UcJgZ9Jiir1IUICPRwRuZmZOk6z6gxd+GvCAryfltuOBuxmcwqhk+scFTzW6O/V/zq33aj1n7rChbCSNxY9BcGhcpEPa4t8r/Djkk1tzLhP1dNdyEQIq6qPs28TZjFf6c+5cr18zXZb0EDT/iJ1xbx6pCnsiq6VSm5/G+orPXZhrsA1GM7aXN9xnj44YUhLaXl5hGdcnnN+bEpgRXhZQ6vN/q/iQKa/1nj0WSj6gH4YUgJtfxL5UxTXrwT10vLsU1FOV4DJoW2A7PPtuts34d6LLtNHsUh48kGwNkHY4XEYdyCg1brNA0kGUisYLJckQJJk2B8JCCSWgx9IjGNFzeeF3StjROMvKYn1BXrHL48Vla7kVcLZurbEXuY/ppoBrKKcnSPFyX48q2VYQ0O5lvogr5wSdIzigvlRBwGc7geHLCMWdWjrVt9bDUhSA1I8a6BEs/GbxvAgQ5gteQWHVJByYHk0KySRDTeITuHnwBmaFeOGMnV7gyuY9Zw4v5Wxqjsv/fFbjB47kuuJ69jLt84UBB8I0vOAIvDw63ekabJIb2KjmtHncO8KSW7jSh6Om0iQnda3aKlMD5vK6JEMaSJvctmXy4877Hm0SclrMJdFa5t4sDUCmS5iZvhuP54O1KgclzaWXDyfS4EK+snJoo2T+VJlm6TzI7K/80EQNDciWXI7pZuX84jAgn94XhAMmg1zNVTH8vvYcKfWoMq8vSKz/DBpYzEXSsUlX8OuHY7cJJyXgVoZE29O5zpowN8zCqbLWmVXYsfEav9A/rlkcN+H3p1s0MRr4UmOiHdyPwFBaSiAkvcZuClh2icaOvbPA38iIUr+SFAblU0oIjl9TQiiIpyfYWSuXcFD91rBeRgDhhFnOovpzTmDMmkyZ0fy0r0CeloO6URGb8HL1c+pHzsVM83qPHfONMjdA2QfZvkvrV1Rv5xHbXifwsKe4oI//dK3+EvIl66btLE4W1O/n62wDCuPgfiB6kuzFBNCnLX00nlR6wbhDlO16jOlCgFmoz+dVZEUY9ChUyOaJ9cUHCynVSJ1OhnfNOZijK6gIspe2mRtpUPHd3sj5QCDm0aA36B8yKAn8eTWqaG0Dp2nS5MgjiQuXVsfrSAe5c96w2Lzm7bNYWAm1YI3grLzxcm8sWFwv+8BW71PVl2NT3yHlakiKhCTYKnT5bzkWnkZ7jWgn8A+UaDZh9zGs1jgcp7O6ezSJ2kZ7i88KAn46BHhR/zO3qPkLpD802eOssB6b4Zp7C+kI9lvmhfe232brZmxETSyIaW6e/PZGPiCgBhjo7Zc8Ngmxa5oqDrtcpgF/E2HCF9D5bY1pfDsYbxvYw7nRnwhbA3pOVQ9t885qsygGJ4+NIphaUMvmRHYaTurF6nKkPehg2IfColWUX5nUNKrXf1n5hr9Qm8pXCkRp9etql2x9ZH+LnJjaGStGWsD7ksu9Th5vOI23RaLlv7wZVwKpzXvUwPMkQ++gBMqCpmuT+FznzR0sK+CT+Xc1vvbtaqcT0tMJno+HU4aENHZ69K8tzddkbGRtQAECjFTtxRop+wewzv0xPSMc6+p1zL5cubPglw8MY8L7BukilOLENfmKPMwdDdd2ekgXV0XFuz2ErORJHddtV718cfckW9Do0MBrVGrKBJTgZQP3G1O7ALij4xXusFcwZPdMEZlusTvW/pqmAR1koBSl2A8lsDiqKAs8iGU900WOUNN4+OFDL8c2TpZO8RwGFJC4/MgEUsWV3jy+OZymx4b63vNVGIxvNgBUNrfUltpNCXiWYJ9VTTSA/JrdCrRzx4gsvMpF6DVPvkmKkF2/rUdD/1ZjVZYeNTDrI/YEYfCv0tq2iovQcD6l+wZ0kqOEFp14U4k4X9Zbzh66BxgZHKL815CtLgSkbzFEMjzRDXcIc31A+sCEKZvGJ7e1/KA9C5qo+p1qoMr7UCslHWMJqc/b+qaY/CMPeQ52V42w5QLqx/D5l0w6BKuGxkGaxUZb+B8f52e6YonlPKS/odPyCrqPAqzeSnG4EaXk=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>