Home >
SAML >
Examples >
Response

Response

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

An unsigned SAML Response with an unsigned Assertion
An unsigned SAML Response with a signed Assertion
A signed SAML Response with an unsigned Assertion
A signed SAML Response with a signed Assertion
An unsigned SAML Response with an encrypted Assertion
An unsigned SAML Response with an encrypted signed Assertion
A signed SAML Response with an encrypted Assertion
A signed SAML Response with an encrypted signed Assertion

SAML Response

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxe83cf17f-3206-be82-2be9-cbaac768715c" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxe83cf17f-3206-be82-2be9-cbaac768715c"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>wB/unMYBZKgR5NVqXjGpZXT3FEg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>HKUN8TZOwhMfxGnfdgs+gJ1jh2vSCLEDufsL8o9Pyo4z7mtoaXTMf5xC3tbXiBJFUVxRwJ6ETAQUxA2Vq1mGQDufWR4JSTi7cUqv6elt3/0ndLxqJPClLwNQ7NuGBVM8DvPf5Ps0NmAuVE+lUGNZGWoercJsZFHNLH7FpWRkoAI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx10e158ca-dde8-205c-1a9f-518d1bf6c42b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx10e158ca-dde8-205c-1a9f-518d1bf6c42b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>1/Bu9T6Khq58LwZKl9koSQFsQKA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>mhjE9tH2vAGq0oHWsRq49/Erh2dIgAR/htaM6Uw1cWl4Z537shYuDN2w1Rm8jmFwJGJ3sYFeUrvqGkqutsOgkblApyotFL74pNQVESp12ePSJSHGc0Haw5oT37bjxV2198fcAFgdZnGdT32Xpyr2n2VNviycb2JaG1lRXsEqxYA=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message & Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx14b5d2b0-b9ef-5ece-1e41-4cb54e0cdb37" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx14b5d2b0-b9ef-5ece-1e41-4cb54e0cdb37"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>B6l01SDtnHzVjGOv68TWeNNIXkM=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>qVq+QhmROW0RAzsDukd39subRCEkf30/BV5UQdtkiZ8eI4Dm0dW36a16L3C03MVHX3rT+v1eypyQIHhYDMytV99ZgAJXcwRFiLa2DBjAdnnUg6I1/xy5XZah9NYhQev+/BjpuHha3mZRCLYNFcz+lUBylB3iqfxGHKcc1wLbHGc=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx152c458c-60e7-225e-a054-0b8be0c6a3b1" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx152c458c-60e7-225e-a054-0b8be0c6a3b1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>1GlDkyzdeAgMnwSZTRkajailPko=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>scHDiVuYoo/g93iTzL7b9q94HlPOQqIJ4yANfhZyeruG9XosBInY61Arxeo0IIl3Ct067Kdp+ktfL8BYQHbFLe1EI6aVRncXKfKD2bs/B4z5eKlaPCD5wIgscMEVUBqEDITofBoxQ2NT8mC9PAMee328CiJHHbaYZ3zYpc8DlR4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>aqDIcNI5mCGTUt44oieYdr6nWvGjqvATbUseRn6b0sbxmgZm8Ob/N1/qzrWMLaBHEV3Op7599qS62c+mSnLk182AXm0mQ3ZbaHO81Is+SDtwXKV0Jee2BkiOxxPWMb26vfXBazMk7JZ5/6wv9QC7pWOvh9k/IsrqvYm02awt40E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>gdo631R/AtSVeHKbL/iHDnFJJfgwCt6qpTgjvTf2UE5/jjbeC4ebUtBZcuVSWWi2MNyM4wNeo9TON/u/OuO2h9CP+1/wxJksgA5t46lP31ssAKr7vZUgZsf48Lo8MjvHqUQn0mVaVBGQWm4/snkyjpYNepwq29qT2LWg8rzerX4JZLqFeG1DbxtuwLMj5qGFU7DVxU03htJR7zS7rsM5cHaYB4NN1L+efU2r8haETqS6DxP9XdeqUudRtSb2UMAjlmFV7yPA8MKt/xiy9wiui7/1UFjp4B+mdfeAax2oyCQxT5TaKAxpIWl4pp2OdWwNSo9grUdORnJpiPCHteWuep9w9TMRo8+zoYbQA7s87wvA/zpxhBzyENRURSmG20lH2sQAbdu+phdEls8k8UVWgmf1TSWm/W0Zcv3UI+kufM7Y94V8Llg2TQY0I9oZA9JHBfVp9DuVCj72cJdc1SRZlMChHSkpp81mhXveM0TTlYW0pmeXM3m1Fd0G7SL3Zvk7eV9Z7kxZ97r9viq0uGYC8kBDv8ZkpBz/lJXwJBhSn5jRqfpQF6Dr4g6aEWMhJD3LQ8ccbKtf3N6MPMQLKWr5fMurt3sjARHGm/8+4EwzsEOmw6C+qgj4n16Ak7cx+miGTaRugiUWhB+qK3o4fmO7vU46Jvtu4ftezEKMFj1EzNCySKPPHSOUhyLOq4oSG20WS8Uc/Eaplfkwjkhl+sTH1A6+UHcbwOUeMyRE884U0g9dWF8z/YWyeZjEABazjiatZn9ykwyg88YzzQ96DuXVCKXWKmglWxoBMPda6iNOP+0vcHATIK0QTuKMpWxmQXO6a33iADHTBNvMo4J21WkdTyy6awTnj8VdWROMKZAIUFtHAWKD72K+WgRhlosU+1gNPLbuKy/3q0LoZKSgNe/zyXyJsZ/ooI43MxlbVT5zLsYWeN/Vn8oJXBOpSo0dZKNtRqQ2RmmvYgouBrgsO4xqwvVgg2lI4pq2aovltNSLIEACcX6Hu7apOwFGHS6vs45qTRNgMCCab+FjnSGY9jbUqjIFldhf45tlZ61dEpJ0JBPfBuX0EwWLIN+G6Vivd+VYV1L2fWpNFWTF35OYRIA1TMhdbzn+Rv6fXNyDiuPeU3QTJU1ddV4LVyQo6gJig/rv+YQKx73kVdqoRlr0CNcdyRGpLlSOmlAiXksh4amejQrc3rOZm/9QhptgeSO+UFecJJeEWIghplmEZ8I4AxbWwKTInSeXCtYJl900TSZPJVsu/87LUFz7khlKt9wEjtzj0AC/hfumCLSX/yAeF9kzd7sORy5e5Tja3I6hiO0bgWg+FWf3upZAc43xbU6p3MD/9pABMSooVJ8Z3uMI4mVPnnKTQb14lE2TuLC+bLepzKxRKSTzdhUlJV/3Rnu/RiXyRykOTvPHSjaPeWVAbbxynJZbuiTlJA5uTPF/5tOdoZ3Jwwjf2Z4SFvFl9X4aoOeq3Jxqv/ROx5N1NF4MtxwBoUQrRYIcBGD0Olwa67JOgV1Eij3H5IpX9iqF4C1JtxHFKDoAoae3oMa43dAqci4M0fAxs1dLQqp/8E6gTD6gz6qDmIb+8xJ6F0kLu0n83YaoHPhb7QfDmlRTfjFWZktYSQvDZS+wXgpvBMlifm5rl+zg1h/3PSUKQ8d35sZIAXacQPtvFroMHwAetght2n0GCpWQ99VoRCuN8dmpHKwCpFL0zplWFVoCybA+fZfOO6UXAKOWBwHmJKWRwixWHrKiIDDbIL/aQdshz1b5uGaOrp0jApVt76awnkQZLuGUpRhWCISQsIB6ZKv0Bf2Wt3AaTsBFW7qWtBr/4xM6z6cO4QO/t7Y8sQuby+X6PVkqIL/5h8Hi4LOWqTb8v0LFyrCxJfSQ9OFKtaTLrcTKXAGgeQzlXAUDb4w5dYeQ+HtF/z8V5uf+Z0m971KDmoE4W79fvQroAdIYvOIye8hjdpK/QvAc3BqnzHKBFVyBsx7S3/VBETEX1pdQs5mv+UdNXJK51+R9+vtYq7Wb//HpL3aJZ4a740MPKAzAw4hTYoFNnhgxcXaEk1IPMXRPBR2g2tTrLyturTEqgJk5dmYxiDzXGSHulho4Bk5Y/K2gTw9RwhwzfwweW70remco47wPTQEM9u7GqFcX08a99GLg3iac8I8k/7yKvtKfaRgmJbtn4M28r4f/kpCSAbEIDtoILv8zl1ZilqQorWtgqqFdnkL2wqnQ8vP3nTphQmyPAacCU1Zk6bnRawZm3egJTHuAmW0igkB+H4fbzfwqEOTVzMKaeMgBZJFoZnN7U8qb9oln5dzuNZl3w4OlNUVNgyp7PgEE5/xWYxNVIvoT+1NaTpfj3pX+bqCVClMeLrZUA5TOwmXdoiMYSD9HZEAjn8gZEZAvd+VGHSJN/Ig0fTuK1S6keT5rEzamiblAHZPnOaw1+Nl08WbHI8MZHdIBrk8hy6kE7MQvEzVViZ0uGDIWxgBcHfZx0E9hmk6MEEulcHRRoPPpnd3tHJXIEUC0E+ju4qeOHnv9mC9wONHBX1g/F95JL28Lx0B7VwDd9Q5OKu6bJJWLDz3+j/YKUZaTao7xTHdrV1u49DSp31Uhk6+m5lQODydwKCn+QraBfF9skj5RlFFkBFkHr+1mM9t1fLLHVz1B0aEGPwAhOzkfY5mvsJIphiKGqQUvHNr56lETpeqR/nL56DS9Z/eJsWeGeNnvNaMeaGtKtWlgYSxfVuHRwX/LmUH0AzJXvK/NdHwdyo7rxsihgIML1B9ia+zj8pEszjY398ZIBj/bN4Q+PKG1zX5wqHLgNR21weV4UiRLh8rjV4sHmdaiGrKEUpFMRlS4UKsCABFdLpvgunOjha+V/ie0cznu30OHOXL2p+GhnvYNOm+5sYgTyAt5OIAM4TFuKJ6rhl5VV7+pnzoUWttU4SmVBZA=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed & Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>ZH2KSzAF37Q7coqb+VyJXA3VkPX5gkJSVoXTEPZsuQNsOsdAXImJ9XA5PmVwJ1c+jqNxA7Ld2p8fIrGK9c9faYipDIA0LdBXUei1Ft0QfyZxCrT+mX9hr6cF9kZnlOQIf4b8Hsxp5D37eD5zXsipo0YL1T2JxoGJCQcjWtYuK1I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>yTkTuxx1X7lUpWWPiSACKKFlWB59ZfUQQlZb4+f4WdIRnU5tuKZAodshin0Qkw9sjhbcmIiWMv9RCIM+lV2bd7JMUFM88GuQtY6I5Bf0/84E1F6BKSIAVIbovgqWdd+zoOe9rrKO9FkWd0ceYgBHCBXhRQdrDyO7I6hEvcrSYRLo+0KhADyNSJpVXJy+Yg/61E6hbBGtC5g54mQxBP5t+4+s/eU4DvfXS490fhKmTYFvMNkuxQSbeHs9gY7Dn1ZSn/wxeljR8ifbHTKg0jKAWy9paVzwuwE/3m/yzQLwmu5nU0Vmovl13fr7kps7lkosS07KJ/aucX/W3xKTB0EJjxzMPJJ4/Xi1BmwFSD5un2W2wgJGheuzPY07+mnfA5n6xqj1JzJL2gqS3uQJFA0L3dlGDy8kCR9hYFIxqUcB4hX/XgIUil+ZxnYoJamvxhZDH0+v4cSRoycv2DZgb2tlqy1ZmgfoFy+qzbKPLMWNLLw7uoP9OleC5nPmp00ZVojUMxB6U9bCayEtkvqSChdB65g5vXOmMyUzFWse2bwRvmi9ldue+UZPP32pTrtu+xi54MssyURFQlspi267ZIfpXz3haINj15mJD8c43rmZ+xOltDh2L9QRo+LfPOti37L7msVXq7xLy4QE6+FmiW0sz+5ept4tpMxHSwN74WADo7HyDEYC4iI/WbQE9l3OR4WdN/B/TPGnWp0E5neFjxxqoYfZDBgUWp8TfbPs9869/ydp+p84ge9sAK7IQM9ocxTeUDK9NvQ6eBy5ms5j32PMovxXnGsexZXmePaiZ409rJ9wVh1vkh9Y/naUZ8lyXnlgFqOQJQqBVAbaT8WuNy6yLDDlzjB4fY94eMKO7t0zEL/C6jgJcSba4AD7MC6Msz3bMuY/68nAGrhfL3BSCDG8SnF2KDccJUY5eVc66ibh0Sh9YsW4Koc4rbdVPEdutWNqvoyqwYFEA6Jjy4nco8sxgOxKlKckYosAiS0mtmLx1KGdHHHVwo5cWMwWyJuD4qbqsQUhn9CiTlR9z1mTne2c++1yItxvWZ8zdDHsgM+eijPQjsYbv8fcdvZOV6/SKuWeVJSl6XSVXS+AkBciz6nANXotDRV5lFRotlRxMckPnuQZ/JqHHYd7NBczhDE4guNCm6OtZWrFxmws/6unuTXGD52fLhgm8SGyAROuS2pw/HG++ONCpcENP+eRz2PEZfptMheSq9kc1dug+6OgzyRH7coUQ/6wshY00HomkD7m2riFGzCq6xoU9MOHs0oXpMrWOzwYUsmxJmlrucfcNy3QEH543wJ86IHNaOunM0xhIFHA1qCoMY48xLK/YwrkIAtc7oNtMs01nHfBfy89/de01KWuGhSIoSy7Hg4DxYlZr9m6g9NY4Xb8Z2EbIcEqcCX4jj3jF6vyYSYdMnP33H9eOkVsERXesJeV3bp216O7midRMU3L34J+dAJABSUSbwLn4b7Of/YCjQF95UqPsFgZh3UsHCM3MEfVyUZkFvcKHsWq2rtQiGWCeoq1ReOUZLp4Eu52eLzlFRx3GBBsSn4uu6GVV+Zq8TUsSTqFUGal+pimfN6RWF3gTG4iajmyfs/AvryVp/hDp6VK/TxeXN+d+XEKXyKZzpbGQGDUVaGvUzYHE3/3RKghrsLUcI2bBRajp9El5bJ+b37ljMC165mHcoekA59Hsjn3cU8jlFoqxWkPdfoCU0GJLRiHxY17AYJeX1F0p4mRaLATEbMenTxy5deeuZN2WBkxJULbs0mP3PKBU3TCFsXoVkPZG7usmQktij98TSd1JMVfBfKOZU21eyAnJ/CYrrlrbJwkI3ASvz7JCAfaIqiDel8PPnlV36mx+f3SxEe6dPi4t3duxjYv9Go1hZHkzioAI0OB0iB/eUrsRRx4uumsU+TTFiB0NhmUfXSEMolcy1zHtD8E3H1iwm3tOlofv+X0HrI6CxjKXkamo09GX3WTJVqfpzi5XvdgZsI75NdJRfgwRzeZAX1S6Z1+E0AVcNunTNrqGVqQRlbtac2CGYmnAou+jfbgjK80l0Wh5VFeKatnKahkHSNl8PTP3G/IRk1JbIwSgwLkxMyIiQ0y0/3bC/hhtnQndZcTpumLHPUOLQkaJ2kwNwsYAN27p1tZhzqRgZaGuG/XRGME+j6C0vOiEWA79T1m6heH/zevupbEhBU9hD/6yrl+WFTCfqQ4k7gpTnC5NgMm8PUf14cefwMsjpMT05fxwlu9wvemTCYBLxwTQOW09PHIIi7loZCmTm3+t8+8ZxVD/fznPCpAdxJTQshTfR63ryHPQKHKa+2futoNjMmxxJMV0wtpVDcisbDLJACyJEJsTwHm4WYazFkZ9sB96V2SNUdGCR2BuLx5OhC978NIhIxEbwrwyPlQbbJU5vepAHemR8YIkwNm62bfK64+96O1pT5UxHbe2Kw+8nNYYkciFl+tpQsdefqiktSbScvZluD1sVxfED0WJHxNJNT2aRtiwFrZcCANtZIUzw7fBS8COI+yKlNMW+FIi+nUM903iLK6ZmZhWA97m5qqoM6Up6+0phNLYXof7OR+3CRQ3vkqdvKAPir5A3p0zSG+mnDNoJhRfY+5j2rJ7zmMu+z6ZJ8uBjmVMdys4HnCO1pN6nlr68Fa7/ZlqX6N5baT0i2N/WIUXt51e4pd9CWmU87LNwjZUW9kYTTqBgrC0febpCUcVDC0XjUeJ3Rvm8kMoaAf1bT/miQvRhNhLsTNuCG/Mzkd4KXTC+n2MsE4WG28LPLRG742LyEzp9UqAhol2KDfYdvyGF66ixZl2kNK7CMAtLejulUArYBpHjrojK8p/b7ZzbTNufBJ38FkhGEQt/yGSQZVJPfIl0wQ1gft356CaZRjKUOn/aGToxGDVAYCyqTpSiAkgHb7D9o9dzQwFvuO1FuzHj1idMY3BDCZ3kdca7kSELcUXzQfeDfMGmRuDIHftPgdVZNiTqZJrswLHDu2VaxAl2iP4/k+yYBp7HqN8Trx+jbWb4EGtC4BqkqQ7QzMwobsqFm68gOsP5K02brAOFCj8iVRD8FBliujFfRtOk0MyTseruuDElBfwQV3LbGR45PQKTMloyupvbeCw51x1uBzCVqOvqdRy27reydhkssNMZSWvXlTcv6YNBfqDSQX2QUP0bpTFFNOFyEkjSWr++C6K/EM7U5fs+qf6JP0xb+iBYJ0eq7HwPsLCpXxRNNiIreAHSfcTBKakjDwghQQt+od8+m8n9YQc5MVQ3AZCGiiG0wtcTTiGYQNusL09NtQKBc6d0eObIXdQ1PLuLfLmDDGaHDQT+grNkbKex+jC+OpW8bXGyAAHsz+kMsAR80etChGL8hz+WdhBCBxeeFf5f7nNxHI7xLkYo6FAGFgKoiftHsU8utdW16B+8R3Xb0dgDOV33ZcKJWWVAGSz+rqar4A2br4PjTNlh84gfKIEcV+2oFFh2W7jhh9qSeQF/b3wJF+G0lX3i0CUVFafyaMhUhahuEayCu6cq9fobWzELNnxNubZJFiVSjuNy6nOsSJ2fIPSErrFeTHxKjbf+/NBUXBkQFsvzyLgeYBNMFmd3fNWgTHhYlCmV7QrQyunDK1qmC7EssviEVu0AXo270QBygwRl5qJdf6gyadQhlq9ctH6267A8BI7krNn9UejrEKmqDsizi2yFXwsxYE+Yjl1QKUUSyWToUxT8mDWU5yNqLJr46MQN4I96v/l0dohqENuFledWAxxNA1ZK6u65ypNYQcUuc+M3mUxTFcqY6WDLIFax/bfvhoSMYQdUyX9H4UPx8UHJgmvSwkeDfh0LizFzqdJJBFy5MwC4HoeqQMeGhNmtOgsZEaemro1owvEPME+Dv8zzNMbpTTnnYuQNBvAtkY6vrqg2ol8ND4rloimnAmbiEPDS9aGKd9ViEsGCjYfL0YMIQGGa9fPGHBWUCncJi51HO/c4iPRYi+aajklFn410MnzrWOlM8fBupjLASy5fXKx5uqUj8HZMm5bLlCXvNXsP1cceVDJIrku8qUCZd9mdLmS1MAOSOgsFUgtC00aUVo2wwF5GYkWCjccAqmmfQGT1HCtjPU4R9qy74mmKOmua2X3dKDdSSPLS24KkCAcCprSYmpx7t/rhAGbeXGgpD53Qc6bSemDFXXPDuuKxwWU4T3dqtgvNREKL4Kf+zvf7Nc0g6MbV3l/mOTRmJEPYu0d75FvmHfRNi7bKophEslp3pUsfPPMuAaE2/poHwqeEbbQCTPSv9wbjM/AEKjIMGHDLGSisHqXdLA9pXRJ9nt3Va23JpDjWk/u6TzfzjDafyZRghQJ2eTXr4Rho2l9oj0p4fwIsOxI7Lky3fhIE4MBeyCvVraBqezaDskMjKnc+XAdhpMrjUDuN5Yx8LjP9qCAzBGl5aZpbmlobVsUgVB8Jx27fgNgq5KLj1hPWdb7cIPDIh7i3gomhY1WqPpcNJw3N+U7Avmxo/GeVevdE2iRH/yTzircItmyY2lIIbh4fIUFhxW+Qq8aoZLlbN/wGCSgvMO6xag7HkuAPiRH66DsgwKakhrHP4pAB1/NoAusaITFfF0ukqAxphZKauR3MVCUTsO2TLVU4bt134e2sqotMoHltggL196nzvko2yyX02DbiHB7PSNPvLwvAuD2aocjeU0a4Xj6WQRV+CNoYr/NlFz+ap8hZRuXa4yPalojrAnRRi2FcrrEXCfetdo3VrWz/PWS3NZARKreAyH0Q8gOGePH66BNK9VyVa7YGbziyYrTafpCFojyLnmbzKLvbdPeXWF9gfrxDw6K6kMi06H2AdpMoKaR0A6N8FdY1+HGkBwaCt0wG84LcmBXgah2xV52dQHyLoWmojWpeKgzvBvpQtmgAAi/INx+f6ii5DYrsM0djih8gX4AoauPEKVrCEM0U8mn+1YKDWt620VJUBdxwbENgxB1ebLfVZ5InFypHaQBJQn00Ao5ztryzKhllQbTMwRwv1zQ+xlpvgpQpdL/woW6K3hgCLZN2A6ZEuRoWjK3hcfmgRFsTgF8++DnZww8KOtV2KSQUOLraRTkRMzUjGtCv8BJ3iaeOWTipCsHtTJcPRqX367n5S4ZDXfhC4tzXCBPpxgmu49atYcneT6w6ypA2F0CEYknwfCPKWk25XQPiY37aWhTV+jujXuy7wRF1iCqLjk6YOIuD86B4atEyT3tM2oeQUF9AxVwc959Vm/mxL2Z0xG1u2616r3i9xJC4HJlY1/3q7gd1ylTSt5p+UlCXeykolyK8WaG1xbd1bMmLMjChY6FEQV1dNdW3CSHL+yOO3yNaI0xKSb1Wa83zC2MwQ2dI4LDGvgvMPciZmWkNzSIiof+Yya6+pWXDa4+6O6JUGAMuv0ezDTOoRq1Lze/5tEYswisP86U7pIz3dORPnpC54khz1cR9x9FEM62WZoopthFhNt2h4fRlztpntf2OmUqUARfc2sMnaHNSQ8OoWXqZ8ekAaHib/bBMkCOqs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx2603ba13-6c21-8df4-5ee7-be1495772d75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2603ba13-6c21-8df4-5ee7-be1495772d75"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ea1UYNzPR5cgRL7rVsQ8l8ibsgk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>BoRJtWQ9ztFhXk2GI+J2q3MDDR9DtzgigmYQfsmivJjl8+P3sDeX0hNwYN/GG92I8m76Kqf5r6klCznYjxmhgzKPe+L6R+5q1yneLB41pEAuXsJ7S9xCu35G7fNxdkxu7VldlYeBTUeQqU8Bs3Zu7Ye6ZRej8rE0YwmgOb0IHYI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>aqDIcNI5mCGTUt44oieYdr6nWvGjqvATbUseRn6b0sbxmgZm8Ob/N1/qzrWMLaBHEV3Op7599qS62c+mSnLk182AXm0mQ3ZbaHO81Is+SDtwXKV0Jee2BkiOxxPWMb26vfXBazMk7JZ5/6wv9QC7pWOvh9k/IsrqvYm02awt40E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>gdo631R/AtSVeHKbL/iHDnFJJfgwCt6qpTgjvTf2UE5/jjbeC4ebUtBZcuVSWWi2MNyM4wNeo9TON/u/OuO2h9CP+1/wxJksgA5t46lP31ssAKr7vZUgZsf48Lo8MjvHqUQn0mVaVBGQWm4/snkyjpYNepwq29qT2LWg8rzerX4JZLqFeG1DbxtuwLMj5qGFU7DVxU03htJR7zS7rsM5cHaYB4NN1L+efU2r8haETqS6DxP9XdeqUudRtSb2UMAjlmFV7yPA8MKt/xiy9wiui7/1UFjp4B+mdfeAax2oyCQxT5TaKAxpIWl4pp2OdWwNSo9grUdORnJpiPCHteWuep9w9TMRo8+zoYbQA7s87wvA/zpxhBzyENRURSmG20lH2sQAbdu+phdEls8k8UVWgmf1TSWm/W0Zcv3UI+kufM7Y94V8Llg2TQY0I9oZA9JHBfVp9DuVCj72cJdc1SRZlMChHSkpp81mhXveM0TTlYW0pmeXM3m1Fd0G7SL3Zvk7eV9Z7kxZ97r9viq0uGYC8kBDv8ZkpBz/lJXwJBhSn5jRqfpQF6Dr4g6aEWMhJD3LQ8ccbKtf3N6MPMQLKWr5fMurt3sjARHGm/8+4EwzsEOmw6C+qgj4n16Ak7cx+miGTaRugiUWhB+qK3o4fmO7vU46Jvtu4ftezEKMFj1EzNCySKPPHSOUhyLOq4oSG20WS8Uc/Eaplfkwjkhl+sTH1A6+UHcbwOUeMyRE884U0g9dWF8z/YWyeZjEABazjiatZn9ykwyg88YzzQ96DuXVCKXWKmglWxoBMPda6iNOP+0vcHATIK0QTuKMpWxmQXO6a33iADHTBNvMo4J21WkdTyy6awTnj8VdWROMKZAIUFtHAWKD72K+WgRhlosU+1gNPLbuKy/3q0LoZKSgNe/zyXyJsZ/ooI43MxlbVT5zLsYWeN/Vn8oJXBOpSo0dZKNtRqQ2RmmvYgouBrgsO4xqwvVgg2lI4pq2aovltNSLIEACcX6Hu7apOwFGHS6vs45qTRNgMCCab+FjnSGY9jbUqjIFldhf45tlZ61dEpJ0JBPfBuX0EwWLIN+G6Vivd+VYV1L2fWpNFWTF35OYRIA1TMhdbzn+Rv6fXNyDiuPeU3QTJU1ddV4LVyQo6gJig/rv+YQKx73kVdqoRlr0CNcdyRGpLlSOmlAiXksh4amejQrc3rOZm/9QhptgeSO+UFecJJeEWIghplmEZ8I4AxbWwKTInSeXCtYJl900TSZPJVsu/87LUFz7khlKt9wEjtzj0AC/hfumCLSX/yAeF9kzd7sORy5e5Tja3I6hiO0bgWg+FWf3upZAc43xbU6p3MD/9pABMSooVJ8Z3uMI4mVPnnKTQb14lE2TuLC+bLepzKxRKSTzdhUlJV/3Rnu/RiXyRykOTvPHSjaPeWVAbbxynJZbuiTlJA5uTPF/5tOdoZ3Jwwjf2Z4SFvFl9X4aoOeq3Jxqv/ROx5N1NF4MtxwBoUQrRYIcBGD0Olwa67JOgV1Eij3H5IpX9iqF4C1JtxHFKDoAoae3oMa43dAqci4M0fAxs1dLQqp/8E6gTD6gz6qDmIb+8xJ6F0kLu0n83YaoHPhb7QfDmlRTfjFWZktYSQvDZS+wXgpvBMlifm5rl+zg1h/3PSUKQ8d35sZIAXacQPtvFroMHwAetght2n0GCpWQ99VoRCuN8dmpHKwCpFL0zplWFVoCybA+fZfOO6UXAKOWBwHmJKWRwixWHrKiIDDbIL/aQdshz1b5uGaOrp0jApVt76awnkQZLuGUpRhWCISQsIB6ZKv0Bf2Wt3AaTsBFW7qWtBr/4xM6z6cO4QO/t7Y8sQuby+X6PVkqIL/5h8Hi4LOWqTb8v0LFyrCxJfSQ9OFKtaTLrcTKXAGgeQzlXAUDb4w5dYeQ+HtF/z8V5uf+Z0m971KDmoE4W79fvQroAdIYvOIye8hjdpK/QvAc3BqnzHKBFVyBsx7S3/VBETEX1pdQs5mv+UdNXJK51+R9+vtYq7Wb//HpL3aJZ4a740MPKAzAw4hTYoFNnhgxcXaEk1IPMXRPBR2g2tTrLyturTEqgJk5dmYxiDzXGSHulho4Bk5Y/K2gTw9RwhwzfwweW70remco47wPTQEM9u7GqFcX08a99GLg3iac8I8k/7yKvtKfaRgmJbtn4M28r4f/kpCSAbEIDtoILv8zl1ZilqQorWtgqqFdnkL2wqnQ8vP3nTphQmyPAacCU1Zk6bnRawZm3egJTHuAmW0igkB+H4fbzfwqEOTVzMKaeMgBZJFoZnN7U8qb9oln5dzuNZl3w4OlNUVNgyp7PgEE5/xWYxNVIvoT+1NaTpfj3pX+bqCVClMeLrZUA5TOwmXdoiMYSD9HZEAjn8gZEZAvd+VGHSJN/Ig0fTuK1S6keT5rEzamiblAHZPnOaw1+Nl08WbHI8MZHdIBrk8hy6kE7MQvEzVViZ0uGDIWxgBcHfZx0E9hmk6MEEulcHRRoPPpnd3tHJXIEUC0E+ju4qeOHnv9mC9wONHBX1g/F95JL28Lx0B7VwDd9Q5OKu6bJJWLDz3+j/YKUZaTao7xTHdrV1u49DSp31Uhk6+m5lQODydwKCn+QraBfF9skj5RlFFkBFkHr+1mM9t1fLLHVz1B0aEGPwAhOzkfY5mvsJIphiKGqQUvHNr56lETpeqR/nL56DS9Z/eJsWeGeNnvNaMeaGtKtWlgYSxfVuHRwX/LmUH0AzJXvK/NdHwdyo7rxsihgIML1B9ia+zj8pEszjY398ZIBj/bN4Q+PKG1zX5wqHLgNR21weV4UiRLh8rjV4sHmdaiGrKEUpFMRlS4UKsCABFdLpvgunOjha+V/ie0cznu30OHOXL2p+GhnvYNOm+5sYgTyAt5OIAM4TFuKJ6rhl5VV7+pnzoUWttU4SmVBZA=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message, Signed & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx1c27bfe8-5180-a9e7-7956-389297a8dc9b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx1c27bfe8-5180-a9e7-7956-389297a8dc9b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>7L8MRT7/RPY9kA7dmodhRItwRm8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>PGTgr9gpC/EZrRARG9TeoR+QyIeRYqsd1vLRYDKW8Z7xHP1PHyRb/sKoKo6T4CGQByfwv7mT8KtmsuHy8UDQECnUQRN16oDNJfedTCDDe2crflw9UN8M7UA5VXg82yf6xym/YjXKL7QX3AAgVjRZGxAOjqaCx8P/DA528ueKBR4=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>ZH2KSzAF37Q7coqb+VyJXA3VkPX5gkJSVoXTEPZsuQNsOsdAXImJ9XA5PmVwJ1c+jqNxA7Ld2p8fIrGK9c9faYipDIA0LdBXUei1Ft0QfyZxCrT+mX9hr6cF9kZnlOQIf4b8Hsxp5D37eD5zXsipo0YL1T2JxoGJCQcjWtYuK1I=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>yTkTuxx1X7lUpWWPiSACKKFlWB59ZfUQQlZb4+f4WdIRnU5tuKZAodshin0Qkw9sjhbcmIiWMv9RCIM+lV2bd7JMUFM88GuQtY6I5Bf0/84E1F6BKSIAVIbovgqWdd+zoOe9rrKO9FkWd0ceYgBHCBXhRQdrDyO7I6hEvcrSYRLo+0KhADyNSJpVXJy+Yg/61E6hbBGtC5g54mQxBP5t+4+s/eU4DvfXS490fhKmTYFvMNkuxQSbeHs9gY7Dn1ZSn/wxeljR8ifbHTKg0jKAWy9paVzwuwE/3m/yzQLwmu5nU0Vmovl13fr7kps7lkosS07KJ/aucX/W3xKTB0EJjxzMPJJ4/Xi1BmwFSD5un2W2wgJGheuzPY07+mnfA5n6xqj1JzJL2gqS3uQJFA0L3dlGDy8kCR9hYFIxqUcB4hX/XgIUil+ZxnYoJamvxhZDH0+v4cSRoycv2DZgb2tlqy1ZmgfoFy+qzbKPLMWNLLw7uoP9OleC5nPmp00ZVojUMxB6U9bCayEtkvqSChdB65g5vXOmMyUzFWse2bwRvmi9ldue+UZPP32pTrtu+xi54MssyURFQlspi267ZIfpXz3haINj15mJD8c43rmZ+xOltDh2L9QRo+LfPOti37L7msVXq7xLy4QE6+FmiW0sz+5ept4tpMxHSwN74WADo7HyDEYC4iI/WbQE9l3OR4WdN/B/TPGnWp0E5neFjxxqoYfZDBgUWp8TfbPs9869/ydp+p84ge9sAK7IQM9ocxTeUDK9NvQ6eBy5ms5j32PMovxXnGsexZXmePaiZ409rJ9wVh1vkh9Y/naUZ8lyXnlgFqOQJQqBVAbaT8WuNy6yLDDlzjB4fY94eMKO7t0zEL/C6jgJcSba4AD7MC6Msz3bMuY/68nAGrhfL3BSCDG8SnF2KDccJUY5eVc66ibh0Sh9YsW4Koc4rbdVPEdutWNqvoyqwYFEA6Jjy4nco8sxgOxKlKckYosAiS0mtmLx1KGdHHHVwo5cWMwWyJuD4qbqsQUhn9CiTlR9z1mTne2c++1yItxvWZ8zdDHsgM+eijPQjsYbv8fcdvZOV6/SKuWeVJSl6XSVXS+AkBciz6nANXotDRV5lFRotlRxMckPnuQZ/JqHHYd7NBczhDE4guNCm6OtZWrFxmws/6unuTXGD52fLhgm8SGyAROuS2pw/HG++ONCpcENP+eRz2PEZfptMheSq9kc1dug+6OgzyRH7coUQ/6wshY00HomkD7m2riFGzCq6xoU9MOHs0oXpMrWOzwYUsmxJmlrucfcNy3QEH543wJ86IHNaOunM0xhIFHA1qCoMY48xLK/YwrkIAtc7oNtMs01nHfBfy89/de01KWuGhSIoSy7Hg4DxYlZr9m6g9NY4Xb8Z2EbIcEqcCX4jj3jF6vyYSYdMnP33H9eOkVsERXesJeV3bp216O7midRMU3L34J+dAJABSUSbwLn4b7Of/YCjQF95UqPsFgZh3UsHCM3MEfVyUZkFvcKHsWq2rtQiGWCeoq1ReOUZLp4Eu52eLzlFRx3GBBsSn4uu6GVV+Zq8TUsSTqFUGal+pimfN6RWF3gTG4iajmyfs/AvryVp/hDp6VK/TxeXN+d+XEKXyKZzpbGQGDUVaGvUzYHE3/3RKghrsLUcI2bBRajp9El5bJ+b37ljMC165mHcoekA59Hsjn3cU8jlFoqxWkPdfoCU0GJLRiHxY17AYJeX1F0p4mRaLATEbMenTxy5deeuZN2WBkxJULbs0mP3PKBU3TCFsXoVkPZG7usmQktij98TSd1JMVfBfKOZU21eyAnJ/CYrrlrbJwkI3ASvz7JCAfaIqiDel8PPnlV36mx+f3SxEe6dPi4t3duxjYv9Go1hZHkzioAI0OB0iB/eUrsRRx4uumsU+TTFiB0NhmUfXSEMolcy1zHtD8E3H1iwm3tOlofv+X0HrI6CxjKXkamo09GX3WTJVqfpzi5XvdgZsI75NdJRfgwRzeZAX1S6Z1+E0AVcNunTNrqGVqQRlbtac2CGYmnAou+jfbgjK80l0Wh5VFeKatnKahkHSNl8PTP3G/IRk1JbIwSgwLkxMyIiQ0y0/3bC/hhtnQndZcTpumLHPUOLQkaJ2kwNwsYAN27p1tZhzqRgZaGuG/XRGME+j6C0vOiEWA79T1m6heH/zevupbEhBU9hD/6yrl+WFTCfqQ4k7gpTnC5NgMm8PUf14cefwMsjpMT05fxwlu9wvemTCYBLxwTQOW09PHIIi7loZCmTm3+t8+8ZxVD/fznPCpAdxJTQshTfR63ryHPQKHKa+2futoNjMmxxJMV0wtpVDcisbDLJACyJEJsTwHm4WYazFkZ9sB96V2SNUdGCR2BuLx5OhC978NIhIxEbwrwyPlQbbJU5vepAHemR8YIkwNm62bfK64+96O1pT5UxHbe2Kw+8nNYYkciFl+tpQsdefqiktSbScvZluD1sVxfED0WJHxNJNT2aRtiwFrZcCANtZIUzw7fBS8COI+yKlNMW+FIi+nUM903iLK6ZmZhWA97m5qqoM6Up6+0phNLYXof7OR+3CRQ3vkqdvKAPir5A3p0zSG+mnDNoJhRfY+5j2rJ7zmMu+z6ZJ8uBjmVMdys4HnCO1pN6nlr68Fa7/ZlqX6N5baT0i2N/WIUXt51e4pd9CWmU87LNwjZUW9kYTTqBgrC0febpCUcVDC0XjUeJ3Rvm8kMoaAf1bT/miQvRhNhLsTNuCG/Mzkd4KXTC+n2MsE4WG28LPLRG742LyEzp9UqAhol2KDfYdvyGF66ixZl2kNK7CMAtLejulUArYBpHjrojK8p/b7ZzbTNufBJ38FkhGEQt/yGSQZVJPfIl0wQ1gft356CaZRjKUOn/aGToxGDVAYCyqTpSiAkgHb7D9o9dzQwFvuO1FuzHj1idMY3BDCZ3kdca7kSELcUXzQfeDfMGmRuDIHftPgdVZNiTqZJrswLHDu2VaxAl2iP4/k+yYBp7HqN8Trx+jbWb4EGtC4BqkqQ7QzMwobsqFm68gOsP5K02brAOFCj8iVRD8FBliujFfRtOk0MyTseruuDElBfwQV3LbGR45PQKTMloyupvbeCw51x1uBzCVqOvqdRy27reydhkssNMZSWvXlTcv6YNBfqDSQX2QUP0bpTFFNOFyEkjSWr++C6K/EM7U5fs+qf6JP0xb+iBYJ0eq7HwPsLCpXxRNNiIreAHSfcTBKakjDwghQQt+od8+m8n9YQc5MVQ3AZCGiiG0wtcTTiGYQNusL09NtQKBc6d0eObIXdQ1PLuLfLmDDGaHDQT+grNkbKex+jC+OpW8bXGyAAHsz+kMsAR80etChGL8hz+WdhBCBxeeFf5f7nNxHI7xLkYo6FAGFgKoiftHsU8utdW16B+8R3Xb0dgDOV33ZcKJWWVAGSz+rqar4A2br4PjTNlh84gfKIEcV+2oFFh2W7jhh9qSeQF/b3wJF+G0lX3i0CUVFafyaMhUhahuEayCu6cq9fobWzELNnxNubZJFiVSjuNy6nOsSJ2fIPSErrFeTHxKjbf+/NBUXBkQFsvzyLgeYBNMFmd3fNWgTHhYlCmV7QrQyunDK1qmC7EssviEVu0AXo270QBygwRl5qJdf6gyadQhlq9ctH6267A8BI7krNn9UejrEKmqDsizi2yFXwsxYE+Yjl1QKUUSyWToUxT8mDWU5yNqLJr46MQN4I96v/l0dohqENuFledWAxxNA1ZK6u65ypNYQcUuc+M3mUxTFcqY6WDLIFax/bfvhoSMYQdUyX9H4UPx8UHJgmvSwkeDfh0LizFzqdJJBFy5MwC4HoeqQMeGhNmtOgsZEaemro1owvEPME+Dv8zzNMbpTTnnYuQNBvAtkY6vrqg2ol8ND4rloimnAmbiEPDS9aGKd9ViEsGCjYfL0YMIQGGa9fPGHBWUCncJi51HO/c4iPRYi+aajklFn410MnzrWOlM8fBupjLASy5fXKx5uqUj8HZMm5bLlCXvNXsP1cceVDJIrku8qUCZd9mdLmS1MAOSOgsFUgtC00aUVo2wwF5GYkWCjccAqmmfQGT1HCtjPU4R9qy74mmKOmua2X3dKDdSSPLS24KkCAcCprSYmpx7t/rhAGbeXGgpD53Qc6bSemDFXXPDuuKxwWU4T3dqtgvNREKL4Kf+zvf7Nc0g6MbV3l/mOTRmJEPYu0d75FvmHfRNi7bKophEslp3pUsfPPMuAaE2/poHwqeEbbQCTPSv9wbjM/AEKjIMGHDLGSisHqXdLA9pXRJ9nt3Va23JpDjWk/u6TzfzjDafyZRghQJ2eTXr4Rho2l9oj0p4fwIsOxI7Lky3fhIE4MBeyCvVraBqezaDskMjKnc+XAdhpMrjUDuN5Yx8LjP9qCAzBGl5aZpbmlobVsUgVB8Jx27fgNgq5KLj1hPWdb7cIPDIh7i3gomhY1WqPpcNJw3N+U7Avmxo/GeVevdE2iRH/yTzircItmyY2lIIbh4fIUFhxW+Qq8aoZLlbN/wGCSgvMO6xag7HkuAPiRH66DsgwKakhrHP4pAB1/NoAusaITFfF0ukqAxphZKauR3MVCUTsO2TLVU4bt134e2sqotMoHltggL196nzvko2yyX02DbiHB7PSNPvLwvAuD2aocjeU0a4Xj6WQRV+CNoYr/NlFz+ap8hZRuXa4yPalojrAnRRi2FcrrEXCfetdo3VrWz/PWS3NZARKreAyH0Q8gOGePH66BNK9VyVa7YGbziyYrTafpCFojyLnmbzKLvbdPeXWF9gfrxDw6K6kMi06H2AdpMoKaR0A6N8FdY1+HGkBwaCt0wG84LcmBXgah2xV52dQHyLoWmojWpeKgzvBvpQtmgAAi/INx+f6ii5DYrsM0djih8gX4AoauPEKVrCEM0U8mn+1YKDWt620VJUBdxwbENgxB1ebLfVZ5InFypHaQBJQn00Ao5ztryzKhllQbTMwRwv1zQ+xlpvgpQpdL/woW6K3hgCLZN2A6ZEuRoWjK3hcfmgRFsTgF8++DnZww8KOtV2KSQUOLraRTkRMzUjGtCv8BJ3iaeOWTipCsHtTJcPRqX367n5S4ZDXfhC4tzXCBPpxgmu49atYcneT6w6ypA2F0CEYknwfCPKWk25XQPiY37aWhTV+jujXuy7wRF1iCqLjk6YOIuD86B4atEyT3tM2oeQUF9AxVwc959Vm/mxL2Z0xG1u2616r3i9xJC4HJlY1/3q7gd1ylTSt5p+UlCXeykolyK8WaG1xbd1bMmLMjChY6FEQV1dNdW3CSHL+yOO3yNaI0xKSb1Wa83zC2MwQ2dI4LDGvgvMPciZmWkNzSIiof+Yya6+pWXDa4+6O6JUGAMuv0ezDTOoRq1Lze/5tEYswisP86U7pIz3dORPnpC54khz1cR9x9FEM62WZoopthFhNt2h4fRlztpntf2OmUqUARfc2sMnaHNSQ8OoWXqZ8ekAaHib/bBMkCOqs=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>