<samlp:Response Destination="http://localhost:20005/saml/SSO"
ID="ID_55bd7886-5258-4111-b9a9-6cca1e2ecf3f" InResponseTo="a1e14i88dh8h56ei32ab6g87ej12heg"
IssueInstant="2019-02-28T18:04:11.250Z" Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>http://localhost:8080/auth/realms/samldemo</saml:Issuer>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<dsig:Reference URI="#ID_55bd7886-5258-4111-b9a9-6cca1e2ecf3f">
<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<dsig:DigestValue>aFH4f6Bfjrvht+UIGsKwvEnar3G6Rq7siXKB7ftUIL0=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>Ntq+p1/gnYVZTKCONoKlp1yaREzBDu1XWIfnUuVtYD9wPa1AT7UUFnpIO9rmmjY+rvJmo85toqoKYM5b9mj0NfF2Idn6h0Y91lusqiG4/znT140z6drMVlr1Y0s/WIO1IQPTF0G0TnB3/+G9Q+Tjc1Qf8dshgW1AAkFB7FH7tma9vhXCoRYZ+DZk4eq22b48j6kFPoBGwG3eQWBX0vlWBf/QB4n8acITe3DRHN7WPt0Ci70QsQ68NZxyv/asUsokiEX8k7wneEauCkFFD1LAf34ouX3ZtexI7a/n0ym+wlyhDBzYR5yYhh0O/+fv/gmCCAMNTjLypM7WayX8LpFGFg==</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:KeyName>q7ABklam1Jr0DsE0EYcW-YN3cGRR0Pe7rCqHfaqxm4E</dsig:KeyName>
<dsig:X509Data>
<dsig:X509Certificate>MIICnzCCAYcCBgFpNRDrPjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhzYW1sZGVtbzAeFw0xOTAyMjgxNzAzMTVaFw0yOTAyMjgxNzA0NTVaMBMxETAPBgNVBAMMCHNhbWxkZW1vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnCwCV4Ki7CS931c2Uolo3l175GKhlEOegWFOLzFTL7n1B0L5FAUZWRa01u+KNY8OHNoxgOSgMbWEHkYim3SG4gD3FXB065EknFPxF2606K1T6pHU26gyt0N7bYG+UiJW2cBk4r/z5mr1Ht1mT5aA0EPfL0ntV6GCHdzbrCedDDHPJE/wxm6IT0uPPSR8WC6f7373VX+uKoofslDUGFElwh5i7VP7DulRqi51tFJ4IxRb1IqiycOFcqKtQzpt5hSWI1h6Ribv3bhVoSjuqBzMI9iDMd9tBAXoVf5R1P1qP62TndyZJHsLOPLy2i4vzt3VY0Z4MCiUyXQSx18L7RDowIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAYDGh78ZlCHD/wgVqgijI2vIrNfXwn3R48ni6v/iDVdrjzse+CeRyPnSc9FONN6ZD8INaFQboU+U4cGTU4EaRpjTqqMNw2xUOZ+Om7iWXvdpZl8utiKRQqPGoRUWJuq+4hRzLeEpvUN+QSixNp4Im7kAoXbmMCTG6B1mJ+E57W/xMBEzj7aEV7c7/bU8fSd2omj19D7ndfr23Z2RAAypdiYz9T3wAcbgvKozOvMiZz+Rg6yCkYujuUJGzUqPs88VFoPMlOEkqswkGmQN0ja7Z0Fkhj4pC9IwOIyvfV1ANkPZGDnYO2Vj9orj21bySpISDu/8gqxA9djV6NXyWqVjyq</dsig:X509Certificate>
</dsig:X509Data>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>rnCwCV4Ki7CS931c2Uolo3l175GKhlEOegWFOLzFTL7n1B0L5FAUZWRa01u+KNY8OHNoxgOSgMbWEHkYim3SG4gD3FXB065EknFPxF2606K1T6pHU26gyt0N7bYG+UiJW2cBk4r/z5mr1Ht1mT5aA0EPfL0ntV6GCHdzbrCedDDHPJE/wxm6IT0uPPSR8WC6f7373VX+uKoofslDUGFElwh5i7VP7DulRqi51tFJ4IxRb1IqiycOFcqKtQzpt5hSWI1h6Ribv3bhVoSjuqBzMI9iDMd9tBAXoVf5R1P1qP62TndyZJHsLOPLy2i4vzt3VY0Z4MCiUyXQSx18L7RDow==</dsig:Modulus>
<dsig:Exponent>AQAB</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
</dsig:Signature>
<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
<saml:Assertion ID="ID_05322d51-a89d-4b93-bdb5-a86f320819f2" IssueInstant="2019-02-28T18:04:11.247Z"
Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>http://localhost:8080/auth/realms/samldemo</saml:Issuer>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<dsig:Reference URI="#ID_05322d51-a89d-4b93-bdb5-a86f320819f2">
<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<dsig:DigestValue>34FQqT/uAKGED94qjMzG4m4pf4OXjr10HPPX+o74AO0=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>ojFbmrEY0EBuEQu3Z/Xew9k3qs2zRN54Ik99I77W4m/UWAHmed6G5jQkzjCt/hoZV3d57WMU+oHDagOMhd/pc59c9b8WMUA/Fr6FZxhjvGCP229aoJtUhfoMZHZUoK/decw91L9xNglEyeGPpa9bNbvCBo+lp/l/l9iVezOzFgCmd1VigevqCoV45DGAd/wvPAld37L/rBWQNX3hurjdXVZtq8mcaqYBGn1AOZkjFZqLj8mTVdu1TTs/V3FPjUIpzWed4SzJ1FcP2smudtXUsT94ywG4cHnPVGOmY2No8WFx7ze5jgDXCbCYrA/xBxlsBI5Wnguf0kOqpO5BYES6lA==</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:KeyName>q7ABklam1Jr0DsE0EYcW-YN3cGRR0Pe7rCqHfaqxm4E</dsig:KeyName>
<dsig:X509Data>
<dsig:X509Certificate>MIICnzCCAYcCBgFpNRDrPjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhzYW1sZGVtbzAeFw0xOTAyMjgxNzAzMTVaFw0yOTAyMjgxNzA0NTVaMBMxETAPBgNVBAMMCHNhbWxkZW1vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnCwCV4Ki7CS931c2Uolo3l175GKhlEOegWFOLzFTL7n1B0L5FAUZWRa01u+KNY8OHNoxgOSgMbWEHkYim3SG4gD3FXB065EknFPxF2606K1T6pHU26gyt0N7bYG+UiJW2cBk4r/z5mr1Ht1mT5aA0EPfL0ntV6GCHdzbrCedDDHPJE/wxm6IT0uPPSR8WC6f7373VX+uKoofslDUGFElwh5i7VP7DulRqi51tFJ4IxRb1IqiycOFcqKtQzpt5hSWI1h6Ribv3bhVoSjuqBzMI9iDMd9tBAXoVf5R1P1qP62TndyZJHsLOPLy2i4vzt3VY0Z4MCiUyXQSx18L7RDowIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAYDGh78ZlCHD/wgVqgijI2vIrNfXwn3R48ni6v/iDVdrjzse+CeRyPnSc9FONN6ZD8INaFQboU+U4cGTU4EaRpjTqqMNw2xUOZ+Om7iWXvdpZl8utiKRQqPGoRUWJuq+4hRzLeEpvUN+QSixNp4Im7kAoXbmMCTG6B1mJ+E57W/xMBEzj7aEV7c7/bU8fSd2omj19D7ndfr23Z2RAAypdiYz9T3wAcbgvKozOvMiZz+Rg6yCkYujuUJGzUqPs88VFoPMlOEkqswkGmQN0ja7Z0Fkhj4pC9IwOIyvfV1ANkPZGDnYO2Vj9orj21bySpISDu/8gqxA9djV6NXyWqVjyq</dsig:X509Certificate>
</dsig:X509Data>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>rnCwCV4Ki7CS931c2Uolo3l175GKhlEOegWFOLzFTL7n1B0L5FAUZWRa01u+KNY8OHNoxgOSgMbWEHkYim3SG4gD3FXB065EknFPxF2606K1T6pHU26gyt0N7bYG+UiJW2cBk4r/z5mr1Ht1mT5aA0EPfL0ntV6GCHdzbrCedDDHPJE/wxm6IT0uPPSR8WC6f7373VX+uKoofslDUGFElwh5i7VP7DulRqi51tFJ4IxRb1IqiycOFcqKtQzpt5hSWI1h6Ribv3bhVoSjuqBzMI9iDMd9tBAXoVf5R1P1qP62TndyZJHsLOPLy2i4vzt3VY0Z4MCiUyXQSx18L7RDow==</dsig:Modulus>
<dsig:Exponent>AQAB</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
</dsig:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">tester</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="a1e14i88dh8h56ei32ab6g87ej12heg"
NotOnOrAfter="2019-02-28T18:09:09.247Z" Recipient="http://localhost:20005/saml/SSO"/></saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2019-02-28T18:04:09.247Z" NotOnOrAfter="2019-02-28T18:05:09.247Z">
<saml:AudienceRestriction>
<saml:Audience>com:vdenotaris:spring:sp</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2019-02-28T18:04:11.251Z"
SessionIndex="2ba84f7d-7644-44e2-8efb-14ade746a026::d062b259-9617-4bcc-b8a6-5539ef781ac7">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<AttributeStatement>
<Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">dummy</AttributeValue>
</Attribute>
<Attribute FriendlyName="XSPA Organization ID"
Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:anyURI">urn:oid:1.2.3.4.5.6.7.8.9.10.11.12</AttributeValue>
</Attribute>
<Attribute FriendlyName="Acme Role" Name="urn:oasis:names:tc:xacml:2.0:subject:role"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:anyType"><Role code="PRA" codeSystem="1.2.3.4.5.6.7.8.9.10.11.12"
codeSystemName="IHEXDShealthcareFacilityTypeCode" displayName="Doctor's office"
xmlns="urn:hl7-org:v3"/></AttributeValue>
</Attribute>
</AttributeStatement>
</saml:Assertion>
</samlp:Response>
<samlp:Response Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
Destination="https://adsrv01:8443/auth/realms/tdlabs-ad-ldaps/broker/adfs-saml/endpoint"
ID="_ef52f991-47ac-496a-91f4-cff98b2ab4bf" InResponseTo="ID_1722aba9-59a7-45d2-b9e6-df7818245f2e"
IssueInstant="2019-03-13T18:47:13.231Z" Version="2.0"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://adsrv01.tdlabs.local/adfs/services/trust</Issuer>
<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
<Assertion ID="_e026c3b0-1a35-4878-b5f2-1615dcc041f8" IssueInstant="2019-03-13T18:47:13.201Z"
Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<Issuer>http://adsrv01.tdlabs.local/adfs/services/trust</Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#_e026c3b0-1a35-4878-b5f2-1615dcc041f8">
<ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>yf0+LN1ize/PpsZCLhVMJNZmCw4zTY/MY934py2c4e4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>lNddkvxKr4A82IGmffo4TkF0in9j5jQctsXF48vW82W63/yUt0bnAuWyKAAclrPmvtNAyjqYSRgL/6aaWuKQUFNd5EQyOGEMtKnJrqyV/9sO/Mwiq0euNc3m1zMcAg4bx+XwGjJIzZ5eS5+u9KaOQ4b9kCLqX/0g+DF4zM1TWFKNgYL3w2h5+7AwXawnVuy2X60oXVAOPbpADCe86QWE25RuuwZKvlEo7WzEy9F4sZYndriObnKMr7thNS3CTwIrrar2amni1DqmttPZdv23yjKEkK9DNHz4eFGFAQVMvP8iD8X9xgwEbFbE513d03LggMjvihCexZcPHogPZwOPIg==</ds:SignatureValue>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIC5DCCAcygAwIBAgIQcN3SdIjxCI5AKKGPbbJQUTANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNBREZTIFNpZ25pbmcgLSBhZHNydjAxLnRkbGFicy5sb2NhbDAeFw0xOTAzMTEwOTQ3NDNaFw0yMDAzMTAwOTQ3NDNaMC4xLDAqBgNVBAMTI0FERlMgU2lnbmluZyAtIGFkc3J2MDEudGRsYWJzLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo40S7y7IQfZqRtc+F0FCSZMgTRbrUhKj/ECtwlo3CS2r7U2y0kWks4yxDpW2U2q4v3EbrGaij/zFQ6Rup4WfKZB61+z+ZQVQaFzER4qTobb9lcwX5eebLwkbKRLxlOtB39/sbbsksSh2oq6v+Tc8I4WvBP+hCVoa3eW3QfJYWZb7qMIZ9NuJRjaNQbt2HpXuprfaeaXb+xBQcgsr65tTQZ6kPQR0LdlTl8DPVpekOL2sG7/tvnCr3S525ygfvlvPjvMqM6Os0+XrvFEEh0ZDz9xYgmn1moCkzKT+EJbs1n0c1hVDMYsBHO88Xaf/MbFM09wu9pk3BJHW+qYDHk9cwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA1dkkd9FNGOIVnJWOpNshhZpkYv7sxvR16S5EksxlYpiEQmDtlJBDVRBuS52ftd+vM6InkL8Wg4dqdpWl2KakVA2yJ/vTDB0wSbzy46bXQIOLkt/NsV6rxioOPGGv+i/ui+jjUHV4QHGqLGwPkkcR1ge+its7sqAj/G6YH0GAjJqe35An7aHlYpjxTxySrjGut0sr//Gc/6d34+tKUs7ddnHgManb/s7niz0uEe+4egKfGipOS/EcNM06T790Ie4MGvFy5zbF38OR7nwLZX69tejyFwEIbp38tBSF5L4YmtjooVJbgd08/OTwJdtHFLSu8MKB0Uc/aPTnuuZoHfU+o</ds:X509Certificate>
</ds:X509Data>
</KeyInfo>
</ds:Signature>
<Subject>
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName">TDLABS\adfstester</NameID>
<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><SubjectConfirmationData InResponseTo="ID_1722aba9-59a7-45d2-b9e6-df7818245f2e"
NotOnOrAfter="2019-03-13T18:52:13.231Z"
Recipient="https://adsrv01:8443/auth/realms/tdlabs-ad-ldaps/broker/adfs-saml/endpoint"/></SubjectConfirmation>
</Subject>
<Conditions NotBefore="2019-03-13T18:47:13.190Z" NotOnOrAfter="2019-03-13T19:47:13.190Z">
<AudienceRestriction>
<Audience>https://adsrv01:8443/auth/realms/tdlabs-ad-ldaps</Audience>
</AudienceRestriction>
</Conditions>
<AttributeStatement>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>tom+tina@tdlabs.local</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
<AttributeValue>adfstester</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
<AttributeValue>Tina</AttributeValue>
</Attribute>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
<AttributeValue>Tester</AttributeValue>
</Attribute>
<Attribute Name="username">
<AttributeValue>adfstester</AttributeValue>
</Attribute>
</AttributeStatement>
<AuthnStatement AuthnInstant="2019-03-13T18:47:12.707Z"
SessionIndex="_e026c3b0-1a35-4878-b5f2-1615dcc041f8">
<AuthnContext>
<AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
</AuthnContext>
</AuthnStatement>
</Assertion>
</samlp:Response>