2022-09-26 19:03:20,066 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:d6c60ce10e4b092261701106d08ee30b0e1da53b24327c24d522b673c918c7f2
2022-09-26 19:03:20,066 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:03:20,066 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:03:20,066 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://develop.tedu.app/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ForceAuthn="1" ID="_3424f9d8875540e807a5dbc99af9a2b7"
    IssueInstant="2022-09-26T19:03:19Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://develop.tedu.app</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:03:20,077 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://develop.tedu.app' from origin source
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:03:20,077 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:03:20,077 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://develop.tedu.app
2022-09-26 19:03:20,078 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_3424f9d8875540e807a5dbc99af9a2b7', issue instant '2022-09-26T19:03:19.000Z', entityID 'https://develop.tedu.app'
2022-09-26 19:03:20,078 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://develop.tedu.app' does not require AuthnRequests to be signed
2022-09-26 19:03:20,079 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:03:20,079 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:03:20,079 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:03:20,079 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:03:20,079 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:03:20,080 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://develop.tedu.app/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:03:20,080 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:03:20,081 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:03:20,081 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:03:20,081 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:03:20,082 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:03:20,082 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:03:20,082 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:03:20,082 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:03:20,082 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:03:20,082 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://develop.tedu.app
2022-09-26 19:03:20,082 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:03:20,082 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:03:20,082 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:03:20,082 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:03:20,088 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:03:20,089 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:03:20.089Z, isPassive=false, forceAuthn=true, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:03:20,089 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:03:20,089 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Retaining flow authn/Password, it supports forced authentication
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Forced authentication requested, selecting an inactive flow
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:03:20,090 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:03:20,301 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'develop.tedu.app'
2022-09-26 19:03:20,301 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:03:20,301 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:03:32,162 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:03:32,163 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:03:32,163 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1355389461::identifier=rick, context=org.apache.velocity.VelocityContext@fccf6e7]
2022-09-26 19:03:32,180 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1355389461::identifier=rick, context=org.apache.velocity.VelocityContext@fccf6e7]
2022-09-26 19:03:32,181 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:03:32,181 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:03:32,181 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 1a1815f19eb11438c3fd1fa397b889d2b1432a8f40c002ac0635c4a29abf9a54 for principal rick
2022-09-26 19:03:32,182 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 1a1815f19eb11438c3fd1fa397b889d2b1432a8f40c002ac0635c4a29abf9a54
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:03:32,184 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@51170e28'
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://develop.tedu.app'
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://develop.tedu.app'
2022-09-26 19:03:32,185 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://develop.tedu.app'
2022-09-26 19:03:32,186 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:03:32,186 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:03:32,186 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:03:32,186 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:03:32,186 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'develop.tedu.app'
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:03:32,378 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:03:33,677 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:03:33,677 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:03:33,677 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T190333Z|https://develop.tedu.app|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:03:33,677 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:03:33,677 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://develop.tedu.app'
2022-09-26 19:03:33,677 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://develop.tedu.app, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755013678}'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://develop.tedu.app'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://develop.tedu.app]' as '["rick:https://develop.tedu.app"]'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@51170e28'
2022-09-26 19:03:33,678 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:03:33,678 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:03:33,679 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:03:33,679 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:03:33,679 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df
2022-09-26 19:03:33,679 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df to Response _afc29b18bebc1c2c5e9a2304005fdc73
2022-09-26 19:03:33,679 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:03:33,680 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-09-26 19:03:33,681 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:03:33,681 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxnu5SqSX80lR+6e8meBRGemxwSvV7cdMy/VFti3Pb3jBO3rBsUzzxJg3j5O2imulgd494xNxK+qYKy5xMKy1xgdlONDzdJKjTWXRJlThWsdgH+Pj5rovuvBrvZA== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 190.236.202.179
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _3424f9d8875540e807a5dbc99af9a2b7
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://develop.tedu.app/Shibboleth.sso/SAML2/POST
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df did not already contain Conditions, one was added
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:08:33.678Z, to Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df already contained Conditions, nothing was done
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df already contained Conditions, nothing was done
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://develop.tedu.app as an Audience of the AudienceRestriction
2022-09-26 19:03:33,681 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _27bbf28f8c5b7d7f4dd5b8b1709bd8df
2022-09-26 19:03:33,682 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://develop.tedu.app to existing session 1a1815f19eb11438c3fd1fa397b889d2b1432a8f40c002ac0635c4a29abf9a54
2022-09-26 19:03:33,682 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://develop.tedu.app in session 1a1815f19eb11438c3fd1fa397b889d2b1432a8f40c002ac0635c4a29abf9a54
2022-09-26 19:03:33,682 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:03:33,682 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://develop.tedu.app and key AAdzZWNyZXQxnu5SqSX80lR+6e8meBRGemxwSvV7cdMy/VFti3Pb3jBO3rBsUzzxJg3j5O2imulgd494xNxK+qYKy5xMKy1xgdlONDzdJKjTWXRJlThWsdgH+Pj5rovuvBrvZA==
2022-09-26 19:03:33,683 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:03:33,683 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:03:33,683 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:03:33,683 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_afc29b18bebc1c2c5e9a2304005fdc73"
    InResponseTo="_3424f9d8875540e807a5dbc99af9a2b7"
    IssueInstant="2022-09-26T19:03:33.678Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_27bbf28f8c5b7d7f4dd5b8b1709bd8df"
        IssueInstant="2022-09-26T19:03:33.678Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://develop.tedu.app" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxnu5SqSX80lR+6e8meBRGemxwSvV7cdMy/VFti3Pb3jBO3rBsUzzxJg3j5O2imulgd494xNxK+qYKy5xMKy1xgdlONDzdJKjTWXRJlThWsdgH+Pj5rovuvBrvZA==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="190.236.202.179"
                    InResponseTo="_3424f9d8875540e807a5dbc99af9a2b7"
                    NotOnOrAfter="2022-09-26T19:08:33.681Z" Recipient="https://develop.tedu.app/Shibboleth.sso/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:03:33.678Z" NotOnOrAfter="2022-09-26T19:08:33.678Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://develop.tedu.app</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:03:32.181Z" SessionIndex="_144506fc0de3e29970fee7a08b9cd25e">
            <saml2:SubjectLocality Address="190.236.202.179"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:03:33,685 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://develop.tedu.app/Shibboleth.sso/SAML2/POST
2022-09-26 19:03:33,685 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://develop.tedu.app/Shibboleth.sso/SAML2/POST
2022-09-26 19:03:33,685 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_afc29b18bebc1c2c5e9a2304005fdc73"
2022-09-26 19:03:33,685 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _afc29b18bebc1c2c5e9a2304005fdc73 and Element was [saml2p:Response: null]
2022-09-26 19:03:33,685 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_afc29b18bebc1c2c5e9a2304005fdc73"
2022-09-26 19:03:33,685 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _afc29b18bebc1c2c5e9a2304005fdc73 and Element was [saml2p:Response: null]
2022-09-26 19:03:33,687 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:03:33,687 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://develop.tedu.app/Shibboleth.sso/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;develop.tedu.app&#x2f;Shibboleth.sso&#x2f;SAML2&#x2f;POST'
2022-09-26 19:03:33,687 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:03:33,687 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'ss:mem:d6c60ce10e4b092261701106d08ee30b0e1da53b24327c24d522b673c918c7f2', encoded as 'ss&#x3a;mem&#x3a;d6c60ce10e4b092261701106d08ee30b0e1da53b24327c24d522b673c918c7f2'
2022-09-26 19:03:33,688 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://develop.tedu.app/Shibboleth.sso/SAML2/POST"
    ID="_afc29b18bebc1c2c5e9a2304005fdc73"
    InResponseTo="_3424f9d8875540e807a5dbc99af9a2b7"
    IssueInstant="2022-09-26T19:03:33.678Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <ds:Reference URI="#_afc29b18bebc1c2c5e9a2304005fdc73">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <ds:DigestValue>JMFyY8vvyL0MYtFK3R+SzvciWNlS3FLpzAgdsjAI+Vx8wrZ/yXqwpHSCQlXaih50Kgf4Fg2VDlE0cUM7EbYoPQ==</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>Q+bsQd10MU7xfX1fNyJGOqYCuHM5wssLlU1XCxBxIPpcD4PnoQis7Y4UM4bIyNSonQpC+jcZB0SE2YmQa5PlrBa5eSs0+SCzWds80Xh/XycdxLTJepulWbfwhFWelpofpTrKaXIsOYZ2VgLz1mOEVB4cnIHr/kqYhQcClIxnBSge/jHLA8Om+2NMd4iORPRhtQ5S/hbILrD/bH3pObwLMXQCsCvGjRVVcGXEw36tUZrZpwqlTJVtZkVxgz2/dkuKTM/NpuplyV/IgKKB8enpmXqRbUmARlMvF7RXT8VssdoGrV7aLEyKuQhJFt/pqDdoXjIbKvUH5Wok91qIXSs3fg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_a6d9fb02f3a44e4939ff8306e8b85fde"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_828dae59ee9810cced8542ac715a39e2"
                    Recipient="https://develop.tedu.app" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                        <xenc11:MGF
                            Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIEFzCCAn+gAwIBAgIUeowPaJdP2ZRkPGVNIOKPq63VryAwDQYJKoZIhvcNAQELBQAwGzEZMBcG
A1UEAwwQZGV2ZWxvcC50ZWR1LmFwcDAeFw0yMjAzMTQxMDA0MTBaFw0zMjAzMTExMDA0MTBaMBsx
GTAXBgNVBAMMEGRldmVsb3AudGVkdS5hcHAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB
gQC4jFxryXTxXSQ1/bnmtYxzsDSK6ilLrYVy0kt+oCR3L7Y4JpumJELO8u8euyEIg6bCYC8Yq5Gj
3sb3z9a5CovNb0+oHfTNdz94zeg0YYON9IoZvifSyQyNGLe3rvnAIFkU4SaOelIKoYQQ6kSxPAI5
QvVB5BMLY8i8pMbJ5P87q6478+S2iuJb1lEldJDycYtM/Zr0okjXtJq6BS6pQaV2feAaBj8LW5wL
FLwKOO0Zl0XiOjo5J82gUKXNDpg6Pv8sSgK3yiymd8GtxAxcBadYyoOqlcTsObxhkQH7kC4/7kSP
/Ggs/AFTVDooAoB6QvwK+yhvnF+fhg3etz1zp2pC6Xxu7kkw9SKu8HfoxLwHoMU0ciyvAPh/wcZg
fmow+LRm7ClczuyoQBiA7qJ4L7mv3H1IyiMUVkp0D4TVoFTIDzuRGUhaKckzsY3dHbRqJ+v6xLyB
0UKhIitcy1JhP2qW1srRw4VBDvuuNOFVz0XTUtM44E9QXZp9ezEOZO8KY9cCAwEAAaNTMFEwHQYD
VR0OBBYEFHnxa3TTybKgQkqsXDacC2pwl61fMB8GA1UdIwQYMBaAFHnxa3TTybKgQkqsXDacC2pw
l61fMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBAC4hYlVncK08gTmnFTvMGwHq
pImk8ECi80FK6KzCTAwJiD/QZB8zblY68qeBcOOAR36uVlnIoDJxqUjiTVu5MeHuSFGYXL20Nowf
pZBy71llUSglZuRyhZQIlMwN5ldnXUs4QXFSI79qfcOWp7NpUbKxXdm2lQyEHPrUOiK9ghmGqP0W
7WjmawjxmpyS3nTjoyF17BAvzSiGtwE/CiQathMIQhYnzVm51xDcb34KihxARdCIzlH+4+HgVFHk
EWGpuf+x9z9HuXEGZm69Y/J9uHNcW3EmW1WpgqcC7o6thwNOHT6cHJRVdVfpo1aySR2l5eVbEhac
GAVY/tZez8Cj/4b9Xnl3sHu/LB5UDlkAqxr1J4lYCP8Wwb8P4FZ3tMnFKR4uGcZkjMJH68gbahTp
CThbZJFew/gnh0WoCEkwJXkOH3UoWX2AWDGTNcKkj1HfHuG7BKSWli0gF6sR7pQ9VynTVFkWgMVD
QdnIeAQwMdGlcAl5MOGtKyYCNysjvshGMg==</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>YJ0OkTI394lD9CUKg+sfKbzEQkHC8YHUdmpJ2xusFlZ7m2YHlz4D+vf45/+N7iWVEi3XVGikazwIL3nID7hSQbBQUTLWAolZf048qH4mN9mvSP6pi0mTDPxaEG0Q8nDXuWWyq/Kaq7XstaILsaXSOmbXi6StalckMq6aX3YQV4p9Ngk7RTehPjveBOFsCu+W+57jodmt73nhWcAbhPd25lKjTG2MpulKZUG2utftx0Of0ZWqlXancBpD4l295OamiwQpSK6Sm1koXZwHSKJkd0IKJRi21YzKpZS1yZbYsHy673NyjLtAqmXXxpSCFZIf2Komvl//0kC1XfZKy+KET+95behxhLDO7+oFBsG0vtiqhJm8hIHHJXVcC2qx1joJ0HgIdnzSKMctc0gJqI7KJyCU/5Jm6MzTRY2Dx+k0TpxAhxx5mUMIilYoZ0EintRRsvof5OsTw/Kbrit6u7euog0chTr0gJj/xDX+4zxDybJhIEwAphJSUi4c+uUAylkk</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>P+7X361nvfPKtgrtRazN98XQEQOreS9tdfK1T1LXEQku4Y3XdIfDaiXD/gAsJnn7hPWS98cR5j9+xWmPaiL74F/YK4qEQ3niocp/lM2G3br5t191mC8AnNd0GQGecb5REOFkvQfQOBkHMKzNLhbBZCKY4tHncSUtpTOd1jZbvYlQs1hiHOGkoiz9MY0ma8lo6+jsdyCOLCfaeQXUrkX5bDFv2mUXssTDHzckv64vbUaraj+9+dsLF/DY+QzwGp99nudRpXRvOZ9o8N5JCE9VDFTBLh/L1rS5jNKL/O7VxODogfUabD4LgkfBKkmk8dxG292LmOHBc7ScXDDCmYcB0Ez7HHTad12mBQBwoDM8ekvARenIRB7DRnEQ6mfrwpSnJCH+Z9U0PPhspN3asZZUYl7a53mZD3BhST9wXE9NZG0DMr1NJQMEH40TCzViVGzYfRfrdWSfKyg2vZB1NaLz3CD49k1/acPYGNoqRLJ4+7jlRobtO2va/rXuAxRNPfu9n7yzlYrzZkKjqCfwAN+Bao9a+nnj2rIJuIM5fHmQ1HD6npoWgp8Ye5cmEDYI/1cZbS2SmgYbc47hIToxZG6SljJokCzeu72lPD+TmIv7sKZWK28dfOX6LRapZBYXOMwgSL3ZQAXn0a2FTbQCSSVUmbQBLgT/pQsQTujEmKK5IVKmd3D8WsYCdoCk0uUkRE8C4uiTmtlih1MkwJ0tJrUDcbhsp4GUgIl0bKCenFyTZBPQNUq5qp74SsD/d3I8F0w/+EiywaBxTGDJh4ciYeQhdr9sazSneSryQlofWODhzK/oNbFGJWIlE9TVo9qpVrUgCb7eJ4FELWZpmJUXbPxn003gPyDlKOU3t3IOozrCVAVvVubcblVLvgkKpYg0aDvdn5CzGEKrILXaPSNkurx5AJyE6UKJb4w8MraNbY0eP2vfr9EbFZSqjZ7BZAXEp5kozFJ74+YmXgvP5tPPobp7HiqLfiUMgmhL0GdRUqEjmYggkcdLcCl7BfYBlCnbIg8oS+bJ5nTuw9Z47QjXiA9hmoxyg5BS6GlWEPtIiOBBEFmZishXRgQSLb7pl6nvnlQ4yDZoX4qo+kNaRN0r3Wkh6hNDwlcRAh2LnCRhU7jkzcaBKgo2U6o7Whb6EgVx2n323qYNzDc6A+YycKReGc1+mu0LiBo6jQIM4OqZvKHYnFgqgPlN4NlII7a7zLBEK57yJXfIaF7QTiuhmgigdLIz0zg5fAtzN8AA9xbBxrI0/DWlKeWI2nNWTYQyTX8tOwdPEC3izSm6IvAQXHL69FThquEKvVqLvjhfOwmRtAZlXTRX6yDpl4rz54T4RzZ6HK1cpARFYQLuz8nTJaJ3H0GgGKMuOV9ZCXA/9Is1WqNFExTeTrE/LmfRoPpqASwdb5pp5vts+k9hcVRYzVtTbg5wqE/7mWyVM7D4uKHWCxG+I/sHoRHPGE9aBczA4NIvmHVaAjhUji0rxMg7CQqQAZoxFqAgEzSWx6A5xV/hqqxqp+uNC1m8fG7D9e8Ty12R/ep0+MLaZr927jujM3KoDp020QPVIB6dcckYI7sdFBiny3akcTKpsFOLfCWp62crE8jpu2VuezGCFYqpOPOGRPZlNyl9tOmc0Nc4bz4z1PagkovkIINnYXCnvF9TGI+JzIJ27U3G/dP+OtEA6CEiKyX6PgeQJIrfOcXBuQvKKtDbNfmBu8l5CGezXr15jwYSQnXqSz7fKLnbDgoDm3ahJQf7lpnA485AhzIfwRcisrnGvaezqRdRrS3t1jEjpBv+KI7/6zXMWq/fOFGLEP0zrqbi4dxx81BIvo73FVjV0hLbpcMcUUB1H1oR8zkqnEOGMzHpnFx/4yeB5yrXpzicoRJIWsmz8eluqL6q/UYX4KvFElIP9NKeSq7AcD3UrU4a3EwaQ4ztoiZV1XqWvVCwu//7n+kB5U+mL5FUaQ/vStO/mQCYiOYCczltYek7byGjXL8B3zfcCwiZW/Q03id1576iHvVOFw2RzP2wbLu/1IJaIHGlQJTXpA3IdAVyo8UrgBsUnp6clNkR/dhvvrzdFNttYGsjFmXpX/fAbhtMBL4qklYp6o+aTVlD8uYDdkgu9VH8BtyS9TrAcCBoFtuBv4vmKpGzGtL9fFnHgXjWOG5rXpfDGTc+00CnPLyFWjY5QwiZfiOv5iRT2gE/cT+tjW0vZnjXDLEgqYx8vhZGl6oyq/x/oyoGD3jr+KXn/trBl0NmxZmzhaK5PapCc6q6fUj4VNOwG9Ok94tOPN/7Le6btn62pKR+THRn2pPM9z9i5gZ5uHkgPWDyCqQidlfaFTpVjVPQFQhFQfluH0T1a/16+02UL6ReT4Kulq0fLHa5aFOuMaE14ihB4+QACkL2gAQFS2+MPMf6uopLI5phqcWRy1OU2oUZk3Ylc0kUb5PkURWjtbcBOOZ1X6PwtvHmMbDOGzvctxGNpZI59yzI1KIAeha2ESJEuENERTo/c6gBdG8G0AhQwOljoU89LahwS+RYiYigUcAXPSseW9IIbprRYx+bAbQt/A1ArZncd2i+oy90LVJ2Cgrt4jVyc2r3T5B9e/tUwUIPamjpuy5WKEJ5lL3cYqrabwoSsaHhdUXYCt8OeAm6AJvHE65S9pa83h48hbMi+TMJrgNZCXtCmLgJNSG8wXs1mmmLMSm1LEHQ0laC9fY8LyD/5emfXxqGVfjwaHLvnKnlVMPjWMkfRs3iBEHX+zrC3HMMl/Dkenf+WrZuwfaHMoHEr9EOdPbA5sCqrnxrTFQSPQzbyYLr2Xu6nqPsA/D6USaGMjj/HcCOns52jKOWSXi5mAt+MoI8/2ZPhbds1QEGNv6eX2Y0GcaLWZkZcO5i+90gdvSEYAs0qRwOd2LowNs8+VisXJb+YY9EaSS9SOW2/ryToyevBAdIRQ13V6YVxe4TaIXTWrtTR0M92FohcARjaKVezqgnfItaHg/ACwy0rHfPSRFGqlpr0Tli0rihS+TX2gaTTgW9loj2R9x6ATXN7T9kB+Swbaeov8d5wlR6VwCH0NUaNEPEi6JjFFJ8ZRpSOXeUwow21vPuTyRQ6xbw8ABpZFcrpDo+Z5bVZgQ/KLxAkof8pkdo+sPc3FQuwukVFRUopfo34ln/adPjENj1ABsqA5u4HCAR/P+pEeRQYm9TyZzyT9iycdMgPVunWMyBCmWRYiksL4gc57ewj+oaWmPWQqu77zBOcDe+Ea129n9uoIkoXWOT9qsx9ii2Jh04YJ5C2gTEazidLo+XCya/Hb3BQ3MV0y2Nr25opoVuMI9M/tvvzoqCn6dQ18lURjhSON16jjwedqNgWNva0jU2YUbohJYbhXzl8O/98W1U437kI7/jm3ddiasCq5dT+1IauUBQxvKDgh6U7JZ3LlJ8LPG9iY5wiy+hcamTgcP2FV/qOA8elk8bPj8xXU2Up6W/6fCk2niKJd6OdBeuEeMIN4z58rCbahbmQBoVx9esJV+61nRIaqF7T+kQ4rz7WzDViJqS+9vPhPJNFcaG1ya8RkaDa2PKuBlEL1svGoZv9GKpLrIAl7p6TYNxEzAGTXGmj1AuzDYvtAZzJ86bT37mCxb+PQsg9ZExaG5HSDswDzQ8v2VHeyTZNQuGnCL0VeYGbcyErBKrJSYQq1QsZBsTuHkv5vyJvfkZ4WUmrbI889CeqBvumscTn/nHzwqVeetPS9sdN+ATKATvWFqodM0+OWj+Tj5QrGkC/oHITXB0lSla1C8KCLTSqW+YF63CAHtGUIGp72BIbJS4RS2jBm0N0ezo5D/sbdJ+GpkmZNi5T+uagey+ySD6GKF4ev9OgsUkbQnjJ8YEnMh5NXJozTg1XcW7l26hlQVrvgcysRerD1tP2Kpar62LqMXAhtLIz3phvjA9Sog6PKoMTQV56kY3lqIvh00/2/6Y/pNTPUZqNv6Sfb+A5GgXyOhsRG0JvVB56lwRA01NwYvY4/kHEcOYa40udf7JR7nXqtS91LRdyIJJTdnU1uY3Rrj3eUsQrBcp7jB7H5Hf4mUowKZcjfr5Kj27pgh8JUaA2B9ADygAqNR7n+go5Jo4Stt/5ePoiaAIAYVAmWS8fZXiM89qCCfmycrlhPqmJCLX1u1oHdvpCZUqvDsQ6jiTNLtuQZxG5i7JjfpDVXTOEK9e4jBMygU0Z/ls+9DzDLXIA/wvSAuW9B7rEfTB+uoSgRWIRLdrxCo43KELO3p1gmS0CzT1N8x3DR3yuuazsLhxmcuaeqNVSx6NFaRysZ2KzDms1dq9luZTrtTW6gsgLxhMjXBeHlldFRKSyfNgl7UALIpKHkDTzxqluTuYXeiH6POxvP1xpyq7+5alDsltKVXljjTcJRhwsOBlMrYmhIOue/r4aZcKR7hvSJjBukSg7/9MihXGGy78UjyFT3+kuvQp2CYd/59t7/Xrg85o4geVJXBsLZ41BsRU1J9I3+A+uYqA2SyREY0NtQGrbgrlCbfU3uW+kIe+Y6yJp0QViS+fq/2neMLoVFWuWIVhVwy13QRS/vr/lHYDdmIXx+WqcBYfI6OJ+xVAyT4zR/V77cu4n4nX0jQk/UPkauba/pwq/0xVUqB8NNFuqRmYH7sDQZ5tWcjDyO0neK83zRdt0yh03DlVKS1k+3VSPI/6SBtmr0ORs9uJiWpTipizsCV9ZNd64ixTu1rw/vz+fBPdTBb38w5eYmEJztup2pQrMDdPZHApJPyxH58cBO5uQxGW0/itgSlMRmaI0LQl4lpknb7D3T0zPGiMo7qiE1t9CFcI/vXSAZAVaahX64anhd1VIOZfMFfLYeld6Pf1OZmdi3834elTugQzjM7hA9hmL43YPUAw6IQu88xlEFQ7X0obOz831kpxCuzsc0OPvd00Xb00CUi3Ll1Vioneq3f7lRiw7bND8wpnQ6yROEH0A69KpKaVuQU6HLW1hyAlmPi9v41rJBWfyguJUNNucQcpV4H4pwd5LY221cu45juR/TqXfqiqJTpk6ShdlyP+tNfuefXkdYC9farKrkXTxMlstyNpbnFcim1j1w3nQkbqm3eRFQ+SCRKpbIWIZMZCs7s0NFOy81QYdCXrizfB5A5Yag0m3cvFdeZGs1FubA==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:03:33,689 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:03:33,689 - INFO [Shibboleth-Audit.SSO:?] - 20220926T190333Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_3424f9d8875540e807a5dbc99af9a2b7|https://develop.tedu.app|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_afc29b18bebc1c2c5e9a2304005fdc73|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxnu5SqSX80lR+6e8meBRGemxwSvV7cdMy/VFti3Pb3jBO3rBsUzzxJg3j5O2imulgd494xNxK+qYKy5xMKy1xgdlONDzdJKjTWXRJlThWsdgH+Pj5rovuvBrvZA==|_27bbf28f8c5b7d7f4dd5b8b1709bd8df|
2022-09-26 19:06:54,767 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: SSOT_179661658
2022-09-26 19:06:54,767 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:06:54,767 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:06:54,767 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<urn:AuthnRequest
    AssertionConsumerServiceURL="https://www.futuremedicine.com/action/saml2post"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_-2555572821867920435" IssueInstant="2022-09-26T19:06:53.986Z"
    Version="2.0" xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol">
    <urn1:Issuer xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion">https://www.futuremedicine.com/shibboleth</urn1:Issuer>
    <urn:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</urn:AuthnRequest>

2022-09-26 19:06:54,774 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://www.futuremedicine.com/shibboleth' from origin source
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:06:54,774 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:06:54,774 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://www.futuremedicine.com/shibboleth
2022-09-26 19:06:54,775 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:06:54,775 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:06:54,775 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:06:54,775 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:06:54,775 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:06:54,775 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_-2555572821867920435', issue instant '2022-09-26T19:06:53.986Z', entityID 'https://www.futuremedicine.com/shibboleth'
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://www.futuremedicine.com/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:06:54,776 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:06:54,776 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:06:54,776 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 3 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post' not permitted by input criteria
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://www.futuremedicine.com/action/saml2post using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:06:54,777 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://www.futuremedicine.com/shibboleth
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:06:54,777 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:06:54,778 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:06:54,782 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:06:54,782 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:06:54.782Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:06:54,782 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:06:54,783 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:06:55,008 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from UIInfo 'Future Medicine'
2022-09-26 19:06:55,008 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:06:55,008 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No matching description in UIInfo
2022-09-26 19:06:55,008 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No matching description in UIInfo
2022-09-26 19:08:47,503 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-326060-WDErqyKHSRrLhKoyHLx-xRHL9Ax-LIsc
2022-09-26 19:08:47,503 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:08:47,504 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:08:47,504 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_ed02f483381f446a8312c13688a9038fdcd9a08"
    IsPassive="false" IssueInstant="2022-09-26T19:08:47.000Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_ed02f483381f446a8312c13688a9038fdcd9a08">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>4CDMOVs97s0u4tnLEaZ7IT2OaKnQIhRhgr3VNB23Ypw=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
XQIpjrZ97NDzJgSAX7b/ORjmyOvgB6qSfrbQR/vHvLulX5KNE2Z850GA2ndC5Ezz9UelMywZddp4
LjycTAkTdj9IBBTxZ0Q8+l8+No2IF7v4ywQYLYsgMZCfoc63HI6zQYVriu45ETgd55MHrsT7xQdO
+IlOa6kgU2NwcFRBQrEntCy+kemiDrCxYhgpmgucyM70ZePqGKCSohzPycimo4go3VbAgYBziZ/E
Zfo8dP7xRyvAM9QSGUkuSo4migTv6kTyB+dJkkhsYoWjD5Z45FPlmJxB5HltuHegQzwSqsOEIiMV
jPDzS6YfgumX5llB/6Jy3E3ihBKMe/IAB/QQsQ==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-09-26 19:08:47,511 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-09-26 19:08:47,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:08:47,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:08:47,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:08:47,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:08:47,511 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:08:47,512 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:08:47,512 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:08:47,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:08:47,512 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_ed02f483381f446a8312c13688a9038fdcd9a08', issue instant '2022-09-26T19:08:47.000Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:08:47,513 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ed02f483381f446a8312c13688a9038fdcd9a08"
2022-09-26 19:08:47,513 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ed02f483381f446a8312c13688a9038fdcd9a08 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:08:47,514 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ed02f483381f446a8312c13688a9038fdcd9a08"
2022-09-26 19:08:47,514 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ed02f483381f446a8312c13688a9038fdcd9a08 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:08:47,514 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_ed02f483381f446a8312c13688a9038fdcd9a08"
2022-09-26 19:08:47,514 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:08:47,514 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:08:47,514 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:08:47,515 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:08:47,515 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:08:47,515 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:08:47,515 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:08:47,515 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:08:47,515 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:08:47,519 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:08:47,520 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:08:47.520Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:08:47,520 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:08:47,520 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:08:47,520 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:08:47,520 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:08:47,521 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:08:47,659 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:08:47,659 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:08:47,659 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:08:49,495 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:08:49,496 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:08:49,496 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1143270257::identifier=rick, context=org.apache.velocity.VelocityContext@1fed0ef6]
2022-09-26 19:08:49,497 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1143270257::identifier=rick, context=org.apache.velocity.VelocityContext@1fed0ef6]
2022-09-26 19:08:49,497 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:08:49,497 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:08:49,497 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 80281e72e2dda9cb853857269e2941216cf91253a52e0206a004ba5119e2b9a6 for principal rick
2022-09-26 19:08:49,498 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 80281e72e2dda9cb853857269e2941216cf91253a52e0206a004ba5119e2b9a6
2022-09-26 19:08:49,499 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:08:49,500 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4307d1c1'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:08:49,501 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:08:49,616 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:08:49,991 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T190849Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:08:49,991 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755329991}'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4307d1c1'
2022-09-26 19:08:49,992 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:08:49,992 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:08:49,993 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:08:49,994 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _e6cc08fe42970dc299edbdac2380fb56
2022-09-26 19:08:49,994 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _e6cc08fe42970dc299edbdac2380fb56 to Response _2e51ced9ed85017528dfee34ab00ade5
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _e6cc08fe42970dc299edbdac2380fb56
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:08:49,994 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:08:49,995 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:08:49,995 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-09-26 19:08:49,995 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-09-26 19:08:49,996 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:08:49,996 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxJOshkrKCbR9UM1bMojMfecIkQeILkf25mThL3MWotSp9AWIBNxW22NzkiHUnkqomvDEHCMQy6sJ4CjeKTdI0QYGsqf84O5t++fsTq+KzBLTiw7LH0u0RjVVqZvLbT4wDIopz1fPQKAK90jlaG1YxrhtH8X3mxNI= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 204.148.205.254
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _ed02f483381f446a8312c13688a9038fdcd9a08
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _e6cc08fe42970dc299edbdac2380fb56
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _e6cc08fe42970dc299edbdac2380fb56 did not already contain Conditions, one was added
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:13:49.992Z, to Assertion _e6cc08fe42970dc299edbdac2380fb56
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _e6cc08fe42970dc299edbdac2380fb56 already contained Conditions, nothing was done
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _e6cc08fe42970dc299edbdac2380fb56 already contained Conditions, nothing was done
2022-09-26 19:08:49,996 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:08:49,997 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-09-26 19:08:49,997 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _e6cc08fe42970dc299edbdac2380fb56
2022-09-26 19:08:49,998 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session 80281e72e2dda9cb853857269e2941216cf91253a52e0206a004ba5119e2b9a6
2022-09-26 19:08:49,998 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session 80281e72e2dda9cb853857269e2941216cf91253a52e0206a004ba5119e2b9a6
2022-09-26 19:08:49,998 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:08:49,998 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxJOshkrKCbR9UM1bMojMfecIkQeILkf25mThL3MWotSp9AWIBNxW22NzkiHUnkqomvDEHCMQy6sJ4CjeKTdI0QYGsqf84O5t++fsTq+KzBLTiw7LH0u0RjVVqZvLbT4wDIopz1fPQKAK90jlaG1YxrhtH8X3mxNI=
2022-09-26 19:08:49,998 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:08:49,998 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:08:49,998 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:08:49,999 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_2e51ced9ed85017528dfee34ab00ade5"
    InResponseTo="_ed02f483381f446a8312c13688a9038fdcd9a08"
    IssueInstant="2022-09-26T19:08:49.992Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_e6cc08fe42970dc299edbdac2380fb56"
        IssueInstant="2022-09-26T19:08:49.992Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxJOshkrKCbR9UM1bMojMfecIkQeILkf25mThL3MWotSp9AWIBNxW22NzkiHUnkqomvDEHCMQy6sJ4CjeKTdI0QYGsqf84O5t++fsTq+KzBLTiw7LH0u0RjVVqZvLbT4wDIopz1fPQKAK90jlaG1YxrhtH8X3mxNI=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="204.148.205.254"
                    InResponseTo="_ed02f483381f446a8312c13688a9038fdcd9a08"
                    NotOnOrAfter="2022-09-26T19:13:49.996Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:08:49.992Z" NotOnOrAfter="2022-09-26T19:13:49.992Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:08:49.497Z" SessionIndex="_5123c6949efaaa8bdff7ae8c9775ca9e">
            <saml2:SubjectLocality Address="204.148.205.254"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:08:50,001 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:08:50,001 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:08:50,002 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_2e51ced9ed85017528dfee34ab00ade5"
2022-09-26 19:08:50,002 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _2e51ced9ed85017528dfee34ab00ade5 and Element was [saml2p:Response: null]
2022-09-26 19:08:50,002 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_2e51ced9ed85017528dfee34ab00ade5"
2022-09-26 19:08:50,002 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _2e51ced9ed85017528dfee34ab00ade5 and Element was [saml2p:Response: null]
2022-09-26 19:08:50,004 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:08:50,004 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-09-26 19:08:50,004 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:08:50,005 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-326060-WDErqyKHSRrLhKoyHLx-xRHL9Ax-LIsc', encoded as 'TST-326060-WDErqyKHSRrLhKoyHLx-xRHL9Ax-LIsc'
2022-09-26 19:08:50,007 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_2e51ced9ed85017528dfee34ab00ade5"
    InResponseTo="_ed02f483381f446a8312c13688a9038fdcd9a08"
    IssueInstant="2022-09-26T19:08:49.992Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_2e51ced9ed85017528dfee34ab00ade5">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>p3PusZdkIMgSNl7ASJ/a4BcAIAaw3UetEahV214bqzk=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>olKzoSJUIEvpcYvP3wajQjlYkbn240W+5ybmrGl4IX1KaVc7SdztWL7J3h57UWKZ8aecExOQbcHjRcpV56A3mrw/WeVrOFgE+QpvOLSBYv0dqVG6zBiaRZpFAes7E9rnEPP8pfza005i1aVOm5nagaHFWAy9gD2/x0b3m/f/Hdjvm61oChIm41pAc92hvtLJZNbmf1PlLcMzF6wOReoTZQXnK3qPk5v718+RYp4aY8b4v5ZanoePZqYcWc4U4OuW32U7ZXrTy7/Ow0ynuLKKI1scr0j9lg0Je2WzGBDwnjJllaAWhtlVysI2cklXTXDqm0qemaFNWkTiAVPvNvG+dg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_468239a1452b05c5a338ec9f26dbcde4"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_20dfca9a298b62a25f8ad01e341a1f12"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>Zu9e/EhWwhijBCrH8lO2X9ieGqnIdrMRKmgLyIWUHddtAmfc3z9HWG3uVgptTRjwfXyb0PN4sdAVD+MmX7LT1jAPpxVU8qS6CVWt3xdkGF6f7GBsA8NQJuZnm7snVnAPUqlLhSQfjZPZVeQpPwDyQoh9Q8PcJgzeGCK1CUx0OjexI6+gmh/n2IRfaYb5XB5RTGPqupkTK6tPijDfFsYFJhcfd+Iq00Jan6yeo6DUEnFWFDt21H473Gsu8oc0fb7rMgw4lhIv3AonOxTUHK8TC4M5/Jc29hGr2mffU5r37xGUq5dmzW0wk/kP9CfeQmdaTzXEb69WGAjDL/h4gOrFnA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>37ug1NIJIe4bqAsMPJyB/x9WZlPE4urgDmrIpYWPvSFY4CgOl9zPAyE98Wgq3WW5CtzG6s0OOmvVl/MjkJFDZHPrndQGQEYsCx+3nT1yc8fKIXEXjOcQ0ucc8JKAgGhvjmglEu6lwpgc2yppeP1NIDzmMpK1kFU1WrnItEdaiHana5tDTnNTRH20/eVf8lFM0728JhLqModsCOPxzng/kO8KwO6d7ERGoGOocFojDz1Dk5XfAvo5Ovk870/r37VKWsZdohvo7opdSFaKbtgM66Yx08gaPtSsgtNwGUCTcWcF5rGWuOFNWrroepWXYNQWcqwTbZngehg9pf84d2JjlPd4Ukf98YFMLXWY79RbjCCpiW5Dwpo5hQRdrKyZnzVsrJPSD+j0Ek+b5/cHF1TmpY8+fDLX2Ts1fSAXjWGaH5iGSCfDGEZCg7fdDfFT8II003DU5zbPnHlY+MqnNKESuKOGPK/xgJ47ZxalVBw0ARJchtXmGpQctszfq9E6jJDuLMZPtftrws3lDhe5+vlEgZuFe6pCi7zBEZA161fFwAmWbkfLwrr/9sKSFJ+0EtTNTrOc1apxtwY6mqtpGHr4f4diTPZKAxpkgCZAjD95CNRMSXXc7hgprTOfio3CVQm9DC9eeI2CheRA912/6ldM6kJVMHpqIU6iEriCLxJgWpphQC9oE4qdJW0P4ElhAHW7OCfwmNJTiNy19NSvCuCNUPht/KIlzWURR7sN17gV/cpd8i4w1JwlcnjLa1mEqvOQXpNbCWj1DZoFyX6+FskMxkBHww5Gx+KQTTGrFa8s8LOc8IxJeF/Lz92nIKAmX3ctjjzyfIcD7bz69guM5gVsJoxow5kOYQtCYljuqe2thmYvDXqCKoVCr0icUq/oEqdPRcYnGTNf9z+I5c/Ux9lED2YGdXc6GdBBRDdxiIAuvBD5EYzmEwhEfT24pGXk1VjoZ71nSF68giY1CqhILrpaNNNNU86gcp/3BUubqY/dDeVRtEjlq0YoYJEk6vHYSUeNV1i4MjSx4m1K9hUBpwJMM8KmOvaEC01vG27O3KDDiK1QVEsjSuG9wKZ+fuGPma8zvwmfiM+LBsatrRPQavAbwYrbFp0SykFCERdmQMDqDKs/ghVV/ETem6Nsgm/WnOgpQrbl2girYddLgQlMWIStr4603i7P8vqDlQODz9+b/ZMlECZ8RFbqPT9Jgp3fxYD8AA8yczO1UPEe0+vzk2ADRqNexe2Yisc9U+9MjLMid8HAlr9SSHyXKMN72FkLr8zNTXzxbRwSazUSVOzxPAoV2ZknMzziwoMorRMrjhIqvatRu3+6GKhNNQbWa/qE7P8yIwiAcaufAI6Bn295zaiglsnyXC+gM17SkarGhIipRO0i2J7OqdCuzaEHj5Iiq5rKdZGTf+dv/x5j6yt8lRKJmmpQ8lN/xCP1hOa6PA8GaZjvmijm34qfjFh34zpB3CDQERAleiNa7prm6mH1fr+UAvn8o0fI+S418N8mOixA0A9LgHTJ/nsUziJaniWPIURD4PpRoqGPypZHuO2lMYfwyjd5Rl1/EgSIeqQv0rScBOXBx5Y6NVOZqMNqbcyyqR3oFw/TPcONMw9+2aTGEL0kOOihyLj9vC6u3bEoxVDPRwLt1EhA0VqUWdazjEQwYx7z0K1iCERvU8W5znZ0jeTPOz7VlpoBdxutcVbNQQyYl5pNSvSngl84L6rwIIubO8ICoyo5PcP2abVuUjlW0Gkw0GfDtNpv8OySva+f4xk1IJCjsc2iMYTgUbeNgyDC/PaQMuzivsVsVAXrtXNvjKE/UoI6S4swAkQG1OmV8ooMHBohsB/WFxofLr7rX2ZORE+3jTDJSEahkd9UwicAAUAeZGgzAMlOpjOrhEftiwMrwjfUEiPE1Tc6wjH1/lW8WmWXiemmc6KRRHCTGZHfH/fDdrC+kPi+1gaRNIf0GXRqMPbp64etEgLBIzOFQCu8evVs5XzfQnTSEY/YtoNkTMxT0H7uiQwUnK+pkLNHopC4i3h9WmNaEJNF9jY701TQ8ps+x6PJSvb2Vmf4lWYQ2t1vHqokrM2b/r9jXkNksGL395fHWord5mVHICsqhJrQNw6aw/M5+oRxhfo9dk8u2RJlxUXwYIKvUMYjEYl7QhwLnIKo9FIKb9siqIQ91AxDEV9gCR+hqH0RWhdjijdFA31MKyVfc7ceTJcd59jr24QZKWQ4/GM+BoVVW1IhOsIDx1eaq7TOSbAVlOxd41kL9nqQBu7Gbu4qekhcAeR7w804/aIG/RgCtbYFu96603gjAQOxWNDf2uGXqPJ5Uij9n9ID2f7T8TgMC5WKcMt/zlGHtJvViJ7qtrslfgDd07h3bv3FYXPX5lk7E//B+aMemmMEhsPgV7f7pj3ugFOisUpPimtCHExMrd50UjZrlGaCOdQjB3Gkh62451vMTEEj8EXQEktGh+jiU6ZN8wpx4yw/j7tuY/bFMQDA3W/jdQ0NdfvXfKwpolri7C35neZJtyHpewfv+TGoy9lbcRa2yJkUWRfaFLWaD+W6ycWs1lK79JrRIqtzb16SodES0UfsglWUmAV57bqSrei3aMIPW6e6sxM5YkvgVXJeKsZXk0kVK98/soF36zvQfS5L7i90D+nbTDm6PERAaDXeVIOm1PbhqDBqHwJ/K7PYR/hIJo2sX8VX/2yDViRRhAQ/jV6JT5rQyrUE4Phrd1prX8CQCQIhBuo5UNGgD5ohjzXuzyIRfF3zt2piK0lckT4AfAJPssVgDlb2iyvmrTrf1joZHMob0hq09yWAfNAJilr4xbMT4gvprrt+ExLXzr6dNF0ZPMGooJ7ITfdqHsJqtrIuMvByYS4WcVaAeG3wVoOifciWvXMKPiuqF+gyw1Ffpg2B2KMhrBZtvO0/hyGs6hl9ZqaU8s2tgzNdrTnveCKpSacMEXl4ppMqxp7hwyaiTo1Dvhtemr6xo7bNiCaduJt7CUnQqtMJM5E3DLnsHGztQqB7WnT3mSaUcNEua85ET3rXwnHhxld95gYBtiJr+IsaGmqmdAJar2KualP9aJXMQcMDR6Dv0K0iR31R8xKneu+5OI6TY06TCeDTe1xwvTXO8h12rt6jIOK6A4tElW3ztiaeBQsjtYzgS2C7Bek2T1zrnptPM6TVFDzxItN72RoWAnqjWOJzGtY7bS2Nq6CuAM9nP1+L936QzK/402z/oMDAlbYCFwDb/ITNiUXjjVq6ub5Yf/Nec7bD1tVDAO5Jx4fVeoBUnq8+l56dF34mZT7Cm6v8A7AQBsPWsojXpFoCVlScvJQQlgDyGOTN/ttjHZG0hJAK1lmAv9M3DYZjjnq2MpGw7BlKUG4WChldDHDaNjZoWKSW7QNF/aYU8OSLqymlIx7fpsLIULSWqIwZuWJAdE4UkljzoMyiFMAzEInhW54YFG8AmHUWLGNlitc0uN3sECwfqi8oJ5Wc0jZXw4Clsy1YGK6Lc5E/PoW2CA6pRA7PfRp2Ahy/qSyaVpb6ds4qTu4xzTymu+VD9ZtB0v5s7+vYVIYBo21oeCCeAKW3klxaSDaZnZKEqnj+mUQ1Gk0fX884UWDc8rU5gPcMrWdDl/hTE/EAiEVnxFBbHCf88MYG+qRAE1+ct2a+uOFseBe3vALXTOeS6ieOo0z8W2BwA42MpCmUdXIdkavXjd049WEUk009nfPwTLEaxorn8n29nqeh1pDiVsPisyq9cxb0uVT4jj5SsvZz7baB6Es7+UWXthBIlXQ33z+8AnhadrBEsLyKYKcXCJ9JmQBZrX8DfZhNTAKdjEQU8BbCG5IDJbURcHbWmIwv/nloHm3tFJmN+a7Dh1JVD9J2IUEjBCOjHL9tvEbZRQcvJFU+QFifTCVjJDZU5GJiqSY8/T1q3vZC4ajKWxlhYpuHyVa9/9t+gVu/3HF+nXtNAXhgW21QCRzMo7/QNr7nH7FmXB9DZUQs+l9LJrTAP3IeTuId7jwRETArb+ynJRqImqSTiYfBs1dmz+b8T98bQbhQzHBEJYXen3YRrUvIz8mjMd2cQTRBeVQHFc4x0fdouJcusG3KLwZmWq3tmB3SSaJqUNQfVuC/dM+VOh4u+IPa2ggobfl49b1fW84hGvz2QtLuMFjXxLdGS0u2IXdDSTfx42NXufNAWygtLA4M5h5ZKhqjcT1JamoyDI4aBRquXvcfgqFj+2TeoLq6hPK4EStTKLE67AQSvvQQOVPSnwfXp3LD9Ub1EoDnFo0E8kx0SEgek5liStlkBYEUVtZT0bvUbXrIx5T4OSnn5XddCh6DBrbeVZruldJ1hjdzqfOhDvzyy+WREgdRgbeHpoZiZlOEJmMVbd3085lZ9Jg7G6CpLAyBnXbZ5Cq0PDFruAYqwHORefRalQYPxHIZcYzWoRPFMGYUewu8E7ZM9PSDo/frWOvLSKunum+maWsZ1SozpyhjgcsENEtQQBAnEsxTg4nKNOHtqe1+ywAaZEW21AK3scPwAE00YVWWOrpEV5HNK4bHTeG01dQ0K9XjUnf+Y9bJZMF45ki6k1++5RFkV/P6AC3k+gPtaluWP+td913OchlA2ecQVsQCqn2o0BFbcvFXJxZcmAzQutiLArIvymIypPqNZsBhL1j1lcwHuzh7UzbvxsarMupV5T1ai9kcawIGZ2QmlcJNjuANJB7vdh/Lqd59OeUxWu0QNR6tyEbNmZq2kFAG42vmCtdoein1TJK1dt9B2PyfcRo4AFxjppnN4rPdKAA01kyK1TnPpXKwkaQYvjaK1knDY6Qshvatv9XUWDRZkJDBNWtTa2Uuu+Sydl0i2cgLal058SBOClybhnGXbYMQqlIsH4CjKAphZ6fwp1aIwqU5SNhqHub0TSHisZI5CPnK4LPGI1EK14bI7gVgKFB1RY7COVE6aObZ4d/En4vw3OASspTo0gzLi9eShcKW8ZJwQ3jMjNt+aEk09SOIFI6q8t0Bxed+3oxKSXDiGuvAzwMbgVIdVNWAcgmYaYqilF4Kgm0+oZJGJYu/qLU7vLw6qHU0mi9mZzwYk9Xcm61NCg2hfpZ037rj8sdgrhUwdzeNClgMjG2vUh7IZdYevLvkOELXUaVaoYlCY+agNzHwI9PARThSxpdbTKtOWyIPCYQbst8fwZZmOHaML4jRq1A+KFm5ppFW1hizfrWbqymz38WBrymSqDRE+iWPm7se0DwsY2CPtoPo8/bkusWNtHdygtEJ4lX9QyPmrE2RKocE16notJmnDGsaHeDU8gyaEpi6SUF1Vg==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:08:50,007 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:08:50,007 - INFO [Shibboleth-Audit.SSO:?] - 20220926T190850Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_ed02f483381f446a8312c13688a9038fdcd9a08|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_2e51ced9ed85017528dfee34ab00ade5|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxJOshkrKCbR9UM1bMojMfecIkQeILkf25mThL3MWotSp9AWIBNxW22NzkiHUnkqomvDEHCMQy6sJ4CjeKTdI0QYGsqf84O5t++fsTq+KzBLTiw7LH0u0RjVVqZvLbT4wDIopz1fPQKAK90jlaG1YxrhtH8X3mxNI=|_e6cc08fe42970dc299edbdac2380fb56|
2022-09-26 19:11:57,848 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: _9f9317cf-4af1-4782-bd99-e9ba96a6d26c
2022-09-26 19:11:57,848 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:11:57,849 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:11:57,849 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion"
    AttributeConsumingServiceIndex="1"
    Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_9f9317cf-4af1-4782-bd99-e9ba96a6d26c"
    IssueInstant="2022-09-26T19:11:57.283Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <samlp:Issuer xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca</samlp:Issuer>
</samlp:AuthnRequest>

2022-09-26 19:11:57,857 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca' from origin source
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Request specified AttributeConsumingService index 1
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:11:57,857 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:11:57,857 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca
2022-09-26 19:11:57,858 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:11:57,858 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:11:57,858 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:11:57,858 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:11:57,858 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:11:57,859 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_9f9317cf-4af1-4782-bd99-e9ba96a6d26c', issue instant '2022-09-26T19:11:57.283Z', entityID 'https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:11:57,859 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca' does not require AuthnRequests to be signed
2022-09-26 19:11:57,894 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:11:57,894 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:11:57,894 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:11:57,894 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:11:57,894 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:11:57,895 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:11:57,895 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:11:57,896 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:11:57,896 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:11:57,896 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca
2022-09-26 19:11:57,896 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-09-26 19:11:57,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-09-26 19:11:57,902 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:11:57,903 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:11:57.903Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:11:57,903 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:11:57,903 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:11:57,903 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:11:57,904 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:11:57,992 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:11:57,992 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:11:57,992 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:12:02,065 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'sheldon'
2022-09-26 19:12:02,066 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user sheldon
2022-09-26 19:12:02,066 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@58476493::identifier=sheldon, context=org.apache.velocity.VelocityContext@3b395099]
2022-09-26 19:12:02,124 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=sheldon,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@58476493::identifier=sheldon, context=org.apache.velocity.VelocityContext@3b395099]
2022-09-26 19:12:02,149 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'sheldon' succeeded
2022-09-26 19:12:02,149 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:12:02,149 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:12:02,149 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'sheldon'
2022-09-26 19:12:02,149 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'sheldon'
2022-09-26 19:12:02,149 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:12:02,150 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal sheldon
2022-09-26 19:12:02,150 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session a42d127a89550f617e58878a94c7135197aca44af28dadc8090519e4989c9c69 for principal sheldon
2022-09-26 19:12:02,150 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session a42d127a89550f617e58878a94c7135197aca44af28dadc8090519e4989c9c69
2022-09-26 19:12:02,151 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=sheldon)
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 9 attributes: [uid, identifier, telephoneNumber, role, mail, displayName, surname, givenName, eduPersonUniqueId]
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:12:02,153 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:12:02,154 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:02,154 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:12:02,154 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@77ae9d5e'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'sheldon'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'sheldon'
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:12:02,155 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:12:02,248 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning OrganizationName from Organization, Innovapost
2022-09-26 19:12:05,274 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:12:05,274 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:12:05,275 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191205Z|https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca|AttributeReleaseConsent|sheldon|displayName,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'sheldon:_key_idx'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca, value=[{"id":201},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755525275}'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'sheldon:_key_idx'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'sheldon:_key_idx'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca]' as '["sheldon:https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca"]'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@77ae9d5e'
2022-09-26 19:12:05,275 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:05,275 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:12:05,276 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:12:05,277 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _08bcc949407c583c2c43c1bdabb98898
2022-09-26 19:12:05,277 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _08bcc949407c583c2c43c1bdabb98898 to Response _d039f0b7aa3af5211ecec7ca3e87b467
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _08bcc949407c583c2c43c1bdabb98898
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value sheldon of attribute uid
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value scooper@samltest.id of attribute identifier
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value employee@samltest.id of attribute role
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value scooper@samltest.id of attribute mail
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sheldor of attribute displayName
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Cooper of attribute surname
2022-09-26 19:12:05,277 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sheldon of attribute givenName
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-09-26 19:12:05,278 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:12:05,278 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxvOs9AAG4NJC1KKDgCBb7XE5s64TDcl1191Q0l1ky5FTVTdpz5qQXdYfGvL1atUu7Duy+XReZQ/Y8XrHBiiS5tFbnZ+gpNIQ4t7O18yHnw0j/QawXyQSpXlvzpNioR35YtY7dNeTdM5QowUJJVtZ1cag4b+z1bJ4= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:05,278 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.82.174.97
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _9f9317cf-4af1-4782-bd99-e9ba96a6d26c
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _08bcc949407c583c2c43c1bdabb98898
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _08bcc949407c583c2c43c1bdabb98898 did not already contain Conditions, one was added
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:17:05.275Z, to Assertion _08bcc949407c583c2c43c1bdabb98898
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _08bcc949407c583c2c43c1bdabb98898 already contained Conditions, nothing was done
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _08bcc949407c583c2c43c1bdabb98898 already contained Conditions, nothing was done
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca as an Audience of the AudienceRestriction
2022-09-26 19:12:05,279 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _08bcc949407c583c2c43c1bdabb98898
2022-09-26 19:12:05,280 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca to existing session a42d127a89550f617e58878a94c7135197aca44af28dadc8090519e4989c9c69
2022-09-26 19:12:05,280 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca in session a42d127a89550f617e58878a94c7135197aca44af28dadc8090519e4989c9c69
2022-09-26 19:12:05,280 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:12:05,280 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca and key AAdzZWNyZXQxvOs9AAG4NJC1KKDgCBb7XE5s64TDcl1191Q0l1ky5FTVTdpz5qQXdYfGvL1atUu7Duy+XReZQ/Y8XrHBiiS5tFbnZ+gpNIQ4t7O18yHnw0j/QawXyQSpXlvzpNioR35YtY7dNeTdM5QowUJJVtZ1cag4b+z1bJ4=
2022-09-26 19:12:05,280 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:12:05,280 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:12:05,280 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:12:05,280 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-09-26 19:12:05,282 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion
2022-09-26 19:12:05,282 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion
2022-09-26 19:12:05,282 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d039f0b7aa3af5211ecec7ca3e87b467"
2022-09-26 19:12:05,282 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d039f0b7aa3af5211ecec7ca3e87b467 and Element was [saml2p:Response: null]
2022-09-26 19:12:05,283 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d039f0b7aa3af5211ecec7ca3e87b467"
2022-09-26 19:12:05,283 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d039f0b7aa3af5211ecec7ca3e87b467 and Element was [saml2p:Response: null]
2022-09-26 19:12:05,289 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:12:05,289 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion' with encoded value 'https&#x3a;&#x2f;&#x2f;coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca&#x2f;SSO&#x2f;assertion'
2022-09-26 19:12:05,289 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:12:05,290 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: '_9f9317cf-4af1-4782-bd99-e9ba96a6d26c', encoded as '_9f9317cf-4af1-4782-bd99-e9ba96a6d26c'
2022-09-26 19:12:05,291 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion"
    ID="_d039f0b7aa3af5211ecec7ca3e87b467"
    InResponseTo="_9f9317cf-4af1-4782-bd99-e9ba96a6d26c"
    IssueInstant="2022-09-26T19:12:05.275Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_d039f0b7aa3af5211ecec7ca3e87b467">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>JiWBIhiCvR26ZIgcPVVNyWuucXi3yHIK2nyt9JHHC0g=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>lprHd+Q+QnebzK0q+wG4CaEuaZhqAm1ZLpR0mRxWkUsKJWyOjegIUDbC51oUFGsW9f622wSe8xc0oCvjQykV5APYNY1uiQLAe+Yh4FpIJ/tcUmbH6/bGWC7tOQfmPkvwG7IJPBATvdzF38N/j9vUT+7zDSqJr6GVVXlALRM85fRzShghMTecmSuOUo9l1bzGBQhlIPGEf5G8OtLlWVYnVJ0YgTu9BR7l7ycK2NSNevP6ITqVSPX92uIR5izGYScQAcKIbb6zJqnZ2W3+tWe+2ULycr4lmWRrUIoFaWr1KydXLBi4vFIC8mO9kZiPxF6oc0Pc3CU5RiAFPnqjuI2SkQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_08bcc949407c583c2c43c1bdabb98898"
        IssueInstant="2022-09-26T19:12:05.275Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxvOs9AAG4NJC1KKDgCBb7XE5s64TDcl1191Q0l1ky5FTVTdpz5qQXdYfGvL1atUu7Duy+XReZQ/Y8XrHBiiS5tFbnZ+gpNIQ4t7O18yHnw0j/QawXyQSpXlvzpNioR35YtY7dNeTdM5QowUJJVtZ1cag4b+z1bJ4=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.82.174.97"
                    InResponseTo="_9f9317cf-4af1-4782-bd99-e9ba96a6d26c"
                    NotOnOrAfter="2022-09-26T19:17:05.279Z" Recipient="https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca/SSO/assertion"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:12:05.275Z" NotOnOrAfter="2022-09-26T19:17:05.275Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:12:02.149Z" SessionIndex="_c4817e3867175b88a252cb4bd3e1c91c">
            <saml2:SubjectLocality Address="40.82.174.97"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>sheldon</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">scooper@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">employee@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>scooper@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sheldor</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Cooper</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sheldon</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:12:05,291 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:12:05,291 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191205Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_9f9317cf-4af1-4782-bd99-e9ba96a6d26c|https://coo-acd-dashboard-mdx-ui-qa02.azcpggpc.ca|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_d039f0b7aa3af5211ecec7ca3e87b467|sheldon|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|uid,identifier,telephoneNumber,role,mail,displayName,surname,givenName|AAdzZWNyZXQxvOs9AAG4NJC1KKDgCBb7XE5s64TDcl1191Q0l1ky5FTVTdpz5qQXdYfGvL1atUu7Duy+XReZQ/Y8XrHBiiS5tFbnZ+gpNIQ4t7O18yHnw0j/QawXyQSpXlvzpNioR35YtY7dNeTdM5QowUJJVtZ1cag4b+z1bJ4=|_08bcc949407c583c2c43c1bdabb98898|
2022-09-26 19:12:05,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: 8VKEMUgkdwtwdIUauU3g5yHD7-yCagRQ-K9mK-ugfk7GJdNPP_J-S9qB
2022-09-26 19:12:05,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:12:05,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:12:05,883 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://api-v2.conformity.pro/saml/test-sso/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-b31dd56e27bad42a74e070abf8853da859be85f0"
    IssueInstant="2022-09-26T19:12:05.229Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://probe.conformity.pro</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:12:05,885 - WARN [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Metadata with ID 'https://probe.conformity.pro' currently live is expired or otherwise invalid
2022-09-26 19:12:05,886 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://probe.conformity.pro' from origin source
2022-09-26 19:12:05,886 - DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver:?] - Metadata Resolver FilesystemMetadataResolver SAMLtest: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=https://probe.conformity.pro]
2022-09-26 19:12:05,886 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved no EntityDescriptors via underlying MetadataResolver, returning empty collection
2022-09-26 19:12:05,886 - INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  No metadata returned for https://probe.conformity.pro in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol
2022-09-26 19:12:05,886 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No metadata context found, nothing to do
2022-09-26 19:12:05,886 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://probe.conformity.pro
2022-09-26 19:12:05,886 - WARN [net.shibboleth.idp.profile.impl.SelectProfileConfiguration:?] - Profile Action SelectProfileConfiguration: Profile http://shibboleth.net/ns/profiles/saml2/sso/browser is not available for RP configuration shibboleth.UnverifiedRelyingParty (RPID https://probe.conformity.pro)
2022-09-26 19:12:05,887 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: InvalidProfileConfiguration
2022-09-26 19:12:05,887 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-09-26 19:12:41,464 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:7d3139ac4ed5b17e92ce617088d8d847fdb26653c8ce50db8f735c5cb182cb3e
2022-09-26 19:12:41,464 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:12:41,464 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:12:41,464 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_18ef1f7a6dc71bd912c3de00eca4108b"
    IssueInstant="2022-09-26T19:12:40Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://testshib-dl3.decisionlens.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:12:41,470 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://testshib-dl3.decisionlens.com/shibboleth' from origin source
2022-09-26 19:12:41,470 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:12:41,470 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:12:41,470 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:12:41,470 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:12:41,470 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:12:41,471 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:12:41,471 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:12:41,471 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://testshib-dl3.decisionlens.com/shibboleth
2022-09-26 19:12:41,476 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_18ef1f7a6dc71bd912c3de00eca4108b', issue instant '2022-09-26T19:12:40.000Z', entityID 'https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://testshib-dl3.decisionlens.com/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:12:41,477 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:12:41,478 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:12:41,478 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:12:41,478 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:12:41,478 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:12:41,478 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:12:41,479 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:12:41,479 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:12:41,479 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:12:41,479 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:12:41,479 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:12:41,479 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://testshib-dl3.decisionlens.com/shibboleth
2022-09-26 19:12:41,479 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:12:41,479 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:12:41,479 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:12:41,479 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:12:41,483 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:12:41,483 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:12:41.483Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:12:41,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:12:41,484 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:12:41,565 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'testshib-dl3.decisionlens.com'
2022-09-26 19:12:41,566 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:12:41,566 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:12:46,685 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:12:46,685 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:12:46,685 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@565888137::identifier=rick, context=org.apache.velocity.VelocityContext@12e41def]
2022-09-26 19:12:46,686 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@565888137::identifier=rick, context=org.apache.velocity.VelocityContext@12e41def]
2022-09-26 19:12:46,687 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:12:46,687 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:12:46,687 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:12:46,687 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:12:46,688 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:12:46,688 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:12:46,688 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:12:46,688 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423 for principal rick
2022-09-26 19:12:46,688 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:12:46,689 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6c645f9a'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:46,690 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:46,691 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:12:46,691 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:12:46,691 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:12:46,691 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'testshib-dl3.decisionlens.com'
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:12:46,769 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:12:47,493 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191247Z|https://testshib-dl3.decisionlens.com/shibboleth|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://testshib-dl3.decisionlens.com/shibboleth, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755567493}'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:12:47,493 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:12:47,494 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:12:47,494 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:47,494 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://testshib-dl3.decisionlens.com/shibboleth]' as '["rick:https://testshib-dl3.decisionlens.com/shibboleth"]'
2022-09-26 19:12:47,494 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6c645f9a'
2022-09-26 19:12:47,494 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:47,494 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:12:47,495 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:12:47,495 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:12:47,495 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _5a65ae9ce6351a73ec812fcc63442a3b
2022-09-26 19:12:47,495 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _5a65ae9ce6351a73ec812fcc63442a3b to Response _6368580862bccade97f14dd003e1f4ca
2022-09-26 19:12:47,495 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _5a65ae9ce6351a73ec812fcc63442a3b
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:12:47,496 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-09-26 19:12:47,497 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:12:47,497 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 100.0.89.157
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _18ef1f7a6dc71bd912c3de00eca4108b
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _5a65ae9ce6351a73ec812fcc63442a3b
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _5a65ae9ce6351a73ec812fcc63442a3b did not already contain Conditions, one was added
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:17:47.494Z, to Assertion _5a65ae9ce6351a73ec812fcc63442a3b
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _5a65ae9ce6351a73ec812fcc63442a3b already contained Conditions, nothing was done
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _5a65ae9ce6351a73ec812fcc63442a3b already contained Conditions, nothing was done
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://testshib-dl3.decisionlens.com/shibboleth as an Audience of the AudienceRestriction
2022-09-26 19:12:47,497 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _5a65ae9ce6351a73ec812fcc63442a3b
2022-09-26 19:12:47,498 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://testshib-dl3.decisionlens.com/shibboleth to existing session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:47,498 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://testshib-dl3.decisionlens.com/shibboleth in session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:47,498 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:12:47,498 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://testshib-dl3.decisionlens.com/shibboleth and key AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI=
2022-09-26 19:12:47,498 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:12:47,499 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:12:47,499 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:12:47,499 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_6368580862bccade97f14dd003e1f4ca"
    InResponseTo="_18ef1f7a6dc71bd912c3de00eca4108b"
    IssueInstant="2022-09-26T19:12:47.494Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_5a65ae9ce6351a73ec812fcc63442a3b"
        IssueInstant="2022-09-26T19:12:47.494Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://testshib-dl3.decisionlens.com/shibboleth" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="100.0.89.157"
                    InResponseTo="_18ef1f7a6dc71bd912c3de00eca4108b"
                    NotOnOrAfter="2022-09-26T19:17:47.497Z" Recipient="https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:12:47.494Z" NotOnOrAfter="2022-09-26T19:17:47.494Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://testshib-dl3.decisionlens.com/shibboleth</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:12:46.687Z" SessionIndex="_3b584bfa6f28f2ad2fcd5afd0eea060c">
            <saml2:SubjectLocality Address="100.0.89.157"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:12:47,501 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:12:47,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:12:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_6368580862bccade97f14dd003e1f4ca"
2022-09-26 19:12:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _6368580862bccade97f14dd003e1f4ca and Element was [saml2p:Response: null]
2022-09-26 19:12:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_6368580862bccade97f14dd003e1f4ca"
2022-09-26 19:12:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _6368580862bccade97f14dd003e1f4ca and Element was [saml2p:Response: null]
2022-09-26 19:12:47,503 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:12:47,503 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;testshib-dl3.decisionlens.com&#x2f;Shibboleth.sso&#x2f;SAML2&#x2f;POST'
2022-09-26 19:12:47,503 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:12:47,504 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'ss:mem:7d3139ac4ed5b17e92ce617088d8d847fdb26653c8ce50db8f735c5cb182cb3e', encoded as 'ss&#x3a;mem&#x3a;7d3139ac4ed5b17e92ce617088d8d847fdb26653c8ce50db8f735c5cb182cb3e'
2022-09-26 19:12:47,505 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://testshib-dl3.decisionlens.com/Shibboleth.sso/SAML2/POST"
    ID="_6368580862bccade97f14dd003e1f4ca"
    InResponseTo="_18ef1f7a6dc71bd912c3de00eca4108b"
    IssueInstant="2022-09-26T19:12:47.494Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <ds:Reference URI="#_6368580862bccade97f14dd003e1f4ca">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <ds:DigestValue>/u100XQi+mOMQw69fqmOGDfL9lJO4szL4JjwgkKQxHhflFuYeqbLd8uAiVEXxD9Ut19R8hLBryz6RZz95hLsEQ==</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>iND6RBbvJMm4MSYVx499nSGhVD1E1yxGRjUxa3480Uqet8bW68wQuo4h5qPmMGKFyLZsSuew+NumBH+G7ZweNddM/+4UD2ghsPQWPqLj5BLNlYHbgO0DuBrO28UV+yDw82NTXq1aUNG0o6N9w1oTqWI71STjqptsPoinY1MaFDEoUxpikRnHcJVImHRNThiDV01Dzvw3mPrHJI78/RPx/Y3y7ysiiDPnZ6Wc40hWbT/ihc00brOzeDuFAUT90f8RIlErEbuG2EysbMCT1OUWeII3WuIPONgnlj84bYknSV1Jvbx8QHmvp3MumVHpDfXRQs98FSDSsdaFQBukPdfVbA==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_93e18d04a9ab839a0b144be1d94dcdf4"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_5f792c25c715a5a62b81b4881f768a7d"
                    Recipient="https://testshib-dl3.decisionlens.com/shibboleth" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                        <xenc11:MGF
                            Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJAIt4c7bMoguvMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNVBAMTDWlwLTEw
LTEwLTMtODQwHhcNMTUwNzE1MTQxNzU4WhcNMjUwNzEyMTQxNzU4WjAYMRYwFAYDVQQDEw1pcC0x
MC0xMC0zLTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkVYsD3XkIrZ9CMty7Yd
IaMLJmm5refA2BrVbdOa6FPJcvsRX26EFoZaevRMkqU4Vp9UUpVwjZrLa7Gqq8/vq77ZAsL7D3Za
7tubxdyqzdzts5mjtW0KFbsR1ENHrv4lStoTOS8eIRcEP0kzkXKqEBJK9LE+2FGeCwW/hCgJys1r
Cemv+B34FPR9F4GNaqrLw07I4SrduLinKSs70hwdAVFDBqxZxXFDJTXz2ivCIXlJEhP47nQDEysj
8teOKMldXzOfCCs6zo34FBH7dWWLxphvMEpJBxkaHZd0v7WgP+T3czalr1WWs1ZJ4LAqFlYOW3wr
r2/Gic0Nxwj+XdArKQIDAQABozswOTAYBgNVHREEETAPgg1pcC0xMC0xMC0zLTg0MB0GA1UdDgQW
BBRVjkIgz5pN9ywawCgIFrygPb0u+DANBgkqhkiG9w0BAQUFAAOCAQEALiwnGeiG64zH//eOk96v
5nnBUz5jdysnbSIoJs3n2tC+B0UQoGUVM6MQu2WDVAWxOUCCay4XEYW2jw+9yKeRpjdA7A1K20Rq
4hwFmoN+jb79nd2r6CQxdHXJvHNQ7AvpKO8c0NYONu1aI1eH5VABvMkS3QtXCb3umf5g96SkWYvI
dZgMWi+fF4iL5SI3dKZ8XWPN+RU01NgVUC49hgx5EqJlGt8GeSuO/81BV0OrcXEWwM+l0KSbtsfH
P1fUXuInGo03sjrf/wvwl0AmS3cGpUtA5dCC91pXECwKdbSTVHMMPTqSt3AvGDjbYyUfI8kRDU+R
Dvh4DgRNOOiax5D2ug==</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>Jp/Hqnq/AxYs5/9GG4lfjDkSvIl6hBi1LbJfUDRznxOU0umespMrayHEQyoZrxS/VEncvaaDV91nEVL66vL45e3G3KlzEuKc6c+TG/5ZMVEp/kajNHFxlNIZO/zhjMG6Xtz0SKmSgo0wCbWmJbGy+vO/Ja0tH/MuErFAatVsdtdZtmfQ95rGI+0zUICs+IEQOPW/3aaCjX5aK/MoujzVZfjwv2vcHtb6xsAMz/TWhdBjbW5g4ULFpzcD7b7AwfmTVZbHoNYdAJjnQpTSKLy4ywczsbrWPz59QigSbVfWL1w3DxqgrcOAchvYV/3i2jvtSmCr1U2c6ThMvgSgbR5InA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>1VpsCT/ovWUayg464FeqffXQc6Xr00x0OV19xJnbz4vHkJM4KYV4npUFTxRZaN/Mjj07QTgV/CedW2fOL7piNELB9BaJH7zzKmu26w47kez0GMCio8aTZgFmU9aQraA40RG+wpH3WsNrGiuesaEulF75mXZGYhTdh2Goiln9RTa74SE6+AJLMFiarJ51HNyo5ZmobFWv2LK/sEoBxnK+g0Y3PZYrQFRpp0Bi2+ghc9xrjf+k+JsRXSrf1BdvS/1o47b7WospPRjPAJU6JUyJA/KGItxe2Dbv4+EFmV+Rpc+u/DQuIv4pxCY0XyClyL0BjUL/ApWUY8eSohqSACPumLiikZlFWAKPcF2FWVD7yVBMGWRu5ijyRH/nevMiMmZ36yZ9neO/GVz0/QYqEaoGvc9dIQY8V0FNeHYlcsDcb743KORPKwxt2xDaUXbl8QNOkR4FfbQt1cf6/5hzwJFfCCI5kWGulAtySroifmDJNS87NliG00/JkjtmTYGsPDstggSrzW9/fS6Mea/Qb33HhA2MYsaiXGAnZS2Eu4LOQVmkDlE8cnoOINh7nStS2sdkASlN7VDbhM4M2JzZJMrP9YhECHycmi9yUYJx5aUlitBdmwz/J9bW6g0gBPEHkbU7B2i7An4iHtGUyLK+H3xdgfTz2lYLPgPVs5aP8mgqHXdRG0jUIHlC86FagY/AeQgJGHGAxgcoQ8vWnhN1X5fn0griynHsHZYPSR9dYAYyv6qpnugysnmeTudsDtQyK6sJPvCzwmmTR4BrUOfs6QVaO/DoJ8o54ALIUeSVbD1g0t0B0ql7ssfzLzHwqF0TY3xSmWZOtL+NdpUeA7gADs5Ky3wQyOjUk/g1R/IqTvyMXLKuovFn2cCQOx3r+o9DDUW4/EjAwk/lr50XPGxCRidAuaEiYEE4i1sH5mppc8RtPJUfHYY1xvVrvbM2VedbIrdXV0t/B4vfJVwrGv6MT07ySwmIUczw16jltDYbGoYfn7KbOE24bhJMY9byEuWRPO01dPz2FS9GXnA8Kx1e2F18CMhcksFScmiiMlL1wrIHolJukllNfkdoIRVcfHUJIuaNKAOkDksORYeUD+X5hmtalUxbF2UkFfHk8wxd5Vm9PwKNGaKVzjzNth2U6uh26iS0N/rO70Z+aYnlVwwJv9J3RemRV5LT+7V4oaWq0v5ItC/gHBS8qfr+HWgu7yWhLa8V4A+2hi5AXVshlYk7R/yCpD/RSLdnoOo2Xm8YQ2ardM7Z9um5w2vAQwGu7br2M9t9FeqJPY2nUnpWsSlF8GCAhqf0IGfJQqG9Fj4HWWLN2pjRse8WAGvnA6XtneRwKJFdpQMAkF0RwRrk6KhTq/GeRk5hBiHcOPOAGlwkCZbMrRd3ea8dj6h7nza/m3qPc7YP5e05qJ7aOVuwQ155Ov1sPHraFbxTeDrmxgDEOXUWEi+AbK4soE78oak9ywsV+K/1pFsR+/4H5RpLqc/OP0iUn3qj1vWG8EfwYszhBcep24VQihdkOBJkSmPzEDhaBZKmjE1kn3sfbHGUxwbnhckYo9UuwdbK1KjgA9Z7iqUdAsv8DNcsb2x8QOmTYVXXNZD1PyzCGqqxwmAe89TPuh4OsOutDT8pz3Ij/8ifGfeXMgQ3JFs12F+Q1wReIh6ktiiHMR1oEdtbm+Jr+L3Prj8iwE28OMMM+T1gExQiTEX7hA8KdpfeXmoYmaxymPx2kfkSM/Iz1uXrDakaPx3yKeiU9wc7So/BJM0HeQpOlLmCVZW/21D/efqRDdfV1G+5JfCpplyVrP8NpQQ13q9qr+qA/hsrpvp3LRk9pVm87T7vn65F9Iwm1j5xOearK+d5qkt2H+U0epG1tp2Pm3ZzGFzX3ripqLj3HZFVmaBbuRmJNkVQLSa/cHtEMpgYtfuY2/C7H0vf54Cfyn/XOphZGKPSZwvey24cKbyuiy4a2DNbkzXqqQ3EWg0u8Lcht109FVqB4bx2eByjUNCESlGEaLMSN+658GKqp8+2JDojl7NL7p3Hi5ogFG7YCZf9SI+bxff9m8IrEofzYsXQXgdGXs4XOT3djmgM9N2IWjspc8NBD9qGNZSL9vaRkCRN0wxbbrcOD2yVtbfRuRT/AWJTltXEVrpK0djIbWyLuSBaRYKpKbTA2OncH8CkYOmn2Q48EypbDT2iMCRGYD/+k2CIPzCqsZFyRhyN9hZjVDVAgGylLJDGnX1nPM1f7YDck45xcw4mjuZZ9dIxc0MgK/EMEHdxt//DCc9AQLECuIh8DfcP9QhulgJhpdMfN8/XE5ZIt8L9wlQOIR6L/A+OgnZNYxQQKIJRGnEt1/RvY66YzxEm/S1d3JxqNAJPS6kqaVHMctlG7hNQlU7E5aWfoU4dlWjg55xIftbq8NHgTIjBEPphtHqdNuwYHBD69Ro/xjRAFYItMVIYJInxrXdnTPo3WswWMNG8CXzLPOppmA82T8zk+OlgoUQjhLiZ/pNa3gpv6pUNNT9jXLqudePLD9dUuaZF/xRwXcpGvFzc03Qrkvv1E8t9MEWTlug0FrvkUlp9nOF+8Mo1qHxKdw3Bdo+2SeTX8joWTQUU9pJryYAQuzGUZCX7BrDkcEaF9NmsIBM7/gOhehgGvhJFHuAyKmoOuW1YGJkR8sFvbApQZRlVhA4QhTGSQsWhDDyigkjO8XcId7Fu9LV52L1r6+RK3Rw2j9L+SavP5UQvKYKxTx54KZWkSCV4CfUXI8WUnDFvXwonMn3zEDkywcAhe464qhfcE6CjcMZIQPtXY22kyBHmF2A7AN6jzcFmpIjKojWStmb3KWDl+6LUsoq7kb17SqPvXhw2JwIesoWyxDUUaUKhy+/A+qECJ2USOkOo1IQkxjCWkOyLYBGgr4a0sGDTz/leZLqahUz1JfOw7gPolkdBu0+BOiVqVUu7hJ9dR/3H4mZs0h5ZhkkXDROY+sY45Cdyixd4uCDiFHSNDNgMDPQ7+iXOyZDuoQkebibumzVmBBSAw/jlwW9U3Bl9a4WbdakFIcVvqeDRq8HtbNjLztUGuweWGMxSU+YoWELDQK1kQt79hmh+LwBo361ZfvqPGNGj3BLXfXr28acc/1ElAEFLjfoZOBaEAJBXff9CruUoc2zkEgYSzNCZAsSMirZXmNY+v2MfchMIqy2a4B3nTvL7inowbrXONL3Xr1+OyZIRo40pPZzOYD63jYuToai8Iu0U+LDRFQUaquXBuLGQtOvdzt/NesVRqkGAgPO72EuMTh++nA/wDMN/j1CjqdUSzhEMZGOU5OqaAAjI7dB10pC8n0smMlc8ehtNx+1Zei3TjDanrWONRevVt5hoUmbWqEDvlMs/eRXn2GyxD88LVcC5c6X6YNyLCa0w8N8cVQauDSRtqWIegQ+UynY7BYh8US7Px+i4BluJZwqcnxdBU466TEGEi/hEAokPAkuZncac9bfBAjsBvPA+SZjsA65qR8F8nkLciHZ/qTMUxjdwvczQDw+EcwevyJ1vE3yLEBC96/G0FtzNM94aJ1uli+pkSZ5LD+PL60qZ41vhTAotIbYYf7k46VF6c7CuScsOFFdd7ULRMA+mUalY/xHV4zNcTsmWFnDP0Pb3GnbFE70qBat4ZJw9mZ/KFOsiAGTbva3s1oQm9FjQHfqTRghQcU2bkcVQsFG+/JvwUplDQiMpIaEFJY3BZ9CRCs7ksYvSxJ6pEUsaBK+7lW+trAyAonRpVz78Ioml5kley9UzLEeaCRmggrUzltKAPpqYtkcIsrcWh2aWBT6C3iJQzy91n6Wknusgv9TK9r4TIlVMH1eXU11t/C+PltJj7+RvdXlmPdCDl1sEvsD0ZVg2fC9fdqSr6mQVa2qCVOh7LDW7yonLNFzzP8Iko8P6W5hHH7jKNcFr7FykVMm9K0VoTpp/q1VZZMmrSneX5qHSFkarD7wNSEBrRele9ibOB1e3hhFG89FBAHvlJfHZDt3W5r41avp3tfTBeleauMzqqF/fxY9TwYAWxAQrevBckn1dxwDEKWn1cR3iox7Tc2qFzHGXwdUs3QOGhskf7ZYXoa8TbhGd2UuzHZzOQzrHNNFB0g4xTYLPGVlWodVJa7hh5nQ34sCeRcBBilYRoRRW0EQ9gikdencP715dU/deLPTqaq6kB3TIGFX2JwlFXPL1nNeYLDZJbWOO3JxAsAC3BNHBbPUOcvhgebtYezgZGasKsG1Kqo/PN7WwlM0guZLXCvrbcKQlcVIhL4VKrFhg3vTICJj8r6S1jjcPbl2nFaXEmPQRUbYgcg7HoTXFYHiJU9Q6ZyCMlSRBa7avRTaT1482l/9vRFr1Ovknx6FUf5jfjkWMxQhrxbxf3zLnXeKEO4ggtNfsOd/PyeKIKZSPE8m+r+WSFiiGQiLsk4JQFDNe1gewPyHc7X+EZ1opf8SHCHIpJaTgRuRCFvkbRZd0Qncvr6iWnKzN6NinquEoHTKFYYm988+0Mj6+vAFlN7P31YThW/4INKYiLUFrTEZ/QAacs6hVe/12M3mR1M+euclHCYeAS7fHvHPtHH627Gos/aqgMx2PYhoNSWMkg0BqSkd7oYLBKtvlzcjIUTAn/qwTvpBzJRUviXp8hcwQFuy51Gqq+cwBg2WdHZeI2/VQmRbMhFcfanPI/kD48Y/yglQatTdh6fYhYRmDodU0rh4cKCHmhB+XMDl7cSrNmVytj/MXDfqVrhVP9LQfxqsXfVfIRqATAaVIJl8188bWEh0vcVWHSnUDSiSVOp8mOGoP69EqGO8tu5t9kwti6ZiwjN0LRYy4OciFUyu3JoWCO/FNoxCmolTil7s7d6qTaOLFNLxsTCO9NaLm7ClFek9dPPpoa5kZktUplNLeIWb5Fi4gJVRk6EqzjozhjsuT1ySZLQS2SeQpXJFt5UQ1BtnThMCstr/bJkhO4EGYFrzAlEjPesgYZe0kjCHhvRq1JXL38SNzDztus3ThR5Ll45b8oI/7COivw4u7ve9IpK0g9XP5WDd+v4lZwdCfRxLAbkxLkLCAF/05NrgKAszFRw5BB8eTmoQqWP8HZ0ZmVSaG++wPg7uxhMFt9Hfd4ms3YXtZLoWGyRMRhmIo7BahuW2pC5K0jkktHvfzPUtfB8wHK4H8ymEIf1c7/qR3jbacWkfGjQxP8h0zZLqN2ob0WO4D+U3MM1hMdjDYjr2Eb7SPAOfP6DgD7N1KIFDX97dUd16WecKmdqpi1IFa</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:12:47,505 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:12:47,505 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191247Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_18ef1f7a6dc71bd912c3de00eca4108b|https://testshib-dl3.decisionlens.com/shibboleth|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_6368580862bccade97f14dd003e1f4ca|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI=|_5a65ae9ce6351a73ec812fcc63442a3b|
2022-09-26 19:12:53,159 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: corr:1664219573_4323
2022-09-26 19:12:53,159 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:12:53,160 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:12:53,160 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:LogoutRequest
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SLO"
    ID="_82454988ab99dfa493224777a4155385"
    IssueInstant="2022-09-26T19:12:53Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://testshib-dl3.decisionlens.com/shibboleth</saml:Issuer>
    <samlp:Extensions>
        <aslo:Asynchronous xmlns:aslo="urn:oasis:names:tc:SAML:2.0:protocol:ext:async-slo"/>
    </samlp:Extensions>
    <saml:EncryptedID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData
            Type="http://www.w3.org/2001/04/xmlenc#Element"
                xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                        xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<xenc:CipherData>
<xenc:CipherValue>L9j62jVVsmq4J5v9nnjCzdqbSlX/7JIE7FyXEOy9UPxjhO6sxKrgohYNxCN11hLdMF80R9NKnzJn
C5FMtZTi6pwBqnh0YHAEaSVH6iVNmnMbk5jz3Mo//M9j48h58kYurpOVglYvOZrIY0Rbb6EAreJe
QTAFzYaM05xTsC35AQdx4JW5cOR/2jig9uT20KvCJG5omu93gSsqoT5TXtxcne2vIDWv8LDMnVKb
CI00FX5ZVDHvUxOlo3Qg7rmh/FWovF41LNjWRKn5knIAdePNdHdd6ToBhVTHyQJAzfCal8jRX16o
eVjuKygh28YwxuV8ZmT7PmKmsshTpx2TtHZhSA==</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
            </ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>6/m+K4RetCZCUGMFTlg22suE0CyMdbbEYdC+oIZpjGDxqMnqHM1vir27tuSe+75ZNywkVas93JJ+
wmZu09JGEEq/CvZtcYpOMYk1nCcZY0m2s0WtCmVEWnoQZTnCZdajFNUsDlF6XVs5YpFW5Pu4G9z+
XEChsJIR6JMs12qioGdpIY1EpDQT0aiDyghftv/mwNdEWBkU6nIiF0hCewyefu8TcRw/2vRMNKHQ
Z12QVYSG2xRqACRd4a0v3aRLGPCSOJAhn3Pj2Gr5LdnVtry41ezdXJZBWKnaIVlYr9nziHFeFawQ
E8dM4YhVUQnUGaFlv8SvnvS18nz118ui7YEt5Y3NqnU625N8cgSrj/dKnXYMH3ZrCCr5SfrgUuG1
r/Z+rcHK1gAOQXJQZBGCRyj8oF+M3XiJIHz1k5zAJPdYxFh0qmZgoiYYk29UNYcECGWt2ZF0vvrx
oBf2ZBXLOTb2z5X620FcqRSdho8Jxy6Eanc8V2N5nlI4JEzNPE5O8qyL3NTR0oz3EMEoqIvAe6QN
BBRHrIPkaYJPByIrfI/ET0YRG0v0Iij8PosuMHfAgqPFIiIjtnSdattUwcLqzOsqlw==</xenc:CipherValue>
</xenc:CipherData>
        </xenc:EncryptedData>
    </saml:EncryptedID>
    <samlp:SessionIndex>_3b584bfa6f28f2ad2fcd5afd0eea060c</samlp:SessionIndex>
</samlp:LogoutRequest>

2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:12:53,170 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:12:53,170 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://testshib-dl3.decisionlens.com/shibboleth
2022-09-26 19:12:53,171 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:53,171 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:12:53,171 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SLO
2022-09-26 19:12:53,171 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SLO
2022-09-26 19:12:53,171 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:12:53,172 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_82454988ab99dfa493224777a4155385', issue instant '2022-09-26T19:12:53.000Z', entityID 'https://testshib-dl3.decisionlens.com/shibboleth'
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=rVZdj6pIEH33V0y8j5MZoPkQzMwkiqCg%2BIGIwssG6VZQ6AYaEP31i3Pn5t7Zm93Mbva16tSpc6qKNC80SJOsPyNHUpU2yitEy4cmTTDtv2deu1WB%2BySgMe3jIEW0X4b99cCa9cEz288KUpKQJN2HUVsX46CMCX7tRmWZ0T7D3BnKNvEcQyaGGdPCD3GCmHs9YGwE4wKFJbOeLboPxui1%2B4cMBFFQZDnYKwo8BILCAyD0er1A4ESRl8UWRmmFDEzLAJevXcAC8MQqT0ByOKXPgb7I%2B90HFxX0XUcrsfv2clfRf68rfnH2z8YCSlFxN9N9%2B2HmboRG8f4JJvwzRGF875EgTJ9DkjL3zJ4kqIxemF8afu%2Be9bWmbJFtAX17CWhC%2BgN6xWFUEEwq%2BqHqHv%2FauPuoKVt4y%2FDU1nSZt%2B89P7d5V6HhsLhmJYLG6L94f2kQDn%2BSjIIy%2BKC5J74vuh3N5XJ5vvDPpDgygGU5hhWYFtUivnUfnGuGvgDUEpQiXHbfOp96tiqsdqYEPgySIyniMkq%2FQBYgCkTpKdyH7Ww6L5D2p%2Bhq4AP5EA%2Fp35CwDKvcSSCNj99%2Bs9%2BS%2FEv3%2F4ubggZPJEDZU3o8cNm7o3dSNc4iVNx38jniBkmF3mbKSQIn16VpLphirWB8Um8w36%2BTHdMzDa2nX3fa4qpsls0pWki0mRZHEnnzRp1zXDSDli6ztjKf4puJO6qoW6XvxFJ2GeY4Yr3JQAvW7kSK3XmKrf1ZPN14izCMpZwEORLls1cV2cI9Jl698AvDY%2B39XtIGBTJRZ%2BUM9JsXWKzYOFTlxcEKNoK5FcOFzYBTfFQqB7DTWjXHIkkrhT%2BuaU4c0dmVTYgRqI3RtpZnIwu7031HNVhW34m%2BO5rUm2aREH517BVpxOhbUusCN5uftvYUi2dsDCBazuEEQskhw8h1JteVObgd1CCRT%2FaOk0gHuadqej1GQPYuTeXKfur0luk0pTRysgY45cSP1oPX1xfmt3F3PsU%2BlsL8dj%2Ftl%2FrzGr%2B2SIlJH6eCjUrVVzdjS3eSIwC00lj1asH9XvOg%2BkgMPzuNR01u4XxicXVcgF5ZrdFjT%2FTn18vZDajCm%2BZj55L6FauYY03LGbX2y9DLFpZ35rAa%2Bh6bAspuSzV1tS0mK9%2FBqg%2BDkz7f0FGiSzuXil6mb8VlJYyV22Nnp6kRNQ1bMi3KgTwmY5gZHqdlo5XDBvGoneShrJn0MofadnjeSNiIdTZS0eWKDpXshPaFAbVtzaeTVcfnwMr11mPQ2PlAtaEQsDUf2LPxUl0vzEGE%2BeUJjAtxBrFbFleBQze4M%2F3hdooDw028QsG3eKIjPbisOpoMLcGL3M0Kb8aBntTyusb1mpPxjePkKu55Wil6%2FDzHGwmIczk8rosTA6d451kT3i9UtRDXh%2BK4qcZcp2D8xyKcTLnjYLHamSt%2FOFbt60km%2BqPF72LTmNy4s3gbmEvoNXrE5ql%2FJLHnnYGymXuhpo63JfB1tq6LpkOGB%2BAPd7OFswc3cScBVg9zew0jIpvNVdICHMoumIs4MQRTu82XmriQ8%2BuMnzs2S268ZmkkN%2BoBklbzznBoTwpjeQ48czm8GsXBYDSH9ewxW7NGfJKXhFbW5DA45kvdiI1TidcwKMvNJZzltwXNk8tXb%2Fmvp%2FwR%2FOsb8%2BO5WyN6f4UMDFHz9ge%2FF2VhfwikA5APIIDgEEIxOEAWoYCV2PDH6%2FWp6kfw05%2FJ258%3D&RelayState=corr%3A1664219573_4323&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=KjdWnxlKv4LUes4%2FQCx3pS0eSHg%2FBWWnNfePFDxfX7FWYYhBw6g%2BmHqiMD2j0Z04JYDgwz1onDvpFGO4fcopiMcLoVv5%2Bfn92QH3tWts3cI1aZX9UJ7HuESi5R9Kk8Sq%2BSPUiznvCQGyGc2wZsevg%2BpbFPiK2r5kM5OusuGS6vj9HVfuHh%2BMprrbx%2FQROIFt96lCE6kOtx6Mij8Hjr%2FNplvWBDq%2Fo9sBXA44%2BeOcBvPWb8pYlvFJ0Ysj3hrzajcOzdfxHebjkvEpjn6bPTKiH5IlmEsK7wirlVthrdc7XVgJAaoYBsPCs3JRzQuB%2BVLuEMx7Hp4KDwJeYlaI%2BHT5ag%3D%3D
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=rVZdj6pIEH33V0y8j5MZoPkQzMwkiqCg%2BIGIwssG6VZQ6AYaEP31i3Pn5t7Zm93Mbva16tSpc6qKNC80SJOsPyNHUpU2yitEy4cmTTDtv2deu1WB%2BySgMe3jIEW0X4b99cCa9cEz288KUpKQJN2HUVsX46CMCX7tRmWZ0T7D3BnKNvEcQyaGGdPCD3GCmHs9YGwE4wKFJbOeLboPxui1%2B4cMBFFQZDnYKwo8BILCAyD0er1A4ESRl8UWRmmFDEzLAJevXcAC8MQqT0ByOKXPgb7I%2B90HFxX0XUcrsfv2clfRf68rfnH2z8YCSlFxN9N9%2B2HmboRG8f4JJvwzRGF875EgTJ9DkjL3zJ4kqIxemF8afu%2Be9bWmbJFtAX17CWhC%2BgN6xWFUEEwq%2BqHqHv%2FauPuoKVt4y%2FDU1nSZt%2B89P7d5V6HhsLhmJYLG6L94f2kQDn%2BSjIIy%2BKC5J74vuh3N5XJ5vvDPpDgygGU5hhWYFtUivnUfnGuGvgDUEpQiXHbfOp96tiqsdqYEPgySIyniMkq%2FQBYgCkTpKdyH7Ww6L5D2p%2Bhq4AP5EA%2Fp35CwDKvcSSCNj99%2Bs9%2BS%2FEv3%2F4ubggZPJEDZU3o8cNm7o3dSNc4iVNx38jniBkmF3mbKSQIn16VpLphirWB8Um8w36%2BTHdMzDa2nX3fa4qpsls0pWki0mRZHEnnzRp1zXDSDli6ztjKf4puJO6qoW6XvxFJ2GeY4Yr3JQAvW7kSK3XmKrf1ZPN14izCMpZwEORLls1cV2cI9Jl698AvDY%2B39XtIGBTJRZ%2BUM9JsXWKzYOFTlxcEKNoK5FcOFzYBTfFQqB7DTWjXHIkkrhT%2BuaU4c0dmVTYgRqI3RtpZnIwu7031HNVhW34m%2BO5rUm2aREH517BVpxOhbUusCN5uftvYUi2dsDCBazuEEQskhw8h1JteVObgd1CCRT%2FaOk0gHuadqej1GQPYuTeXKfur0luk0pTRysgY45cSP1oPX1xfmt3F3PsU%2BlsL8dj%2Ftl%2FrzGr%2B2SIlJH6eCjUrVVzdjS3eSIwC00lj1asH9XvOg%2BkgMPzuNR01u4XxicXVcgF5ZrdFjT%2FTn18vZDajCm%2BZj55L6FauYY03LGbX2y9DLFpZ35rAa%2Bh6bAspuSzV1tS0mK9%2FBqg%2BDkz7f0FGiSzuXil6mb8VlJYyV22Nnp6kRNQ1bMi3KgTwmY5gZHqdlo5XDBvGoneShrJn0MofadnjeSNiIdTZS0eWKDpXshPaFAbVtzaeTVcfnwMr11mPQ2PlAtaEQsDUf2LPxUl0vzEGE%2BeUJjAtxBrFbFleBQze4M%2F3hdooDw028QsG3eKIjPbisOpoMLcGL3M0Kb8aBntTyusb1mpPxjePkKu55Wil6%2FDzHGwmIczk8rosTA6d451kT3i9UtRDXh%2BK4qcZcp2D8xyKcTLnjYLHamSt%2FOFbt60km%2BqPF72LTmNy4s3gbmEvoNXrE5ql%2FJLHnnYGymXuhpo63JfB1tq6LpkOGB%2BAPd7OFswc3cScBVg9zew0jIpvNVdICHMoumIs4MQRTu82XmriQ8%2BuMnzs2S268ZmkkN%2BoBklbzznBoTwpjeQ48czm8GsXBYDSH9ewxW7NGfJKXhFbW5DA45kvdiI1TidcwKMvNJZzltwXNk8tXb%2Fmvp%2FwR%2FOsb8%2BO5WyN6f4UMDFHz9ge%2FF2VhfwikA5APIIDgEEIxOEAWoYCV2PDH6%2FWp6kfw05%2FJ258%3D&RelayState=corr%3A1664219573_4323&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: https://testshib-dl3.decisionlens.com/shibboleth
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://testshib-dl3.decisionlens.com/shibboleth, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://testshib-dl3.decisionlens.com/shibboleth' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:12:53,173 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-09-26 19:12:53,174 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:12:53,174 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:12:53,174 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID https://testshib-dl3.decisionlens.com/shibboleth
2022-09-26 19:12:53,174 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:12:53,174 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:12:53,181 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.ExtractChannelBindingsExtensionsHandler:?] - Message Handler:  Message did not contain any ChannelBindings extensions
2022-09-26 19:12:53,181 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:12:53,182 - DEBUG [org.opensaml.saml.saml2.profile.impl.DecryptNameIDs:?] - Profile Action DecryptNameIDs: Decrypting EncryptedID in LogoutRequest
2022-09-26 19:12:53,182 - INFO [org.opensaml.xmlsec.algorithm.AlgorithmSupport:?] - Mapping from algorithm URI http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p to key length not available
2022-09-26 19:12:53,182 - INFO [org.opensaml.xmlsec.keyinfo.impl.BasicProviderKeyInfoCredentialResolver:?] - KeyInfo was null, any credentials will be resolved by post-processing hooks only
2022-09-26 19:12:53,182 - DEBUG [org.apache.xml.security.encryption.XMLCipherInput:?] - Encrypted octets:
L9j62jVVsmq4J5v9nnjCzdqbSlX/7JIE7FyXEOy9UPxjhO6sxKrgohYNxCN11hLdMF80R9NKnzJn
C5FMtZTi6pwBqnh0YHAEaSVH6iVNmnMbk5jz3Mo//M9j48h58kYurpOVglYvOZrIY0Rbb6EAreJe
QTAFzYaM05xTsC35AQdx4JW5cOR/2jig9uT20KvCJG5omu93gSsqoT5TXtxcne2vIDWv8LDMnVKb
CI00FX5ZVDHvUxOlo3Qg7rmh/FWovF41LNjWRKn5knIAdePNdHdd6ToBhVTHyQJAzfCal8jRX16o
eVjuKygh28YwxuV8ZmT7PmKmsshTpx2TtHZhSA==
2022-09-26 19:12:53,185 - DEBUG [org.apache.xml.security.encryption.XMLCipherInput:?] - Encrypted octets:
6/m+K4RetCZCUGMFTlg22suE0CyMdbbEYdC+oIZpjGDxqMnqHM1vir27tuSe+75ZNywkVas93JJ+
wmZu09JGEEq/CvZtcYpOMYk1nCcZY0m2s0WtCmVEWnoQZTnCZdajFNUsDlF6XVs5YpFW5Pu4G9z+
XEChsJIR6JMs12qioGdpIY1EpDQT0aiDyghftv/mwNdEWBkU6nIiF0hCewyefu8TcRw/2vRMNKHQ
Z12QVYSG2xRqACRd4a0v3aRLGPCSOJAhn3Pj2Gr5LdnVtry41ezdXJZBWKnaIVlYr9nziHFeFawQ
E8dM4YhVUQnUGaFlv8SvnvS18nz118ui7YEt5Y3NqnU625N8cgSrj/dKnXYMH3ZrCCr5SfrgUuG1
r/Z+rcHK1gAOQXJQZBGCRyj8oF+M3XiJIHz1k5zAJPdYxFh0qmZgoiYYk29UNYcECGWt2ZF0vvrx
oBf2ZBXLOTb2z5X620FcqRSdho8Jxy6Eanc8V2N5nlI4JEzNPE5O8qyL3NTR0oz3EMEoqIvAe6QN
BBRHrIPkaYJPByIrfI/ET0YRG0v0Iij8PosuMHfAgqPFIiIjtnSdattUwcLqzOsqlw==
2022-09-26 19:12:53,190 - DEBUG [org.opensaml.saml.common.messaging.context.SAMLSubjectNameIdentifierContext:?] - Ignoring LogoutRequest, Subject does not require processing
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessLogoutRequest:?] - Profile Action ProcessLogoutRequest: LogoutRequest contained Asynchronous extension
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing secondary lookup on service ID https://testshib-dl3.decisionlens.com/shibboleth and key AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI=
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service https://testshib-dl3.decisionlens.com/shibboleth in session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:53,190 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:12:53,191 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessLogoutRequest:?] - Profile Action ProcessLogoutRequest: LogoutRequest matches IdP session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:53,191 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Destroyed session 9312b61f96371bcb93e8c2c2fe2ac26741ec0d3296a9a0018130b26156eeb423
2022-09-26 19:12:53,395 - INFO [Shibboleth-Audit.Logout:?] - 20220926T191253Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_82454988ab99dfa493224777a4155385|https://testshib-dl3.decisionlens.com/shibboleth|http://shibboleth.net/ns/profiles/saml2/logout|https://samltest.id/saml/idp|||rick|||AAdzZWNyZXQxIYArX1AG8ubeWSVlRMJYSZrUETnDS1HuOLTUDFdqf6apFRBBrP9kp1M9s5/913jpag8pjym4dDbRArDFqFiQzFkz17mBJ/2SJqdvUE7klhJg7dgxxAtSEmBLduxm2hoVfitzTaBzGeUTHxL2BL+MDHI=||
2022-09-26 19:13:35,385 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1FRWNWMTFBWkZaeEZWV1ZuS29QS3QtWXBObzZwVjFVVHZnQzQ5NF9jRnpJJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCZzdGF0ZT1rZnI3QVFZT2JIJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy
2022-09-26 19:13:35,385 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:13:35,385 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:13:35,385 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<ns3:AuthnRequest
    AssertionConsumerServiceURL="https://global-login.sandbox.streem.cloud/samlv2/acs"
    ID="idf207d36c06124ae88e9d27208a8a9203"
    IssueInstant="2022-09-26T19:13:35.001Z" Version="2.0"
    xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"
    xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#">
    <Issuer>https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942</Issuer>
    <ns3:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</ns3:AuthnRequest>

2022-09-26 19:13:35,391 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942' from origin source
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:13:35,391 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:13:35,392 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942
2022-09-26 19:13:35,392 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:13:35,392 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:13:35,392 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-09-26 19:13:35,392 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'idf207d36c06124ae88e9d27208a8a9203', issue instant '2022-09-26T19:13:35.001Z', entityID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942' does not require AuthnRequests to be signed
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:13:35,393 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:13:35,393 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:13:35,393 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:13:35,393 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:13:35,393 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:13:35,394 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://global-login.sandbox.streem.cloud/samlv2/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:13:35,394 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:13:35,394 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:13:35,394 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942
2022-09-26 19:13:35,394 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-09-26 19:13:35,394 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-09-26 19:13:35,398 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:13:35,398 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:13:35.398Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:13:35,399 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:13:35,484 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'global-login.sandbox.streem.cloud'
2022-09-26 19:13:35,484 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:13:35,485 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:13:47,763 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'morty'
2022-09-26 19:13:47,763 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user morty
2022-09-26 19:13:47,763 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@60351950::identifier=morty, context=org.apache.velocity.VelocityContext@1c1be20]
2022-09-26 19:13:47,775 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=morty,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@60351950::identifier=morty, context=org.apache.velocity.VelocityContext@1c1be20]
2022-09-26 19:13:47,777 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'morty' succeeded
2022-09-26 19:13:47,777 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:13:47,778 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:13:47,779 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'morty'
2022-09-26 19:13:47,780 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'morty'
2022-09-26 19:13:47,780 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:13:47,780 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal morty
2022-09-26 19:13:47,780 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 30a8f579877972deca6973de504160283733e021f30ec4fc3b414529590fe924 for principal morty
2022-09-26 19:13:47,780 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 30a8f579877972deca6973de504160283733e021f30ec4fc3b414529590fe924
2022-09-26 19:13:47,781 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=morty)
2022-09-26 19:13:47,783 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, identifier, uid, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 2 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:13:47,784 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:13:47,785 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:13:47,785 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:13:47,786 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@52344f32'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty'
2022-09-26 19:13:47,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty'
2022-09-26 19:13:47,788 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:13:47,788 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'global-login.sandbox.streem.cloud'
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:13:47,876 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:13:48,667 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191348Z|https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942|AttributeReleaseConsent|morty|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:_key_idx'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755628667}'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942]' as '["morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942"]'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@52344f32'
2022-09-26 19:13:48,667 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:13:48,668 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:13:48,671 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:13:48,672 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:13:48,672 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _78daee05560b256b9e60a2be4193b37a
2022-09-26 19:13:48,672 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _78daee05560b256b9e60a2be4193b37a to Response _63dbebdcbd89cf479489af293927548c
2022-09-26 19:13:48,672 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _78daee05560b256b9e60a2be4193b37a
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Ambassador of attribute eduPersonEntitlement
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value None of attribute eduPersonEntitlement
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute identifier
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value morty of attribute uid
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5505 of attribute telephoneNumber
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value janitor@samltest.id of attribute role
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute mail
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Smith of attribute surname
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Morty Smith of attribute displayName
2022-09-26 19:13:48,673 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Mortimer of attribute givenName
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-09-26 19:13:48,674 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.76.107.170
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to idf207d36c06124ae88e9d27208a8a9203
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://global-login.sandbox.streem.cloud/samlv2/acs
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _78daee05560b256b9e60a2be4193b37a
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _78daee05560b256b9e60a2be4193b37a did not already contain Conditions, one was added
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:18:48.668Z, to Assertion _78daee05560b256b9e60a2be4193b37a
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _78daee05560b256b9e60a2be4193b37a already contained Conditions, nothing was done
2022-09-26 19:13:48,674 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:13:48,675 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _78daee05560b256b9e60a2be4193b37a already contained Conditions, nothing was done
2022-09-26 19:13:48,675 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:13:48,675 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 as an Audience of the AudienceRestriction
2022-09-26 19:13:48,675 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _78daee05560b256b9e60a2be4193b37a
2022-09-26 19:13:48,676 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 to existing session 30a8f579877972deca6973de504160283733e021f30ec4fc3b414529590fe924
2022-09-26 19:13:48,676 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 in session 30a8f579877972deca6973de504160283733e021f30ec4fc3b414529590fe924
2022-09-26 19:13:48,676 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:13:48,676 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 and key C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U
2022-09-26 19:13:48,676 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:13:48,676 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:13:48,677 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:13:48,677 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-09-26 19:13:48,689 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://global-login.sandbox.streem.cloud/samlv2/acs
2022-09-26 19:13:48,689 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://global-login.sandbox.streem.cloud/samlv2/acs
2022-09-26 19:13:48,689 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_63dbebdcbd89cf479489af293927548c"
2022-09-26 19:13:48,689 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _63dbebdcbd89cf479489af293927548c and Element was [saml2p:Response: null]
2022-09-26 19:13:48,689 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_63dbebdcbd89cf479489af293927548c"
2022-09-26 19:13:48,689 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _63dbebdcbd89cf479489af293927548c and Element was [saml2p:Response: null]
2022-09-26 19:13:48,693 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:13:48,693 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://global-login.sandbox.streem.cloud/samlv2/acs' with encoded value 'https&#x3a;&#x2f;&#x2f;global-login.sandbox.streem.cloud&#x2f;samlv2&#x2f;acs'
2022-09-26 19:13:48,693 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:13:48,693 - WARN [org.opensaml.saml.common.binding.SAMLBindingSupport:?] - Relay state exceeds 80 bytes: Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1FRWNWMTFBWkZaeEZWV1ZuS29QS3QtWXBObzZwVjFVVHZnQzQ5NF9jRnpJJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCZzdGF0ZT1rZnI3QVFZT2JIJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy
2022-09-26 19:13:48,693 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1FRWNWMTFBWkZaeEZWV1ZuS29QS3QtWXBObzZwVjFVVHZnQzQ5NF9jRnpJJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCZzdGF0ZT1rZnI3QVFZT2JIJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy', encoded as 'Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1FRWNWMTFBWkZaeEZWV1ZuS29QS3QtWXBObzZwVjFVVHZnQzQ5NF9jRnpJJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCZzdGF0ZT1rZnI3QVFZT2JIJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy'
2022-09-26 19:13:48,697 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://global-login.sandbox.streem.cloud/samlv2/acs"
    ID="_63dbebdcbd89cf479489af293927548c"
    InResponseTo="idf207d36c06124ae88e9d27208a8a9203"
    IssueInstant="2022-09-26T19:13:48.668Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_63dbebdcbd89cf479489af293927548c">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>/x8eyh42+bdGYMAWsO1DtIOGyMjNZueTEa1805ezQos=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>a3W9yqcx0KCaclAj0w9jH99nb5Lr+fFTbJnBn1xslzn1VY8pB5gC0GXfcac+GejKgkd5J3hNmCnGFOCOaGqkF54wK6A12qDNSH6Fe8LyPa7AZbEpR/I8hnJ0hA9NfN/qdTEopwhMs8jjubk+O9mLrUPFYzECVdvOUv1r65TS13rUZmREksJR6iPSX+TU7WTOHs8mnrVR1FkOeugC1HR7uRga7wwm5H7gFxmWq5OLjvEA2ZlOAaA+hgspH9kok20pnmZdq77h27laTmzBSIFRNGoHfgCu6wj7KG0onOOFCjIHidglBB/4xJPFTl40Dtq46EYexS2FfvlmbXJJge2qpQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_78daee05560b256b9e60a2be4193b37a"
        IssueInstant="2022-09-26T19:13:48.668Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.76.107.170"
                    InResponseTo="idf207d36c06124ae88e9d27208a8a9203"
                    NotOnOrAfter="2022-09-26T19:18:48.674Z" Recipient="https://global-login.sandbox.streem.cloud/samlv2/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:13:48.668Z" NotOnOrAfter="2022-09-26T19:18:48.668Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:13:47.777Z" SessionIndex="_ce6b01eb4278c09fa611bdee5609f3f9">
            <saml2:SubjectLocality Address="40.76.107.170"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Ambassador</saml2:AttributeValue>
                <saml2:AttributeValue>None</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>morty</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5505</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">janitor@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Morty Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Mortimer</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:13:48,697 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:13:48,698 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191348Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|idf207d36c06124ae88e9d27208a8a9203|https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_63dbebdcbd89cf479489af293927548c|morty|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,identifier,uid,telephoneNumber,role,mail,surname,displayName,givenName|C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U|_78daee05560b256b9e60a2be4193b37a|
2022-09-26 19:15:46,352 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:4290d79334934a1ce7d9ae8ec5bb0d09524c79392cdebd5f9c7397bc75dc3ccf
2022-09-26 19:15:46,352 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:15:46,352 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:15:46,353 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_501299e99e0f2f212c62218c6ed97292"
    IssueInstant="2022-09-26T19:15:45Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://fcdev.flashcode.com/saml</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:15:46,359 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://fcdev.flashcode.com/saml' from origin source
2022-09-26 19:15:46,359 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:15:46,359 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:15:46,359 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:15:46,359 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:15:46,359 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:15:46,360 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:15:46,360 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:15:46,360 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://fcdev.flashcode.com/saml
2022-09-26 19:15:46,360 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_501299e99e0f2f212c62218c6ed97292', issue instant '2022-09-26T19:15:45.000Z', entityID 'https://fcdev.flashcode.com/saml'
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://fcdev.flashcode.com/saml' does not require AuthnRequests to be signed
2022-09-26 19:15:46,361 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:15:46,362 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:15:46,362 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:15:46,363 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:15:46,363 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:15:46,363 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:15:46,363 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:15:46,363 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:15:46,363 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://fcdev.flashcode.com/saml
2022-09-26 19:15:46,363 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:15:46,363 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:15:46,363 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:15:46,363 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:15:46,368 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:15:46.370Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:15:46,370 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:15:46,371 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:15:46,371 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:15:46,371 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:15:46,371 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:15:46,481 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'fcdev.flashcode.com'
2022-09-26 19:15:46,481 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:15:46,481 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:15:49,988 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:15:49,989 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:15:49,989 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@571102057::identifier=rick, context=org.apache.velocity.VelocityContext@7c5ed076]
2022-09-26 19:15:49,990 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@571102057::identifier=rick, context=org.apache.velocity.VelocityContext@7c5ed076]
2022-09-26 19:15:49,992 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session e448da63b34fdd16b665e2a83f52a24022fb85b12058df6c56cd08f4fc8648b1 for principal rick
2022-09-26 19:15:49,992 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session e448da63b34fdd16b665e2a83f52a24022fb85b12058df6c56cd08f4fc8648b1
2022-09-26 19:15:49,993 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:15:49,994 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@285864f'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://fcdev.flashcode.com/saml'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@1baafed1' with context 'intercept/attribute-release' and key 'rick:https://fcdev.flashcode.com/saml'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:https://fcdev.flashcode.com/saml' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1692277683141' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:15:49,995 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:15:49,996 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:15:49,996 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-09-26 19:15:49,996 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@285864f'
2022-09-26 19:15:49,996 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:15:49,996 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:15:49,997 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:15:49,997 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:15:49,997 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _aef90ddaa27d435960b657be9ea231fb
2022-09-26 19:15:49,997 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _aef90ddaa27d435960b657be9ea231fb to Response _9dffb3fa8cf6fda0f1c36c8e62f00b11
2022-09-26 19:15:49,997 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _aef90ddaa27d435960b657be9ea231fb
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:15:49,998 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-09-26 19:15:49,999 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:15:49,999 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxPuBeFn2AP7rjqe74qw3apaU16G7fQrkzwHJSV2gskmYR3FII4YnGrv+8ZMXIqXMG1bbAIjyq9EPZLSvyO38+B9iM9JUk7sQhmmSX01ncFEkvKFG0436RxrkoaojFSAuncuvH with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 198.24.80.90
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _501299e99e0f2f212c62218c6ed97292
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _aef90ddaa27d435960b657be9ea231fb
2022-09-26 19:15:49,999 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _aef90ddaa27d435960b657be9ea231fb did not already contain Conditions, one was added
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:20:49.996Z, to Assertion _aef90ddaa27d435960b657be9ea231fb
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _aef90ddaa27d435960b657be9ea231fb already contained Conditions, nothing was done
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _aef90ddaa27d435960b657be9ea231fb already contained Conditions, nothing was done
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://fcdev.flashcode.com/saml as an Audience of the AudienceRestriction
2022-09-26 19:15:50,000 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _aef90ddaa27d435960b657be9ea231fb
2022-09-26 19:15:50,001 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://fcdev.flashcode.com/saml to existing session e448da63b34fdd16b665e2a83f52a24022fb85b12058df6c56cd08f4fc8648b1
2022-09-26 19:15:50,001 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://fcdev.flashcode.com/saml in session e448da63b34fdd16b665e2a83f52a24022fb85b12058df6c56cd08f4fc8648b1
2022-09-26 19:15:50,001 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:15:50,001 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://fcdev.flashcode.com/saml and key AAdzZWNyZXQxPuBeFn2AP7rjqe74qw3apaU16G7fQrkzwHJSV2gskmYR3FII4YnGrv+8ZMXIqXMG1bbAIjyq9EPZLSvyO38+B9iM9JUk7sQhmmSX01ncFEkvKFG0436RxrkoaojFSAuncuvH
2022-09-26 19:15:50,001 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:15:50,001 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:15:50,001 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:15:50,248 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_9dffb3fa8cf6fda0f1c36c8e62f00b11"
    InResponseTo="_501299e99e0f2f212c62218c6ed97292"
    IssueInstant="2022-09-26T19:15:49.996Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_aef90ddaa27d435960b657be9ea231fb"
        IssueInstant="2022-09-26T19:15:49.996Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://fcdev.flashcode.com/saml" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxPuBeFn2AP7rjqe74qw3apaU16G7fQrkzwHJSV2gskmYR3FII4YnGrv+8ZMXIqXMG1bbAIjyq9EPZLSvyO38+B9iM9JUk7sQhmmSX01ncFEkvKFG0436RxrkoaojFSAuncuvH</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="198.24.80.90"
                    InResponseTo="_501299e99e0f2f212c62218c6ed97292"
                    NotOnOrAfter="2022-09-26T19:20:49.999Z" Recipient="https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:15:49.996Z" NotOnOrAfter="2022-09-26T19:20:49.996Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://fcdev.flashcode.com/saml</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:15:49.992Z" SessionIndex="_f97f7b1e579896a6ea057b7e595b8bfd">
            <saml2:SubjectLocality Address="198.24.80.90"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:15:50,251 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:15:50,251 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST
2022-09-26 19:15:50,252 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_9dffb3fa8cf6fda0f1c36c8e62f00b11"
2022-09-26 19:15:50,252 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _9dffb3fa8cf6fda0f1c36c8e62f00b11 and Element was [saml2p:Response: null]
2022-09-26 19:15:50,252 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_9dffb3fa8cf6fda0f1c36c8e62f00b11"
2022-09-26 19:15:50,252 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _9dffb3fa8cf6fda0f1c36c8e62f00b11 and Element was [saml2p:Response: null]
2022-09-26 19:15:50,254 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:15:50,254 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;fcdev.flashcode.com&#x2f;Shibboleth.sso&#x2f;SAML2&#x2f;POST'
2022-09-26 19:15:50,254 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:15:50,254 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'ss:mem:4290d79334934a1ce7d9ae8ec5bb0d09524c79392cdebd5f9c7397bc75dc3ccf', encoded as 'ss&#x3a;mem&#x3a;4290d79334934a1ce7d9ae8ec5bb0d09524c79392cdebd5f9c7397bc75dc3ccf'
2022-09-26 19:15:50,256 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://fcdev.flashcode.com/Shibboleth.sso/SAML2/POST"
    ID="_9dffb3fa8cf6fda0f1c36c8e62f00b11"
    InResponseTo="_501299e99e0f2f212c62218c6ed97292"
    IssueInstant="2022-09-26T19:15:49.996Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <ds:Reference URI="#_9dffb3fa8cf6fda0f1c36c8e62f00b11">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <ds:DigestValue>jOvR9xPptwzQqGPDP/TcdBRISQqx6OsrWdrmduxm0I9dNpPeARZW8h22VbQiQnjV78y1r/iTrMCalzwcM+apkw==</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>sKtIVETvPq3fCbVKK5Spm8gN/RorLwVZv6VCRdzYfs82vtiO2FLWAO88BcR/+DLjg4fJxrxCOT7wPMQVczJUFiBBDreSoRBc44O1hBmeS4LMHfVPGPyde5jWSJyHMnYe1lqrj+71WBzTLajHfTs5KEi+bLiWMzxHn1OHFord0rRn5n8Y7TCrL6D+VFtEoVdetqrDslA7IRLOvZvTgfISzPfvXVr8vVBSKXziMtiWbllduvbVpsXIZ1ic4pFO8RLoaGzBjFCZ/zL6lGvffPT0RGPmjuouL3Mmh3UPzAv7JP6kh7iSIDvKDLmKUwbN9ZwJdUeBWrWnNfTCtsfZw/TKFA==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_2283e1c4d1d173e4f9ba72be2f800560"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_35f57fdb8cfc8a61979b69d0ebf6c2eb"
                    Recipient="https://fcdev.flashcode.com/saml" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                        <xenc11:MGF
                            Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIGTzCCBTegAwIBAgIQD9oi2RCJYJD5oIJLasRQkjANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQG
EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBEaWdpQ2VydCBUTFMgUlNBIFNI
QTI1NiAyMDIwIENBMTAeFw0yMTAzMDIwMDAwMDBaFw0yMjA0MDIyMzU5NTlaMHIxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRAwDgYDVQQHEwdUdXJsb2NrMSIwIAYDVQQKExlGbGFz
aCBDb2RlIFNvbHV0aW9ucywgTExDMRgwFgYDVQQDDA8qLmZsYXNoY29kZS5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAWLWslL6PlkH+is3nwjyhfQcsxyAb0Wgkcbbha95trST
UidVNH0mmnIOA1FxCCT/wuKZVuDhiXSseqEE4HHpMR0Cr+a44i7RVQHcWspDvPuYMVRlEtlfOEM3
/xNlG+uHUmvZA7l42AphQlDQavPiy4e2LCnEDlYBsEzdFtgAjochYmUEME9V3iQetJe34msQegux
MOqGAdJa15eGm+jjLYWnuo0KJYgA3Rg5F+/vYpsgcBBWyON9ua1/JuFf/diCtWRIIfDuuJz+lfet
M+ruJWCQSvwWR5q7EyXdDADq+cT0YTakY3FmWMJJ7hMhOUY81RaUUyjy3Gte8pjpqAY7AgMBAAGj
ggMCMIIC/jAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUiR1KOibc
CgNY71/4DsMmCD+0ubIwKQYDVR0RBCIwIIIPKi5mbGFzaGNvZGUuY29tgg1mbGFzaGNvZGUuY29t
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYsGA1UdHwSB
gzCBgDA+oDygOoY4aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2
MjAyMENBMS5jcmwwPqA8oDqGOGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JT
QVNIQTI1NjIwMjBDQTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0
dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB9BggrBgEFBQcBAQRxMG8wJAYIKwYBBQUHMAGGGGh0
dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBHBggrBgEFBQcwAoY7aHR0cDovL2NhY2VydHMuZGlnaWNl
cnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS5jcnQwDAYDVR0TAQH/BAIwADCCAQUG
CisGAQQB1nkCBAIEgfYEgfMA8QB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAAB
d/VSIL4AAAQDAEcwRQIgPwf2DLo/H/on4VD6eEMRxSDC9Ul4/Fzm8vC9znLKauACIQC1/7yU1Fr5
SHO2DJO5dHWs2vMgI7VMRqGY4W07XoLIjAB3ACJFRQdZVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu
4g8CAAABd/VSIMwAAAQDAEgwRgIhAMqlBxHiK3PqaJkYK2ikYiSuWc/5oP/LTQfMQNtB/APkAiEA
8HmNTLKk5hexHlUrYZ+idtwWBmksG7x5AA3hvcW0gpEwDQYJKoZIhvcNAQELBQADggEBABOZFU1t
wJzAQLa6PbixuxNJuDRzX9H8/2CDs9tIxcK8A3FDzeNmEYIDHapFo/qEdFaXvS7fzue1zr81a8Bd
CS5T9upxt5x0lLDexypAiI1LLNGGkCsUvy7zksyZykmmZRvJiebK+whVtVeoRZaxjLilw1Y1c869
tAU4zzBTSbD4e39Uo4BfsF1JuvnYhMPkKPz5uGI8BMCFt896EHqYhySH7Ck2W4lPSlj8u7hD++K+
4Hnyl5PEEwH98mn6VlAplnK7cncHruv9NBAu9he2sf+QtrszL4oC6FcYbkKd604WmKOMmnUL3EmG
AUrwrte+K4AHyqo97tITb+OWYsEqk8Y=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>cbnYIwGB2F/TdhQBdV9sOesOYRi9WN69AiOXUeMFGJrKOFGYue1cZqYSrbcXirrwUDg2Qp//rCF2+jgfM2uXQ+e0gqV27vzb7nLhsbVoZzWF4IccheEob8y5GJXRx8GsVjC+0eOiOGKPPMDqP0XisOBINybOmY/+xmowuX0EtYB40C6S7otJGj5Jcst5+vaBrJMzQ+G66BSqGAp1LVsxkW7izuwI2EFPgx7sgY9BX2B1Ao/5kmAS4uhQ0BHGzZDG8yFeOQFH0yyKQpmaigA0ej8AGwA8xJnjH2zvBeWdFmElj98aUfXjjwNRCEq/7pMk/ruhTzAp8hZxW3XKfb4zkw==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>+AZa4kSH3so9BVEsraJS4sJC0BkR+0JXfjTVFAM/IayeV7sqVkZZ4ZyUTA15zcuOEFyVgKTqbINzTCnoiNuCG9l5dEoAUUoKlRn9KOm3ZU7QzW1/TeVvGWkk/51WlSpnWJwjZ6fPmqWrtxEDbnpkp2epKvcdoNpeoP88Iu1V9uVFcPEgVV9h9LgrFxhooLcB9+CBlMcupfyf5qhsgxMXAHfi0oU51P4r8pAsxSz6cOcRCPvLY9paerVM/6BeONyD+xqwY++jpPDNiRONvlsN3KHxIk0QMzqo7xpT1Ilrx9JaFhR1CF1w6HM6V6ysPzVlPGHV7QE0OUVRGNRKWz8zA42KViTyzVl4/dndwVecFbx+9aeoAb5wQYVt/jYmaqgRKhCN7ELV8mYV3Ky8cgGaZoAm6viJ6jRred6tM/X6DN+Pjfwik9UcFi/u8w5ZrjiZOmbSONv0XsXjLPGrhH9C5lz1Z7RdT5Ah8fVD2Twh8kQlUfCQoAKJsP4BiUGZZfznDU8jef7D9EXRKISqEbmukiSuXcJ07/3J8kpRxiLRmLBeo9EhDrqedi4jepkDK6RIOvJ/Mkbwd/llcXhCelrE5rMFxuUzmtKYvYOCB7yUe6BNrQ71d4CLN/l21kZ5g6sCJ5uDck6f5CYC43CKTODz5+kRpEdiFAnvCfr4i/0mILuv6bl7AyVLZOnSA8ZQqR01AjMFni5ZbuYi2v2be8SiHASW6ryXxSOCDuZgxCnEvkZrIHnszJiVSkruvqR78JlOccZvTiUvj2URj5wUP4RcseRC/ZtsdnMUxSiwTSVFxfThm2gcbcprNxyauUlQJU1Hk3uT+4fVu7+qaK4rrjhzTijoGtz42q8ZUnM6sfh2dzC8y8btWRxPByAGZcjjPjQizMDMaMG+rFsBdII0sOlrgScY6xspt112cjAhY2NSZd8itkEEX/7jakq+pKuSzZUMUjDs8VTF592QcuJJtzCqPbdz6cntTfk3g6ThVa5u5ntt6Ptsy9ChJvd2CGmoiVur74ea5phtS/N6wBm6Z5tbpUp51MYhrwpzjTiiIHctyGrqNAw7Oaml2oNcADU0Ch6r5C74oR16Pw4xjZg8iVDyQeBx4g/u9+/KKHj8G8l0rnvclL3Xxj5b4SATBd25cqFezo0ty8Fxueemnt5k66rFGvhzmpmo1y1WI7U5EnFVaOMS/1xhMqpXXIIXytTqcPFufVgL28DGSVFKwdfwE70UD1FEXvbYdgrSEDKiFdOqO6Zd4qUcxxUc5P4t8Paqt/hT44YBfmQPmH8tVZ2C7j6dUk4vZTWUkGTFNmjzb1Sz9Pb6QtSiSBJ9O5UH9PYtAJtENFdUU5n722rKoK9tZwt6MSpu812/5dN1Z9y9wos4i+8NvNuPRYUByV5AO1Xs36V+NGi6uGP14oFwX7KoZEqJuVJGh0qyxK5pm9GR6FnMki9Q5LwIcNfb7XEnp5fKXwgGHzkQ9hSV/ACRUCFGDi7pl8Y8+yXlTe0qsiv2JvAr76q9jZUlUWovQIMI5MxK0W7KBQkNzXXOqiDgldGqtJLLuve+GCY2ESuMCrFROpwCyDfXVVECG0NqeZXvUv3tgA4nvhCLPs25+cBMa0paZbZ6eV/PVV/e6pvl+0W3NP/qWcyP8DKUPGYqF3Z0k6i+T0Ut9p4rkIQIZg0mlgV88ZyQGQJSwZqdx/xDKP59VlTWw88yGZ9f7a6S9XxQ613aATrmcRAXD5J5B2Mu2AA/FJg9j6tCzn1r5Gqdtbr5x4qgn/j5h+kWiTDnjLl+wMiLgAejnHLR1gA8/6p2x0owK4NVSImB7KU1b6DJhCTZ0HDFamGaKjVw9gbDJySVVqZiUCD/lVAUNjw8OpbOKLoGNLHGkzmnK964Fp6i+luFURpjXpNpajh699G5/1TlYkbvnvSbSrQPBzDDMlQQt1rb/gTT9M03fUThB8hAxyMJyw+5kEKYw3KtLIsK15fb1w1FXh0+6OvDiixqOQFc1MjgUp94isL3JryaBT/rU4ldEHGE9NkHGgscKahlW9m0C17DszHaPVxZyV97AcJqDJW96gxXek3zV0ql87zItXqpTTs8U9YIZorZ1sPufDZSu+hC5+4O7KilueQouihJX86C73rxhDMPVTc9avyFwmOTeI10676MMEoOt0s1UXNJ7Vb2/HPkeGs+7WEE7gRJZCBdSQt/H8m5ZdFjez/2ba6N1KqTKZUbDb8EPS+q8MD6zJ04xXGDlvgG09IgwsuhMbkoKxRSfHiciGyyYTpautvtzMKVBooYSXTcSj+KvYQ5dIkTyxJaHXzz+BbrmGXLVqDUquPgTqloVVlHExXa8bZ+byoYn3+4cDJDbrzS/fn3Tc0zCpnC8gZDNgmYgDy5aq0hvp+C8nffLngzoaYh1YoUhpXtOKMA/03Dsi6XNbNh9bAAj/wDFMTOaFhoD4yDX+pIqMpjNCVqFiKdfcVfL7ox8RfXCWImyoQEBjDtyD9rGmfDK9jK/o2QI6BgVsBaKaZNjEUNVecBteciSNhY2ozR1bLiSA57Gcuo4JlAydv3RY0fzIlKep7X7YsedT4ZQH+eqohRtLVtq5btjKLgkpCLrVPt46xbd6Ftyb6IK28Kis2oQ/s+wSutLtKE6aGxVCSsNPT+H2jVzkU4aL71utIufGY4wCdJTPDlG9j1KUXRoxirM+7AE+rMnEmNNPa7sZ1j3SdiwQStYBZWh4Ue+ZCqIm5gh5vhGWJXpAH/jgDMuxjmysr81Irax0YVkODqxFzM+R7lwwDMcI4TQeu3+zyeY0rOFs7nYQRAgLtOXG55kNf7RelCTugbFqtVyB6naK3GyUmmM9qzlDkoTmMhYPpTjsR+e2XW34LJHf0l5Z0XxsLgxbnzS0u+9nIfD5X9pLWxRrrqt7IfAUScsD3ak0jHwGVyOKgsq2raRPXmOD+lFsNfy7U+ANpNcKvplg9CH3jlw5hyAgtBbN76LXvboN6sp1Ex+BnCxWfWvFQIvn39xHqHUuCYQtQBkdaF9NnDsZgq2JBiBO8v2mUYv/qBq4qZmWDaMp4y6mFJE/weK37jgWnvjnr4eCk0UXhT0Vfnt8w830mpUAVCTfMI8D8TNnAg0QG8QSKIEddFSs4QpbwnS5BLzxNjScOapvGusEhF8WtzzT/9pv/oFykML2VPJWOqcMK3o3/kD/GD0nm+7v89nZcdCKYzbAK7pOvUz3VmMo78NYtWmL0nw5KikaoldBdXfivZO766pAsGERCwVDIF7Dbt9pj7ZbgeJ0vwIbOHNyaCsqtH1KYVg7TWRYTqpFoMPiXAXGmvfQvyD2bU3nWk5TNlpq66oNU6vlwGPy2qZ31ycHZCzEUKJnao1n+3c+cWnVTu6EUoKyR/ymDdHDeKwzDR7PQQkEiimAT8r+tuXrI8Lf5fOJqRtSRyoWbuDm8Gd5GmUejc9OMUzADmOUgZ+eDjr6YvsFUucVEMld+IIA1qKZuvxuDjMddmRlHLQHpcfWO9uD32kOUGFvMyEAt471C+PyivqY2Bj635cgHM0LCKubQa5RxEWD3nY57FXM+AMb8zyMHXAeU4VrSXGEIFhuafTHGdRM7VnOi6CBTpoQyQb4DPYJGKE1u1HyRzh8Ap5AH1xwDYP1+jdoAKf7eYR5IsWXMrvNP4aszXs9m71lyFwQXPhDweWq0Ts7F7wWWcFQzB3IQ8hdHYPQKrQJ3abaleHrxmTkIAtqPPzzKXtf9HcsR9etyqrNrArSzys8D7W65j4QUx2HNIxyhOaxczMjOXymJY/rszowYEwZPpVNAzu9yDfgaFnRHsWPPKNhjIvIUX6IcGvXEe51/H3q6s6SVZglWZgD9EZOFrYKpQY1hPZfyFcKqaTl0a9NrOXP2CeTKKqjLgDGXsiNDD/YLPK8Ltlh9s/Rq8D+06Uycf+95/aCGjPnj3c4qQXmioRcbt95/mytG4XEKyfY4nnzrOfz7DOgBSHL6iBQQ0AMC5l246p1OsYTcFkvNImiBIk//Yf1f4BH23eGQf+e33xfAuA/9jzoiRSoiVTMlOMJe6iW33+QCSm0pJZkfOa46Bn+foA6H1/a9KZpmnLOiZHgo48zvA9au4XuRgPO9SirHJlHLEQFakrI6Uv69T1H01YIxYk77gja9rBqh/dypa26eFvCoT606mlnVe05VVNUFnh8Euum0f6TAbZ3g/xKjHaLVQxccNJRxLBgcMGpL1XogX00CrBSbjheo1XJITTYVAWbo02zFxY7UX6c1tnSilyvRVY3jzDbBtK+5svLkCSr53oQTIQvQ4N/lSFNLIFxLtQagYXKnzx6wMXH79W4iD2LD1VyZUnYCvF4jGsj6j8PRrBpGUiA1Z38GM6Z9Nc22IAudpEODm+eQq+gU7eSZyV0yhnOYfoljoy+LXGxbdUvlg5MoomNwCrd22yWrJ8nYwlncCmXL7GG/YdJdq6HZzOwL7LAJh07UPv1kkLZ6tCcFJssHtk7jW2iUJn23DaFmJN2n6z0dtR/AfW8JwT+GrseLvE6WiJctmdst1dl38FGQnEYh9IlxUGEjUaR4eEfxkfJzRVuLPIglpooITob2xu+CPWyjan3P35XuyZVpl0yss46gEuZxssb9A6NaPj+jSY0o2r2VNoriK7rJrwtzqysacDEfkkf30DTmQG/J19o6S6EyRUB8Kg97nm1kiVTTXla7UYhDVPCGH7FU+lDwkfxtpGEQjnSvrnHEYdinraujV+phhWj3AZvRSogViyNRcGLGzuK3lQJJ7JxuWnqtmUNkhBLRj+4H+89uMUsEcnPPIu5dM1GcarU/wbmvbfVM0vPyoYtGFlhnUPY0kuI8tNSUsu00DnTEXY6IWWK02x+I21IlqVMZOMrpy/Fb9PxJd0YFxuzqPKE/4FeqU3hg1xT4gse9sOnmm4ekxsYlJ7vWqLWVRgt834RX8Kq/S6r+lMcShfEfrxYbjNv0KojtwmIf4BE8SxJqlYCUF1ilrZFh91xc0N9AmsictT9XF6neCV+MwwOuWQisLKrNXumukwa5ZfuPkpyAbnzVnZyk+s7XcjLjj6XlQ79qQqcojYjceKQrb063V0kEeZrRwJQ5W09bnkIy+xIFVrP/HnIZQkYvUx765xikVmFC69Mwtaby7mIQCaA==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:15:50,256 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:15:50,256 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191550Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_501299e99e0f2f212c62218c6ed97292|https://fcdev.flashcode.com/saml|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_9dffb3fa8cf6fda0f1c36c8e62f00b11|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxPuBeFn2AP7rjqe74qw3apaU16G7fQrkzwHJSV2gskmYR3FII4YnGrv+8ZMXIqXMG1bbAIjyq9EPZLSvyO38+B9iM9JUk7sQhmmSX01ncFEkvKFG0436RxrkoaojFSAuncuvH|_aef90ddaa27d435960b657be9ea231fb|
2022-09-26 19:16:18,188 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: cookie:1664219777_0685
2022-09-26 19:16:18,188 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:16:18,189 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:16:18,189 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://services.sheerid.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ForceAuthn="1" ID="_f9afeb0c255126764ac4925f44b17edf"
    IssueInstant="2022-09-26T19:16:17Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://services.sheerid.com/Shibboleth/UK</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:16:18,203 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://services.sheerid.com/Shibboleth/UK' from origin source
2022-09-26 19:16:18,203 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:16:18,203 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:16:18,203 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:16:18,203 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:16:18,203 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:16:18,204 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:16:18,205 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selected AttributeConsumingService with index 1
2022-09-26 19:16:18,205 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://services.sheerid.com/Shibboleth/UK
2022-09-26 19:16:18,206 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:16:18,207 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:16:18,207 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:16:18,207 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:16:18,207 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:16:18,208 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_f9afeb0c255126764ac4925f44b17edf', issue instant '2022-09-26T19:16:17.000Z', entityID 'https://services.sheerid.com/Shibboleth/UK'
2022-09-26 19:16:18,208 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://services.sheerid.com/Shibboleth/UK' does not require AuthnRequests to be signed
2022-09-26 19:16:18,208 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:16:18,208 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:16:18,209 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:16:18,210 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:16:18,210 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:16:18,210 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:16:18,211 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://services.sheerid.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:16:18,211 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:16:18,212 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:16:18,212 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:16:18,212 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:16:18,212 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:16:18,213 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:16:18,214 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:16:18,214 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:16:18,214 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:16:18,214 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://services.sheerid.com/Shibboleth/UK
2022-09-26 19:16:18,214 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:16:18,214 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:16:18,214 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:16:18,214 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:16:18,224 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:16:18,227 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:16:18.227Z, isPassive=false, forceAuthn=true, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:16:18,227 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:16:18,227 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:16:18,228 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Retaining flow authn/Password, it supports forced authentication
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Forced authentication requested, selecting an inactive flow
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:16:18,229 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:16:18,258 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'SheerID Verification Services'
2022-09-26 19:16:18,258 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:16:18,258 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService Student and Teacher Eligibility Verification Services for Global Brands
2022-09-26 19:18:27,117 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:218495faabd7bf9671b6e0b404ded9ebb2f6866488eeb34481c11e86a0f7c3ad
2022-09-26 19:18:27,117 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:18:27,117 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:18:27,117 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://localhost/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_58b988f81c4c02e837f2c9036767ddb8"
    IssueInstant="2022-09-26T19:18:26Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://localhost/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:18:27,126 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://localhost/shibboleth' from origin source
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:18:27,126 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:18:27,127 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://localhost/shibboleth
2022-09-26 19:18:27,127 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_58b988f81c4c02e837f2c9036767ddb8', issue instant '2022-09-26T19:18:26.000Z', entityID 'https://localhost/shibboleth'
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://localhost/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:18:27,128 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:18:27,129 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:18:27,129 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:18:27,129 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:18:27,129 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:18:27,129 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://localhost/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:18:27,129 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:18:27,130 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:18:27,130 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:18:27,130 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:18:27,130 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://localhost/shibboleth
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:18:27,130 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:18:27,130 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:18:27,135 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:18:27,136 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:18:27.136Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:18:27,136 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:18:27,136 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:18:27,136 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:18:27,137 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:18:27,596 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-09-26 19:18:27,596 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:18:27,596 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:18:42,010 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:38b5f7fe5e1916c425f697282976518a89230f45ac4893ea7c6d79c42c77431b
2022-09-26 19:18:42,010 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:18:42,011 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:18:42,011 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://localhost/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_4ffd02266fe3b1c999e7cf07a72d0579"
    IssueInstant="2022-09-26T19:18:41Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://localhost/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:18:42,020 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:18:42,020 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://localhost/shibboleth
2022-09-26 19:18:42,022 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:42,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:18:42,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:18:42,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:18:42,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:18:42,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_4ffd02266fe3b1c999e7cf07a72d0579', issue instant '2022-09-26T19:18:41.000Z', entityID 'https://localhost/shibboleth'
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://localhost/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:18:42,024 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:18:42,024 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:18:42,025 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://localhost/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:18:42,025 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:18:42,025 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:18:42,025 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:18:42,025 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:18:42,026 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:18:42,026 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:18:42,026 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:18:42,026 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:18:42,026 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:18:42,026 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://localhost/shibboleth
2022-09-26 19:18:42,026 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-09-26 19:18:42,026 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:18:42,026 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:18:42,026 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:18:42,029 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:18:42,030 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:18:42.030Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:18:42,030 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:18:42,030 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:18:42,030 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:18:42,031 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:18:42,097 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-09-26 19:18:42,097 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:18:42,097 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:18:47,496 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-326142-8poareXdG3kDbZ-gMzxJb8rrGG7zwC-y
2022-09-26 19:18:47,496 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:18:47,496 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:18:47,496 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_978b823086d84b61b4e2f9a12643af928895813"
    IsPassive="false" IssueInstant="2022-09-26T19:18:46.994Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_978b823086d84b61b4e2f9a12643af928895813">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>dPSDdOYHB8hedC7yu29PH2DzZZUsffGX5j4dvxF0Wis=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
MJFbKUPIoe1j3BaRKcnW7E2AD8v7WgfxLe2bOGjuFvS+ZGg8i8doSR89fKIZViDN1CyU2CnaAM+K
nkrgtNhTcoyWXLEjhZ55mZYj6bUJ3WYM956pHJYoSWvDI4ozQrTzmQfuyaYb8xVbg2h+Qe9jqkoT
HEVss7lMNsSmpl6sfB8dW5mNPLN59cRrBkWBPQawoDQ4ATu45RQFQLGVq9N454Z3vrSmPOd2pGp2
GyOhT0RaEhLO/9ZJg1V70mgJu5/qWiHkAQUNhBtuKWNkpsYi1487/ZNRRn/4lYJChO6PkuxLteDf
nlcduswViuttfWgQIQeMrEEkGhKIdw7i44kcFg==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-09-26 19:18:47,499 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:18:47,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:18:47,499 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:18:47,500 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:47,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:18:47,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:18:47,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:18:47,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:18:47,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_978b823086d84b61b4e2f9a12643af928895813', issue instant '2022-09-26T19:18:46.994Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_978b823086d84b61b4e2f9a12643af928895813"
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _978b823086d84b61b4e2f9a12643af928895813 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_978b823086d84b61b4e2f9a12643af928895813"
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _978b823086d84b61b4e2f9a12643af928895813 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_978b823086d84b61b4e2f9a12643af928895813"
2022-09-26 19:18:47,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:18:47,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:18:47,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:18:47,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:18:47,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:18:47,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:18:47,502 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:18:47,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:18:47,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:18:47,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:18:47,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:18:47,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:18:47,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:18:47,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:18:47,504 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:18:47,505 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:18:47.505Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:18:47,505 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:18:47,505 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:18:47,505 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:18:47,505 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:18:47,506 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:18:47,667 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:18:47,667 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:18:47,667 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:18:49,945 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:18:49,945 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:18:49,945 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@794238376::identifier=rick, context=org.apache.velocity.VelocityContext@58f123ea]
2022-09-26 19:18:49,948 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@794238376::identifier=rick, context=org.apache.velocity.VelocityContext@58f123ea]
2022-09-26 19:18:49,950 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:18:49,950 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:18:49,950 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session a0dfb7556e9472c0d112b4bca3e105c90b17a7d02faaeee7685b777a7f575323 for principal rick
2022-09-26 19:18:49,951 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session a0dfb7556e9472c0d112b4bca3e105c90b17a7d02faaeee7685b777a7f575323
2022-09-26 19:18:49,952 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:18:49,953 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:18:49,954 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@643060ee'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:18:49,955 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:18:50,123 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:18:50,645 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:18:50,645 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:18:50,646 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191850Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755930646}'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@643060ee'
2022-09-26 19:18:50,646 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:18:50,646 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:18:50,647 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:18:50,648 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:18:50,648 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _e55f3191999c3586a6a839fe25e732e3
2022-09-26 19:18:50,648 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _e55f3191999c3586a6a839fe25e732e3 to Response _563a94e49bbd9b00698ce63031259276
2022-09-26 19:18:50,648 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _e55f3191999c3586a6a839fe25e732e3
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:18:50,649 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:18:50,650 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:18:50,650 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-09-26 19:18:50,650 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-09-26 19:18:50,651 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:18:50,651 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQx+2BSb8jFmMZ9zpGWW26bzeKBy/gdota+mbgNC2w9OmNBGSnFnbwC5DdUV/tm4+KUSbT/HDUk7NyN6Jj8tbiJttfLrAjKx52H+VZ9fL2txnhiVxJiGpyAztIyJHwUF4n7etHXomY6S7rAPjeA1/NAZiQepY1oZBY= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 78.137.191.118
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _978b823086d84b61b4e2f9a12643af928895813
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _e55f3191999c3586a6a839fe25e732e3
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _e55f3191999c3586a6a839fe25e732e3 did not already contain Conditions, one was added
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:23:50.646Z, to Assertion _e55f3191999c3586a6a839fe25e732e3
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _e55f3191999c3586a6a839fe25e732e3 already contained Conditions, nothing was done
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _e55f3191999c3586a6a839fe25e732e3 already contained Conditions, nothing was done
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-09-26 19:18:50,651 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _e55f3191999c3586a6a839fe25e732e3
2022-09-26 19:18:50,653 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session a0dfb7556e9472c0d112b4bca3e105c90b17a7d02faaeee7685b777a7f575323
2022-09-26 19:18:50,653 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session a0dfb7556e9472c0d112b4bca3e105c90b17a7d02faaeee7685b777a7f575323
2022-09-26 19:18:50,653 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:18:50,653 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQx+2BSb8jFmMZ9zpGWW26bzeKBy/gdota+mbgNC2w9OmNBGSnFnbwC5DdUV/tm4+KUSbT/HDUk7NyN6Jj8tbiJttfLrAjKx52H+VZ9fL2txnhiVxJiGpyAztIyJHwUF4n7etHXomY6S7rAPjeA1/NAZiQepY1oZBY=
2022-09-26 19:18:50,653 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:18:50,653 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:18:50,653 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:18:50,674 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_563a94e49bbd9b00698ce63031259276"
    InResponseTo="_978b823086d84b61b4e2f9a12643af928895813"
    IssueInstant="2022-09-26T19:18:50.646Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_e55f3191999c3586a6a839fe25e732e3"
        IssueInstant="2022-09-26T19:18:50.646Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQx+2BSb8jFmMZ9zpGWW26bzeKBy/gdota+mbgNC2w9OmNBGSnFnbwC5DdUV/tm4+KUSbT/HDUk7NyN6Jj8tbiJttfLrAjKx52H+VZ9fL2txnhiVxJiGpyAztIyJHwUF4n7etHXomY6S7rAPjeA1/NAZiQepY1oZBY=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="78.137.191.118"
                    InResponseTo="_978b823086d84b61b4e2f9a12643af928895813"
                    NotOnOrAfter="2022-09-26T19:23:50.651Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:18:50.646Z" NotOnOrAfter="2022-09-26T19:23:50.646Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:18:49.950Z" SessionIndex="_90da8410e8fa05f8b3f27f36d0b7ea15">
            <saml2:SubjectLocality Address="78.137.191.118"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:18:50,677 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:18:50,677 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:18:50,677 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_563a94e49bbd9b00698ce63031259276"
2022-09-26 19:18:50,677 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _563a94e49bbd9b00698ce63031259276 and Element was [saml2p:Response: null]
2022-09-26 19:18:50,677 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_563a94e49bbd9b00698ce63031259276"
2022-09-26 19:18:50,677 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _563a94e49bbd9b00698ce63031259276 and Element was [saml2p:Response: null]
2022-09-26 19:18:50,680 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:18:50,680 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-09-26 19:18:50,680 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:18:50,681 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-326142-8poareXdG3kDbZ-gMzxJb8rrGG7zwC-y', encoded as 'TST-326142-8poareXdG3kDbZ-gMzxJb8rrGG7zwC-y'
2022-09-26 19:18:50,683 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_563a94e49bbd9b00698ce63031259276"
    InResponseTo="_978b823086d84b61b4e2f9a12643af928895813"
    IssueInstant="2022-09-26T19:18:50.646Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_563a94e49bbd9b00698ce63031259276">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>f6gQlc87+bd2WF+XLzwRDNIdUw7RLpETby3TLqBIqRg=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>YOG4D6KKJG6yiqRRDUev42ms/YPKWv2GmPr+RxexM764EKs6vZKp8kqZwGQ9bbgAyYHsZ5xsQ3BoHtpAWXp8Gml/eEwDih44NElP6m6tL5ORu8stTqbPlPg+KWDFRmDbfkAEpw+ttbFEIfpcJiiWMKITaIOZon+7tLw1JLCIzxYJ69hCsKco9yf1T0cpIiZxXjizEofalOhyHlMl3J93jvP9T6WvNLpxrpVYhJjJU44yj7tYbmfggqxhOohmL/Qo+qVD8+pASGETQ2UiOHLN8lonyxK6fk4UrorrpRxldGzaiTeunhP6O3ND//KdZsTWOxwNQU5g3815TnouFdtGmg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_8a91c542c25a6866060419ae39e378f5"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_fa348bc5c7a7bb96751371e8a3eebe92"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>LhQkc3tHyWMa9AlgVx88vJ/An6WqXiazZO59VdOa/5HQQDZd7rovI3bellTRYT62JvaYRFa8L7KrisFM8GDAlXtNkAvAQo/cVJsva01LwG3VqO6mHnwUp7xG0hlbJmp6aP2FH/9lcv8nG1KR2ySdkqMw2ZEKwyle29NQfPznFkMGu/Wudacn64Z0aaNonRr0GpGX+DHqadvssfFTMqP5ok7sa3X/QUHNxhdPDR1+5scFYK8hWdj2Wd6LepcSpZP/8Af31oU/QmLLZbJk1Um2rwduzgM1ITXegP3lg5yen2bCLxUV4Z+yMo1K5YZ6UrT6ZqNWCe+FWvGd4h4TyKjbVw==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>FHmVBQNDWP9AknQoBukfL4BnUKwJweWroOuy0GrFAT9RCNwG0iAvc479KsEeAcCpsOwX07lxv7WQiX/uK7ft9kq/h99IJgS7a+xZSTPGcrTz0+KbcSlHz75YWV+Trse7g2J3xakl2RESgJu6eCUDT6/qmUefitT04YJXmTlFQc9xSHpNo+tvEmnF2/IDtMENzpv+8wlflzoLaCS6sQb2mG/Z1ifWj/ZnbhMT+j7+gRONOFp+fUMxZ1wI4F0Y9Zsj0VuL0iyyg7+kQ79YcbvuLpxWkTJ+uMuslH3ued3Fgnj7O0nJ3L+qcLtQBwqGVOMaDkd6Ex+d0OVuR2FkTtbNI7bHZxNY1w6VM0Ik6Zq4Ve3AJDxik7U+XHCrKGeAwACaqHAs/Y8ILa0meOpnh6b6BwdSB9Bg0iIbxORMLOxr88eFd8sSDWStiVS9iqViyLUSEAhsVIuY3bge8ssRt3MTTqyggbj8c1hmPal/j1zGwv3Yn/azk3+789IaWbTwkuSjt/ykUczJbFRlyE/ME9psnXzAnflic+wmdE3RIh9hVfHMbgqD2gv8JlK/q0D5FdsAUqpHhlOc+rFid+jlKn7gzAhZ83TYxfITpT8PekmA201e9+c1LI+UrXi5UCiDAKKWjYegZrqJd8+utm9w/NtVr39zWrVhhzeMC+/Btmh3Am1xdwWIOuCwK8tTGK0MC32BT5QyagNNueqLhXnRd2xE3Q0EdIvRoz6mTGYfoEKIUAzxbYXtgDbY6qjBrXhpasqQdLi9fvrUNHjmgHfCyKfAHZlDhf0wpOvunLWM+omjcRfcr980MvXdfUV3BmGStGiB/x1WiIdOZQTAPRF92spl/gN5oKjEJjs3Hva+2nYDQgQqJrPx3sONuAI8qJqTwHaokQdakLZvrQB/QpcYgCxSwPYGXdGzb5MmwURa8SSBlDrLW2rkbqAMKb4vIaJX0nrUVKDemQuQyiPSuHewvMnJqo5MMu/xsG/5AVBSR+8DBzdP5fVc5Ct5Akq8XMq8aMVn2SQNS3Vf+5y45sJyAVNsnKOPUetWrvQRPK9PKcQyFDaGP4MFMIYEhJaB4HAqecKrNV6ojdSe4BuiMClhijoGOQoGT8kXUnPgRZhDhRe165k9QJqxgK1H6xXiBvMyoGj4aX4Y8uu0I9xN8IW039tx406vj5lhUCZsWBUkP2HbBmPwf45GBkc70XLz7AZ22Z0Xe0ueZcFtLjVsvDEY/hdeOaYfRAgOwry4OQz2IpbGN8fCsBuN0LRB5D7I9FndNV/ho3ifJRWF2lPmlJTzhIGBRTDKJau1noXoJ2VvhHsu/7LyXWuEsS9MpNmI8qto6EmHUFztaowTz7j3PPl245HCY+c31cFoc6U2gd2L2NF38oBjwyR3WM+8bcAi5hZtneVKwLA78adItLwGoQ8f6Vc2BeWb+HVVvfGm69/cnVDyiwZam6CUBBXbZLhRIdv505T2dZ5OIdLAjEGfXBm6zex49hPcJ5csK/m2fND8x6vnvkX5/h4aTLiXOHupp7BaFnvQAhA+HToBZ7VVr9JL/TbV2Gvy8aKVsRM4cy2o0FvKMDGtFSfFz409NJ/fXVSwcIU4fIeD20ygb9enLx1O1bVAS4nzovFNxZ1z+Jkc5FJKX+HRJ74NyWZKfsL3GBoADz2QNo9DPucn+NMteqkQjZ2TqHlARoc1HxcdeHzTLS1evJBBCEo9jL9WiUagDJTV4sylPPTOHuw0aX4NjYu+5QWkTYApuETugD+2BvoI57vthnRHflCCLZiVTxwrcL5hOsI4JY5Pf9szJ5ozZ6PwUkiYktGjYw33heIjKZNN8SG0tPHVJ8Mv9S5tWxXVA0xarPQnyxLQxEPI0yrpsNCqn0TxZIrDvom+cRqOBEAzVqttmqSl1OC0Pw6oUYqf8ceF5nFA5x7kky+sKm2a0mJcnjC7GO3cW/gJcGS8E1uC4yOJcTdEgfRCji854sOyFdh0DGA3mQvUQ+mihVn0ZekT7gw6WGfAAq1EGwBVz7FCDMELfAJeeFUR5lvZEDYMDT9bpruuzLdxa1A1JijaqdgXFRR7VajQbDgt6Rm0DejP7X6lqtx76gBeIm/CBvku44BSr8AlwYg8IdE2iVdHJSRQOPR3gfFp6UmATgfmVJIk2aqL4UEfJIwGQelzB28Ajwbs9OrRbM0balPKnA8lia57MPyrTlltUPIPyfQWG5t4vMTJW41eXM3VpVvi0LvyW59PkqSypHDZrqCv9hJYQWfGbrtLolQ0eWc4EqOvpH6qCjc19Su8m3jcJbKairqsCopBu7cup/pavikBsUVnwTYKd+VW4ptNmhMmjyIM+6xh40VRnO5CVSOkJGQUlegyBKBWa6PjpmCurs1j2RcQUDh9O9xooMhspxvcoRw9GOzqTaXd2z4fk9BualdExw/yexqPx7NIQSiBX5YI4KEj7X2PG0ARGtCYKc3MSMsm4A2zC0YXi3Zu3nKG6pXlkxoQqXxkoXAOMKao8koF3gGMvhAroDv5D2AJxu1bQr8cD1El5Gh4KcZ5MYLB8/pcfKA1ZyQyeqUxE5g8A8/5JN/n9wEhmvBlWuRss//mWfchggzIzkYB1YUwYJo8VNM/4dDTCundw7KAS0ApF0qTFI0DVScoi+ji+cTHDUSCyhc158lHLvV41e7JH4P2xNyRn4ugz7xa8bkANyEO4LVQbYBeksdabAfPPO8W+fQceQS8I+qA9U74s1pBvOPoytV0P1jGMnDdFPuBfsT2MorgrjcNhnw033vzDDY55sEYJC7AAtr59hBnuh4NDxolonGCYlzwrx5GEUmqGWn5aFsuSUsX73zB28AzuZx0qwd2NU+aTtisrXvhap8yi2fl/8fusQdvP8hBzFRq1K362y2i38gq8XYQT4d4SaztVvbe20HJVOC6OFqFWuxlYzyjOUJDamBXFO/2Ti68Zs343lO6o84g3Uwq/iNqJXfovzkr3ZiCvsBUoYZhO3gjysiJxeNT2+zvzo55gq52fVOHDNEhL1aWiK30dyxauFLc+M54HFQe683MW9xRoyvyYYfP5A1BWMfItpRelNmgbnyyIQj76WV7iE+V6NgshxJw503sIRmhVYv0lVU4gpHFLQbCvn/MZqhFpLn8uhtPSHJWcaKF59zh1ws1T5oX3L1a/2fxt54LJTAHgtCnym98/MM4/f88Zr8fal03qfU1SZcwmTFadWo5g0EK+LtVZ9PeSYgHr+Md5YYbzqGC+rANx9rYO10bJ05qNzFVIJtxzyYCVtzdhOxOksCc8oJb78ZV66Ozbu1yWGCFf69wxqRl3/CcJDchRWAMAE77vuz9zc3XwSHP75R7RfSrZsi43JsnfqEfVtMg/lKHpjur77h96KXdzWvXf1ELx1qATDyS9hc8P0rKEm2yG3/qD/7hYj18obG3YosZo4V4AzlEOfWQyPqMEqTPImtpv0HiWKw4uxGlOl+x1f/iMV/0vFnnu3ruZ4ttEDu8FxjmJOUrOd+Td1BX/AgeugcoFmXfxXT386j8TppmJvMA/pNzxam5zd66Eqil6aWvNxOyTwMGcchWppbvuiS7iQxT6vW/Og5jiok0pidkxSTAfMWlPICYWnXAKiHeqIGpRebDCL6sUxGEIldKkeDHyMFAKgAZM2Tf+8A6mCmS996LvLFppsEEcrWzlrDicORZPzQg+Wrw3/E1FYA/Q4uFze4N/r/s9CRF+P3o9FcPT01W6G+W8rLbgxY6R2OVFUIynnNmhStMlESwfk5R6zKQuMDwnloh0kWNqduLmZ0AXfU3f0BJIrp3Aldbb/ElARHo/CYLrA8RvL7E/GYgmE1J/X3U0XfXoqcLsOYmRqRIUHdP9qTN7cZls+7QqA71XeOlNREHyDHNuPjvS8xeHBs8hXmj1iSpYOJTJVAFw51EAp9N8O2g4gfC6TLiixcxevx8LqMJZ3+A16XOHRmJRU/OMioqKrj4fhNM1cOTHsV+IFl85kVJ0cupPnbVTEWPHwD8QksZ4XGNLNJTpkjnqWFiQ+T5U0Zf9SXQqiYJCaMmQdSm4qH9iFbRxwFbPppLS0kwUSkN3nsoOR4gVdVPz6MjMO4EIzxd6Zubj9PJBxTh/hQS0BjXdQFau8k/w1XLyEHGC2YbzcptvzcjPYUMnAu7DmcUfZ4bhFnFTIj0polk57dGgJ4Kus01a/1vs6PqSOgnUC90NA1COkSMWi7MlMDSJ4nVOy2VTcJ9bB2rLfzoVrvz7QY1T8wsdLx0QeMQKjhCC83UnH1pMQgiK3V5KVtXEsZN+3BoHdOxkSWdAITRDjIBKcBsGaw3b74vmktGo+WID+Y9fPUJbptPirROcMEB1JS1nEI+TFNm5tdQEP66exnqv+ck6tj6/JKP5UUk2fE8mdnJYH1N7lCRIn9sdEBIv5d5bRUuv7uWOeKQPRQz12AdgMnd4/20L7mEPG5R1xSSdSN/a45pdZO/d/wmyWdSXhY96dHriDfge83E9dJDK0jzjwwI474ocuweO5zFRBuek1hDDOB665BhCTajGjkSNr8OAOQIwaXDusG1geJYZc7k+ruqDplICA7ka/JTyvoDEd5WxEmlSJIoXHdzNv1fRTzbVtVE2fAidR1fibge3Y0JrYLEo8ejR3GXe46GvMDxiU0uCQpkzV2B7fGw9IgQnibUgAz371cVZKCiwSZbcxrpO42sp2p376VFyZdfHciS9ytBOrtiQ4SGiePSyZSG/qmQKWTa++j7yI2YImTMdHB4GkE6kyXefZCkVC85W3vbZV/vmNAew1EHThOhmBHiYQmrPa6F+2c7hSSFj3jKIF9qACqwmeO/VaKvbA84yoJBwrP0GNZWfdK0PNn2kG7hn+jwTs+ilSQPXcn52XaOE7gOLY7lXe9Bh0aK7MC2tnk3O/3KdspsefSgOTZrkW5NnZl7aL3rcv0GPGWS9d+iDtbnTP5DHmTFa4lBRkPcLzZpV7CViwAi2G/7YNZzRPhwsmJ/KCNQLRu9bMvjbM9hYYfn/YzOlNP3b+I11Ke7Y+pd9H4iHRw+53U47KRedOuU7TlPVfuWDh9cFIXGM6aoFTIn7GszMXAk9uPCW8KO4UVdsfS9/Ft9B9cl+2MDvkYfTM2PQyRyZEnw8BfxZpegKlOux+6/fbZCrERSLWBmTU7NTgjyxg5Ywb8Thjhx1xymXz4ZjmSnPFCbqwseQuZeXMh/KoFh9ADat2/8e3cn42jmcGoc8GgN5csMHB3wo5fS5ktLpyUrYKlGtSTGUD6O//GU9F92pZyenQ==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:18:50,683 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:18:50,683 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191850Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_978b823086d84b61b4e2f9a12643af928895813|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_563a94e49bbd9b00698ce63031259276|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQx+2BSb8jFmMZ9zpGWW26bzeKBy/gdota+mbgNC2w9OmNBGSnFnbwC5DdUV/tm4+KUSbT/HDUk7NyN6Jj8tbiJttfLrAjKx52H+VZ9fL2txnhiVxJiGpyAztIyJHwUF4n7etHXomY6S7rAPjeA1/NAZiQepY1oZBY=|_e55f3191999c3586a6a839fe25e732e3|
2022-09-26 19:19:03,872 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder:?] - Decoded SOAP messaged which included SAML message of type {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:19:03,872 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/">
    <soap11:Body>
        <saml2p:AuthnRequest
            AssertionConsumerServiceURL="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            Destination="https://samltest.id/idp/profile/SAML2/SOAP/ECP"
            ForceAuthn="false"
            ID="_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87" IsPassive="false"
            IssueInstant="2022-09-26T19:19:03.171Z"
            ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
            Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
            <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://iam.eu-nl.otc.t-systems.com</saml2:Issuer>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="#_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>U8vgTmCHGRflXkZBHNRqyKQdaUA=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>PKDEfcceS0riECCw7LvgQSkVwl63XihtInKI8jeCp8vLd8ahQfjJ6iKL2oW57NnLpO0mlmHWOYZ5Z/f0jjyp0U/zadyTES/KXtHRPkMd5uRFzdZirbK/yXTha9vLX+/yk0Y+hGGah8Q+YF0m0hXR8xJpFwE53bN9yPZIrY9s/EBrQm7FMjBSilKeYsKwyr2nCJA8ipe+qE+fip8NG1CjmoS3dmMIomubGbruI/ewVEnRXvXi35ghkaUxWTLIaaxErHnDXq7zgjOf3dCArxp2+g/aHnQKRxRrL8O7+tIoVY1T2aHorpI12VZAN81Og0I08wILUmCLKw3m1+P1GSh9UP1VUhlsCZxK1XmijbD0Q9zt1B92W1fPBQ9yeG/h7p2oop0ie5QIBhuyKgSepqOzkDsYpIaB4nV2BOQ0uridywM6SqVWqKUZiWaabyJETLCUHSS2BbF9+wSQfLTZC+4NOAYG+zZvR5Nk2J7JmnFMgAlQBixlmyHbhl9BjNljFwFY/8F41HG/14w4YBMrmVl1WeIi0AT0ADB5HbPJU/sZBe9DGnLPcd4t5su73qwhd1eC7yaoU7QL46IF+8D+zi3UixXbtZrkrmMHUrNSgfDpZDGXBX/BBXSW0RwZ+LTRM0+MG5TDL2PxRMTik8jTjI87x5OEe+Z76vz8Zn4CNZFoWnU=</ds:SignatureValue>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </ds:Signature>
            <saml2p:NameIDPolicy AllowCreate="true"
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"/>
        </saml2p:AuthnRequest>
    </soap11:Body>
</soap11:Envelope>

2022-09-26 19:19:03,881 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://iam.eu-nl.otc.t-systems.com' from origin source
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:19:03,881 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:19:03,881 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://iam.eu-nl.otc.t-systems.com
2022-09-26 19:19:03,882 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow 'intercept/security-policy/saml2-ecp', it supports non-browser authentication
2022-09-26 19:19:03,882 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Available interceptor flows after filtering: '{intercept/security-policy/saml2-ecp=ProfileInterceptorFlowDescriptor{flowId=intercept/security-policy/saml2-ecp, nonBrowserSupported=true}}'
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/SOAP/ECP
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/SOAP/ECP
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87', issue instant '2022-09-26T19:19:03.171Z', entityID 'https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:03,882 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://iam.eu-nl.otc.t-systems.com' does not require AuthnRequests to be signed
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://iam.eu-nl.otc.t-systems.com, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://iam.eu-nl.otc.t-systems.com' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2000/09/xmldsig#rsa-sha1
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA1withRSA
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 4096 bits
  params: null
  modulus: 780833212372818775479203473584756908157478511960940665833104329026798488708412096463957730986031560699536971604685793755631469735164638528103712796586941283248391093334537473433816881621841433643551509545784341528479466257077570253340730459394524144439470561825531880309380078893306187350760119973863502110938239690056732532237576015713410817092640951029480915162489671542971932145619144868209527314440670224923750462549444079548603408012564298657143697912591193544433644075598026106926646468811820504111621425556553238066495807276626045802944049622045278146600209515759289448446049845276793009470678806630505639155872685517611976298041379760153258369441443706608834473698951737339296605180924342991774924896400530064019217902076139971478880191800808152349664734915206316567268459208984314092535956712275165633295073845619623808442937959337568063845846898994885404695455333181998103624287019468478172845183368957698818849454389451360233262379190615859514122412619488103951846508060862137625955242500382805764622949031613773424268222131209239375233669763979843957564204575307568428090973147896709908167025351124368088974604728720021626763128224355694102358346473759582198635778329138017968133082524864864810444234076758890334162214979
  public exponent: 65537
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
2022-09-26 19:19:03,883 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:19:03,883 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://iam.eu-nl.otc.t-systems.com
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.ExtractChannelBindingsHeadersHandler:?] - Message Handler:  No ChannelBindings header blocks found
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.ExtractChannelBindingsExtensionsHandler:?] - Message Handler:  Message did not contain any ChannelBindings extensions
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow 'intercept/security-policy/saml2-ecp', it supports non-browser authentication
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Available interceptor flows after filtering: '{intercept/security-policy/saml2-ecp=ProfileInterceptorFlowDescriptor{flowId=intercept/security-policy/saml2-ecp, nonBrowserSupported=true}}'
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:19:03,884 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' not permitted by input criteria
2022-09-26 19:19:03,884 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP using binding urn:oasis:names:tc:SAML:2.0:bindings:PAOS
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://iam.eu-nl.otc.t-systems.com
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:03,885 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:03,885 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:19:03,891 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:19:03,892 - DEBUG [org.opensaml.saml.saml2.profile.impl.PopulateECPContext:?] - Profile Action PopulateECPContext: RequestAuthenticated: true
2022-09-26 19:19:03,892 - DEBUG [org.opensaml.saml.saml2.profile.impl.PopulateECPContext:?] - Profile Action PopulateECPContext: Generating session key for use by ECP peers
2022-09-26 19:19:03,892 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:19:03.892Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:19:03,892 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:19:03,892 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:19:03,892 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow authn/Password, it supports non-browser authentication
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: Trimming whitespace of input string 'rick'
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:19:03,893 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@294511645::identifier=rick, context=org.apache.velocity.VelocityContext@4dea6ac4]
2022-09-26 19:19:03,894 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@294511645::identifier=rick, context=org.apache.velocity.VelocityContext@4dea6ac4]
2022-09-26 19:19:03,897 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:19:03,897 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:19:03,897 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 9e1f750492ea68b906c695c52c867725648565f03fd0687bd62746eba7063bd6 for principal rick
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 9e1f750492ea68b906c695c52c867725648565f03fd0687bd62746eba7063bd6
2022-09-26 19:19:03,898 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:19:03,900 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:19:03,901 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:19:03,901 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:19:03,903 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:19:03,903 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _72e12be71df7490cc7839deda4bea9dd
2022-09-26 19:19:03,903 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _72e12be71df7490cc7839deda4bea9dd to Response _b055abce8d8890fb9fd96e84b6602274
2022-09-26 19:19:03,903 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _72e12be71df7490cc7839deda4bea9dd
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:19:03,904 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxUFQxH5kRn2Y3/iWyIrS+Ly2o7A9FH+uTWq4O+B3/PDebqvyex1a85JKryLGkB+Fd70gxjAvu76mPlWJic37tQKo7ErQkTiGMqtaM0x3vYF9Pg740ruy/kXcC2E/FUE4B34YFYN1W with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 80.158.3.50
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _72e12be71df7490cc7839deda4bea9dd
2022-09-26 19:19:03,905 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _72e12be71df7490cc7839deda4bea9dd did not already contain Conditions, one was added
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:24:03.901Z, to Assertion _72e12be71df7490cc7839deda4bea9dd
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _72e12be71df7490cc7839deda4bea9dd already contained Conditions, nothing was done
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _72e12be71df7490cc7839deda4bea9dd already contained Conditions, nothing was done
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://iam.eu-nl.otc.t-systems.com as an Audience of the AudienceRestriction
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _72e12be71df7490cc7839deda4bea9dd
2022-09-26 19:19:03,906 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddGeneratedKeyToAssertions: Assertion _72e12be71df7490cc7839deda4bea9dd did not already contain Advice, one was added
2022-09-26 19:19:03,907 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://iam.eu-nl.otc.t-systems.com to existing session 9e1f750492ea68b906c695c52c867725648565f03fd0687bd62746eba7063bd6
2022-09-26 19:19:03,907 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://iam.eu-nl.otc.t-systems.com in session 9e1f750492ea68b906c695c52c867725648565f03fd0687bd62746eba7063bd6
2022-09-26 19:19:03,907 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:19:03,907 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://iam.eu-nl.otc.t-systems.com and key AAdzZWNyZXQxUFQxH5kRn2Y3/iWyIrS+Ly2o7A9FH+uTWq4O+B3/PDebqvyex1a85JKryLGkB+Fd70gxjAvu76mPlWJic37tQKo7ErQkTiGMqtaM0x3vYF9Pg740ruy/kXcC2E/FUE4B34YFYN1W
2022-09-26 19:19:03,908 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:19:03,908 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:19:03,908 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_72e12be71df7490cc7839deda4bea9dd"
2022-09-26 19:19:03,908 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _72e12be71df7490cc7839deda4bea9dd and Element was [saml2:Assertion: null]
2022-09-26 19:19:03,908 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_72e12be71df7490cc7839deda4bea9dd"
2022-09-26 19:19:03,908 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _72e12be71df7490cc7839deda4bea9dd and Element was [saml2:Assertion: null]
2022-09-26 19:19:03,911 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_b055abce8d8890fb9fd96e84b6602274"
    InResponseTo="_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
    IssueInstant="2022-09-26T19:19:03.901Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_72e12be71df7490cc7839deda4bea9dd"
        IssueInstant="2022-09-26T19:19:03.901Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_72e12be71df7490cc7839deda4bea9dd">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>iCPxFADe1F77aIA8s+5AE7sj7d1gVhHjgmEPKIC6/Dw=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>IRP/9L+QmoFJyC+KqBVUtBNIjmEWoeKfi5ZenI68xwXwGTyBPcT1DefIcp3FwOP08wcVD8zQYoAxVAqBzGZ9Yr90bz2oBAffWkSwWMkPdTjzebRQDIpY0r2doIEB9EakTh1gGgcGkNfYxBQUHLj+gc+ycEiuFE86eNJ7Kp0IyKShNQNyfbLMwB6V911b5Ex8IpWNH9FCZ4O8EvQRhsmiQES8YO7+f6/yGGvldAfmeyMAz1Mv2lAdhAGVs112XHJq/UA6VRACffHxDS9tzqAjFIyctkmRKumUdMSFcSUWyBHDcnUqNKNgeHxaAuoYtJt9gCTogJXCkEm9dSSPzfRmHw==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxUFQxH5kRn2Y3/iWyIrS+Ly2o7A9FH+uTWq4O+B3/PDebqvyex1a85JKryLGkB+Fd70gxjAvu76mPlWJic37tQKo7ErQkTiGMqtaM0x3vYF9Pg740ruy/kXcC2E/FUE4B34YFYN1W</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="80.158.3.50"
                    InResponseTo="_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
                    NotOnOrAfter="2022-09-26T19:24:03.905Z" Recipient="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:19:03.901Z" NotOnOrAfter="2022-09-26T19:24:03.901Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://iam.eu-nl.otc.t-systems.com</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:Advice>
            <samlec:GeneratedKey xmlns:samlec="urn:ietf:params:xml:ns:samlec">TYcTbwmxjuIachoPf9w0fjRCiDnHPps2faFNtgBkz54=</samlec:GeneratedKey>
        </saml2:Advice>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:19:03.897Z" SessionIndex="_2ecc8a3438d3ef52878625d41ba38bd7">
            <saml2:SubjectLocality Address="80.158.3.50"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:19:03,919 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-09-26 19:19:03,919 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-09-26 19:19:03,919 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_b055abce8d8890fb9fd96e84b6602274"
2022-09-26 19:19:03,919 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _b055abce8d8890fb9fd96e84b6602274 and Element was [saml2p:Response: null]
2022-09-26 19:19:03,919 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_b055abce8d8890fb9fd96e84b6602274"
2022-09-26 19:19:03,919 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _b055abce8d8890fb9fd96e84b6602274 and Element was [saml2p:Response: null]
2022-09-26 19:19:03,922 - DEBUG [org.opensaml.saml.common.binding.impl.AddChannelBindingsHeaderHandler:?] - Message Handler:  No ChannelBindings to add, nothing to do
2022-09-26 19:19:03,923 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/">
    <soap11:Header>
        <ecp:Response
            AssertionConsumerServiceURL="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next"
            soap11:mustUnderstand="1" xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"/>
        <ecp:RequestAuthenticated
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"/>
        <samlec:GeneratedKey
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:samlec="urn:ietf:params:xml:ns:samlec">TYcTbwmxjuIachoPf9w0fjRCiDnHPps2faFNtgBkz54=</samlec:GeneratedKey>
    </soap11:Header>
    <soap11:Body>
        <saml2p:Response
            Destination="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            ID="_b055abce8d8890fb9fd96e84b6602274"
            InResponseTo="_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87"
            IssueInstant="2022-09-26T19:19:03.901Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
            <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                    <ds:Reference URI="#_b055abce8d8890fb9fd96e84b6602274">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <ds:DigestValue>rvrEVtkA0/TQESp5DNmsiXMDEtiB/uhhGjXIrc2Z+Gw=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>hbAAQ53X6U14kuyhVvgR19nbSkw0/Aq2qP71Nvjp2IV9HLzUiHj+8xDMt9/Ol68ns6ywZAO5OmVfnskrB3enZKEqIqc1bbC1NK41fCGykpg9Ens4heD+9CA4OXr2YgsVOZP/5ZekYpLWZb1ijFMpECsEdPUEuuOeuZT6cQawYM3kQxi1cfG2DZqfq0kdOFj3p2+62ewi4lUrcIr4kpUKDUKaHfPTz9z8miGv+OrbhVoGJ4mdScadAISrGfiTVZK3i5XZ04S84c9gyBZECzTU+Cc6t1gTLG6stSMO8nEbd4NuPJxCXyQy6y7J32+d/+o73cYaVRtzTBfN6Bodf2/jjw==</ds:SignatureValue>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </ds:Signature>
            <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
                <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
            </saml2p:Status>
            <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <xenc:EncryptedData
                    Id="_d798525368b84530c0fffcc94efd907d"
                    Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
                    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                        <xenc:EncryptedKey
                            Id="_d278806673e0ddb807e75c0ca6e6cc6e"
                            Recipient="https://iam.eu-nl.otc.t-systems.com" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                            <xenc:EncryptionMethod
                                Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                                <ds:DigestMethod
                                    Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                            </xenc:EncryptionMethod>
                            <ds:KeyInfo>
                                <ds:X509Data>
                                    <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                                </ds:X509Data>
                            </ds:KeyInfo>
                            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                                <xenc:CipherValue>u9eD8qbPeJNvL6BGyb5+MUCrKBWp3Crs8gdIkWeiIvZ9b3N3g16mXYMEIZcR9V/IOEyk0NgjtVlPLVxPpQo62NjQmfxpfX55kCaPtzbLyHmtG0aRL0LlFpyGD7YKu79R4VrmLnf9+eW1OA1/SJcZuWGaTzQjh7CeKTtvklutdlRfdo+M9eTQMKVUJoIp2j7AfzfbY+DqBp9WEwfPIXZVEBCErfI684paNSisrWrN1dkXnOE2RulaePOl2GV5mqjlMyL4ImSHmx+5Mu6S911B7FA+lnGLcG/xL8MhVcJnnF3DJ4F6PhDXciQgNkc1ArxjxkApXDAIZDMWuwk0nGpAlT4UuBHJdQceMTyBixOwzTofphMc++odm08gQnb9VsD6vXUtnEUvrv+KvLX1tD7hS53moaTb0QlMiLdoWClmnoTrDnaYN5/VB5zORCB+gafunXIEtryN90Bpcdq10KPizBe3JvgBEQZRKJefr4kqf7gmG2+FEKfHJLzy4zq0wjY9Etcratu4nDrD0/AQ3PHMSNdg2e2BxbByQAUvM0bYvMuFSv4g4mn/Fk3w/WMnDYRSTdcu5mchZURKd1pv4SbinaCeZRJnoTljq62UlAB21d9iBeYCnh/w1e6OJQkLRheGYdTadEwhgnW/HouRXjvMcX8hAbhqIMvKXtOk4juabsY=</xenc:CipherValue>
                            </xenc:CipherData>
                        </xenc:EncryptedKey>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>HYDIxrO3pHjo/plKxJWtLq2ZlH4DTH77erzmrg1lEUN8PJHLIaE+KjuXyUy+PeuRlOvBsV975X3Ld2BRmXTGc3jwnoMMRSVF5g0EC//noulJywgWI37hESmD75A7v7DVYGzr59YpCcwGi4izz4dKsV/uWErFq8SxQU1ce1PYpwGPdiSFsMmS17J5AA5mhk99DttE9//0W1H7EJNXPlH3XEO7CNBpd1O8bjH0LCK4YWruekXP1gmEj7KjidXvYGSBn2nWgWXGHvVG28DOagFrVBp9RYOiLTjxwlT7VN1Ed0Dz3FtoC5m2zFbp4kHs5MHgp18uGO2cwToFo+TeqfHC6ikwo2j8nS84dH4IPJCABtD1tWkRF+5OeCfWYmdYDgP0tmod1VRYG+hS0Fjo6tUZWezqZDzXnMd1PGBeVQZk7Ii4qfWrMjXYKihzBVv2yWYL8Gb+mDumbffEPpzSzDAt1MxKU+fDafhK3v5mC/0yDaFx9FgSQvJaZGlao+Ygc8nrHpPoZ381ycp2R1eVPLR8kY6Mj91DAdufJ6AVFhTO5QVbKgFL7H5UtDOP3xWptvA2rMp1jX75vWS/zQT4DePuMs+B00v3Goo9FzIEe4qD+/EZSP0YFu3oM4jvaSIJD+TWDVfaXTdOokvhD5WU721VW5fBHH5EbrxVosW4o25t32A20a9++5P0bQ9/eY4bz+VWMO+9pt+Qb/1ANUGPSWPW8fBSAjxWvJVQWR3O+uV7QxhBw2Ttb+n20kc8/YEol4zcui3uuUSYunFT6kFmfi5XCQZFsoz5A8PE/wADZm4G/0/0wA5eqQzo99KWdQWS9MpfB2ViK3JRaa11k2OjRh8+aa+66UE6U/uOWarlzE05aY9Aha3wTnr2twEk6gjDNuQ3FHz9PLkgaHnv3lRm6TP0WX8ieG0+t8dJ++BkfMkOAOPs0iJbQ21VQxU3OUQIrDCqA6fGlcpv0UBFs0x3Dl1Ucy8dBaUVDGOG4WrmVP+hdU+0vCG/Qv6jWC0c3sXWmTHIDRXtgneqZiE13uFbABvCq3Ht7Es24AtqJMZAQ/4YWAHz9uOWXQnxhFvFSybekXIDp1g+Q+e73p8GPTevRN/9nDJQXrb9utqkTaHfLI+LvBWQDxBnrH+sOP0wJns4i6CbTlUK/Ttrl+u56XBwbybuQuVHa4HWTwhv0cp4GKj7ZnOwHDLs52mUb82CD18pn34gxv43mjbxmaj4RlJPYUdubo/Obxq9HxSWzO/ZGU796fpIlDSwkryDz1a/odS1bbI4/ZB+wLzjo/Cs1kB9DUjaao99GoUuHdQjXnGJXD68m2nMfghAuq2wipOsuHzAlD9uBsC3d0BR88a20S26PVh75Q+g6eqt6/nCD7ac9N5HdPMqJ1wF2B9zGp+rFEE4fx766sSh/rLehroAtTXJs8e6uhmadxpKirK5phNBUV/xxC1sM9FA3ClwLm30Dl50fBNYXmlt5oBdSI9An8WS//XxnC/D8wTVqoGCOxcAjUuOSDZ/77i+6AkjOERqe3IM2r1Xt31R+62E+TEV7E51BhGXF+6sVqthEYuOZlACoGHcqfJid3o5krKvmuHGwxGPRMvgnrHoRc0BereN6Oy0jaiwijwC3PmOwpaX6sBmQpkTwOcfqpXYYgBryP9+7k/nkTV3wWS28BAXvJLB3AKnfvvpI+AlSuiUfN9dRidzlCwlaSWEuAahfL4eVwuFzCf2vDNcTThQgYjn6bgpG4vP4B33/XgTpC5f0lKBJAayrsY58otlbHo+f49xgpD5KINRfoVIV4FCSmtS2Fm1+pjFIDnqoH9/dprYvJoBjibAbfTyCsMBu8TVRluTZFBBsAlSHvhTdHSZRUUf8tra/GCxMHlxxM++6sYlctk4AUcq6pRK9YTn63G+DgAcDOZ9sm3iP4ibK/vIlKAOreY6qPredpZaf0eduS3ynwdvfYgc0v3NIcCbleQhi/g43SYzs0o7tPiOskScJ5oV9TIsPl3sC52882pQnJsV3vcE4dJEkfWsvbqeHAn4wDYgt8AXwVZYC+IX+zBpP2xZieJk0gsohugKB2yDau9KscIwlSHgRnJon4sGP0SBmdSzxwAF7dIkEO07GGgPQ2idlDS3hGhx2mUGyk82UYZhJM/TNmKS7qmKj0EkfbWq/IuLyWc/syzLDv9vXykTqw3X0bse8Gh2FtOp/fwsuvJE224/78mmMpBy2LiJf7OrnAqfNML3sT7c+zP7FJjuuqN/YvsAlKJlTWWmuaFg8iDNCYFjZtpE47wN3q7dGlwb/h5O4DjjsOB4ercwJRASKJ7xEdxSz5WXyaqyzIQ5EdiMClNTsp95jziAxmYbzDTEDTpT2fn0dnyr0MsK3C3ZJlhPsyikLoGvsdbgvBie9nrQT4TKJa/D5GzOpAhXdNnujPvmhFgQq/135kAF2T5vgJfA/IGh9HTkxlmqudbZWJVSAqx4WdSJgt318HxxySdIpLcVzbD3jD2++/gkwEy51FJhAIQakymk3lH/eWfwDxpe605krnlyr+4hSWKicCk5SqwJE34jPlZPcMOQ53gr49muBWzMY5zhGK+ZrYArDmqVc6Oi/g7IzfP6Yr1Vn96DwTxToc9osYAdi18qiAF+53uyFVFuKWOMZNRGR/NjrHljwRE5K2HWCQf4sfA/eFi+Yx07sQvSbAnzsjnhgPy2Ck9/rrr2Zo6bR9kT5/BFYtSBdi3osQ/UUsiDta7Auk1ryzm3HnOUkxgoVzjXM5lrSo8J32OtnwPdmW2dZ3BO4f0CrMfEekXarfpGOusMwryW1ZyKNYV1DKaWXNMnosN69EU0pAQAQpPCjmxq4NaNEWZEUCLXuWOL0gVr6SQqUG8PcztQoHg3TroEfz5vrDpYy5qD04gSos4nHWzq3tqsv7NnUXQtinnm3rqjCHGwQ2J3J6LBir4LFr0OcjcBcIkcsAuA79lJ6XIKBBLbzrw4fZSxf01twxXaJgdel9E1gJCTTJKqONk2p4oFerqiEAL9QJSJCR2NCMXVFATr+tKSmDbB9prd4bi3H/IudhiGt69gB9I54G5QH0ebvLNwzCuYB/Tg7rNMKDVGIfjhkHrREaxz77cI84xH4OeVgz6fH1AZoNq0b8ZQ9evvkMgTqatL/TV8DdPg0HL8BaHY/iHz9vKNC2j3CGNupGl3aMC7Gt7/aOj7VTV/njStcv9h8xGe9TOC83BPpBhBobfTHvobCVYY4jSqt0Tfj0GxEWJHWigSYM9rZVbtAMN97JS+fOiJ7d4twaZvsnpMWVv7yuIZH1ZqhV2uelcKFJf8hOtQTHXcicYPHtipRopzP/w4DwHesNgaRJ15hAR1n99xt8X2K3hIFgSMRZ5nopUwGfUrlWYtqshQ01HiADbEbYdz9T+A1sCdql8grtZaDYCHLmBBN9bCLuB3bMSsgiY7Qp3IqRWqF2h+6Eo8a2bdImb3fsrjIyBdKSAmF1tda5mYuk5tvCGv38P3gOooyLBngqB4pUU4vhYgVpB0xqjbHNQCLtyMwmeF88UgCfc23dCZG02DjJLrMpMhfC5GjUguRhh0W+HbCOGjI0SzWvBVqLlLERocuLds32c55HnKbeeA2r2A/ea/j3BMT2GcOej94vECljkGlL49h4swHVI9J6X3PnCC8S5URgV4rAgFl/jfxSSPe3xC/1s7CEGHTiEwDbgGCNVNbRpVqEfrtd0zaR0Zv5hLKGhi7yr64EyU2GNffLfDnQaOHBWYTB7pFzYyo/Isrv8ZKsEyf35IngBFU+BKBSCjpxcxlfH1kszonPlHLEsVGIJ/FUdMB8xHrYMVtussl2FB8U8qkxWXAVEDULkWg/TofpptR22PmHGuRlfckx/GcmU4UgZjUhEYj/MBwvJUA4+DK5SIYpuFpf1beunGgyaGMUcWmJHD3R+RlUVR8wSER3LTNREw+pBRBIXIQOZnai8TXn/hZOYf95fKQQApooBykOkBlENINsJ80Ttfj7phaweFPzobn8KvnSY1VqKfZIYpTnlv5eR2YlAzQFAR//qFo6SY/htx0+ZCxpcgBb0DrpIxZ8OEbRBPakPnGtkYcN9fDbZVX4J7FixE0MW0/AsyKQHP+NjiAIpiXLtI89crHdQ5PJ74bJeV5wANoJgYkG+zCTd21ozRd9qikna8PAOcf80l1lOALJR2QW8xnJffPcM+GhdXJE+mWRuC47x+vODWKgxSJc0oK1VEzwT7Bwz8/mAYn3UFIIg0BUl/9br+EsOETDmg0Bk0cixTOb413AheOEIXUCMxT4ZBirIENiDtegYZjXuAeYg8qA3nlvU9bTIitRZlMw/kWH0sM9P5FLX2e97fi+Pe0mQgq6+Zd6LZnHl99gL1chGWkKb91zx36zdGLm8N1FkFc3RvpdyRLhhLT2V5YTKImKICMEsfOTudpgKZYCF9wC45ZlTr+Da1xF+cLv+XN875VdG6kErYzgtEe6LbvhmPNYIBLq9t/kKVTKeHWBLNyGL8koL2RwMyBXkek9SMlbD5nlP5FDq5CQ1JHqcoxNZ9kX3YnSxgMXMRbworC+DfXFOF/270nJ/hTTlidry2RUL0l3+zsb9Blhg5UWHPxG+pXV3Ae+ui7IFPcqtJ3FeeCuBy1zOD/pajTFnCKtm4Y5NbFXbM9Bs0oyyFMSpENkq1saWATTpPrdkMcoPDVfDXge8rpU2aQll2NVBsO7ZwqumT37a3sXTloq3AMQ5W+OqI4rngK4Of6a5mTt66sIKhfDu1QW1s1R7iwje87h9rMm9umAlx9/lwif8Qz2wRdqYn2R6VdMp/XKx2UlktugXoK3VG0ZJIbi/eDFFijh/kmLV58BNmskpuH1fG3sEJXdqMSiYUGFFQpce7/EWte5pVxlspRZkAJADIGMpl1FIe91rUJmsagX40EKJApf2RiYM3eA1zloF2+ZITm4hvHQFgrnFAvbX2Kg8JaqUQw7MVndpnDCPUVB+Axq3zZpfKACWz6MPEseHzCEWXwB013Rtz1W1l88L/lS83qYXwv4oU6TEJAyxnut/0llYyzsMk3TqL09CrJ3Vo1wb7rHu/ERsEmrURwHpQBeE2oNOTp79AEGMgHk2AGOXHb6tjC9zPjoBB+X1pcnAV/Wh+eSUbQjOrSHA+TvjKl/TT6ar96pE2f73dM9Wm/YiPo7+qTA0UZXiaDfdJCExoSRhSJpUPC+Rp+f7CZA4ZpnqrYlokrPrnl2hQGWKMYT4V6nkCOp3hzVXTVpWVPAqlZPxrUQ4anKAK9OcRT1Vwf8AjAoeAr0cieEOfNFxTZqm4u6c+2xh886ejmJDpvSe3qEgfvfSqCtWgfHEAE36wwUCSxSLhjAr5RMv9USCKk2EcMcZLa/lr3qXwL3RCqT/tr38hFIpW76PEavNnRfZzy/iEnUH9udfUAfT1VNAXfhupcEtoBnN2S89UWFKTd+ETMdjhXWbnREeTkqym8v/ZnEyQdROtO84mYGIAlKU7+2QEC1NgDxRCRg6osoWPk+YixOaZllnFGl60A+eTdl2NGu0JNweJleKhTsc9StKIlEXluFlEY0NC2Zhs4rcW0C4T7WmrA7YxXAUyHnHHRsKK8fFSm6uQNZw8yBluLNKp6KwTbjeLEzoCyrtRQah83j/m7uFIQVvf4abliVjc1B9oQ1uySvWGZlceZZoF2Endfav10wa4NdwC1hXq6SHkzahQkkjd5HifnJEhwwwfW1BFi8hWW4rwEU/vuZL6BrEVAkLoqQfqXA0voX86xOR6+XpKUhtcNLvJk401OrSeYaNDzZAS0eGdnghWOCZKrgVWEKIHqvhRqDkecqmg3OdPfImLATJ8D7X9jnLLfQS8n1E4DP1IQMjKKnmIK1m0l9nbqCk+ALtzgCXrxrLKSjmjgVKJ9mkP4UlZnjbZxpK+uhuPPcMr5psstHy4EjuHVJOT41PsoKBaa1vLaW9sthTIzL73Ub3FTl2ScDZ2DKA42cwCT3uosBBVIweWwEhlC6nSd4rTV25LenT861ozRAdg2QqoNysoUgrTskep5BAzO5IRrHw52kaVfwjmtD80nk7d5kxXAsXviiMOLNwpgVrYqslo0cW4Vm985wz9oCBH9+IbvSPBqdWKMYA9M+l84Ybw7tqDbcTDM6gi4SzltWbJwGvFSMMCRPZnTQQk6I0o58BckXlFVvejLAevcMDrYeD+hf1k+buTxY12uPb3Ud30SFt8j+QFYYIHiWVGDCMu1G7ADx2AVqLvsksOlS0kSz678CQVS9s4ufPf/ubZOxJ5QIYVbsL8J5cbqhNOH0e9aayZmueO7VlC1nUjKgwmGuKyX9NHzgcdK1x/ZC0JKKZydL6jA6t31EXz3PxpbV2mSkfwTnpcBRk4H3Zb21oaBDAYtl3sR0ryo87wiOWcUqD0RYGYuT10t6COamcZLHKCw63zzxbprCEKRiyCSXa2KCanMg3tASLvT/pTgtucCoAQ1Lo98nitgBpMVq48wUIMyKmkksAyrWf4hDGewC+VdOOz8r0PZZE0tbahJXTWXQHCsKvEVSc2WvdGj7uZVs5k5XeXm0X8sQBH6Aj3K5U1ucfFwqn1/6pNbvVMVtki+Vh0tST+oujJMRtmRB+RNwLg98MpiYjXjDq+W0I1Pfr/WNNQyq5tVD6D29CdG6KQdz8NCKk67HTuG/PvgJp5FQShIM52kBGFQXWT76FWam9PaX2kfT3oJhgMyi7CVeVFFwCDqeNID1FLII8jhESa4z4tYDoqbRTBG+21xCJWYNmFR7LvcQBIcgnjVTnCrWbn6Gc08Gu60Oa7UlV4RYXR6rTCRVaRyCY6+eEBOuCehA+NSrk1PIrLUQxMWS+Xcy7osW2MP/g25j5RmqCQaRCE2t29+1hCOKLgMUe/etz053kVrw3SMXpy6L5wCkpXMER0X4zvHjYAAUHG2Ia0zAr1tyySjRI30O/KaV1aEXuCwofyxSYX0m1tchq++tHYA43ClaHq3lfT3+XqeyuduoFbnE/D64Hq08UrFru0vDkjZszFkBxtJgF3Op6ynRUnr6j35jP6nqwoztrOuzy3YDUvYb+0Z4BHU4Qdwg0LiVXsRNhx+qMqBRYQ+geUyIxxF5zpDJNiWCTb/78cFhOoFpWzmFlWokk2wqQX2BvusrSAUxIO3OW1V116ELAOm7XSelU5xE5Iq88x4RQ1J4ciYPe5CCMVPio+XJTp4B8LPDSXwl8epuNSUx1qmKA6aPlc52lQfcoUH1zG1b+A8lun5FPyn+yZbjWGfyghwTWEXie/8WOfR5BmwITWCITUUgVrB0amr5xgzgOozSTltIt09s7sX0j3Rn/c6kgpKZcxaXMI+JOTUWS1gcZTgFSRq2bbi0U9eaemX1fP8P0TtAx+SiQXwRwdudNst9FdF/vwN+L+n9v/cJdwrDeUOAjGYkwYHxvP4UiD0W/2DvYctPgRt4ESGLUGf0Lfohloe+8nKeMyMWoZwY6EC7DX0pw+DHlY58CIWpvvRQaLCabJhSMtEjPNrKZIZpFzNnG61Vc/nghyasoCarhGQCHyxgL+13Di/t9UCN9FaiTChSTrDA8VzcDgEJ1aToVc6DxAWcHB7WgCZjy0CpYVjnVOPW0syVqCH7AYCDU+RZbALSj8rKFyhQEA39WbM06kN+s/fGjhgKtsNJ0FaRcg8dPf5xc9OZHWkhp7s9gdQYIggP8DRTw+I4dp1JLoC5mtmF0FV9k6ZwuhLeoLHMPCa2h+46HeweeH9nv8JKIIw0YRyxZnP8YCv6yx/8eLdll5CxeEGx6PVFy/NBOo102llOAY6Pwvm7kqsVRR6ZIl4Kwr5C3b2uC5Psnxkj6PAWrprvNJwioKr+pk9u8TKVEIEwp9++xf1/fEe0OUJ/yZb7kz55gieH0VEpuQVnG/fuQCUEjGceTNnMTgPlqcvwPj+Gxa3HPrkdIJfd2gzXQxgBj45OVF97utP9eFkb8NiLeDElUd+inKVQRCo9hA+u0akjKETmL3Y0Nmre8n9cmVgHoGGLQzTpoIwNDvKMDOfQbCexU/ex4XrGDPcMmrSjKVBJutInoEpDc3lwvi/NS/WCv4QKKdm0dST8UH/clU3kWZ4wJsCF74flvJdJiatxzP+mMG02cDSV/Pe7rRBcGEO7K5QDm7YSf9/5LDOXQJFvqaq8TX1UzgVUSu7nc5d0cYTRwPbJ1Rw7jXUK4BRC6IJFWK8j1gRGq4gmVI971ldQ1Py4NMpIZqELaXEvLIub+OQfAeO781zVy1trX9SkOjmGRxgxxLHSYf1grZAnkLiko/BZrMNbsk5K0cKzMCCBwfVM2ldv3+9kdY2gbeYvSps6Yg7UDlH2FUlyeDM7SQ/3LA0ylgMFa9lrym18UDidlXVl5a0/7vP9vJNEGA8okbKkyx8cFu0xs2eriesZtnwV1CXuGNyWo7NFsTkfI9EhlqyP8ITpVaEjNoCPQiZSWssto24Li15O11vrwveKCRakb2vNrG4udScH+cBnZfGR24z+odJuB81h6q684zR96V62Qps1YmZ5AHmWa8wD4C7HLPaVgGU6WpGjWfsqCCAyMbbp0=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedData>
            </saml2:EncryptedAssertion>
        </saml2p:Response>
    </soap11:Body>
</soap11:Envelope>

2022-09-26 19:19:03,923 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:19:03,924 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191903Z|urn:oasis:names:tc:SAML:2.0:bindings:SOAP|_ru5juo89c7uks6g7ga4a9g6lin6lfvnxlj87|https://iam.eu-nl.otc.t-systems.com|http://shibboleth.net/ns/profiles/saml2/sso/ecp|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:PAOS|_b055abce8d8890fb9fd96e84b6602274|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxUFQxH5kRn2Y3/iWyIrS+Ly2o7A9FH+uTWq4O+B3/PDebqvyex1a85JKryLGkB+Fd70gxjAvu76mPlWJic37tQKo7ErQkTiGMqtaM0x3vYF9Pg740ruy/kXcC2E/FUE4B34YFYN1W|_72e12be71df7490cc7839deda4bea9dd|
2022-09-26 19:19:05,893 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Beginning to decode message from HttpServletRequest
2022-09-26 19:19:05,893 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.IdPInitiatedSSORequestMessageDecoder:?] - Decoded SAML RelayState of: null
2022-09-26 19:19:05,893 - DEBUG [PROTOCOL_MESSAGE:?] - 
SAML 2 IdP-initiated request was: IdPInitiatedSSORequest{entityId=https://iam.eu-nl.otc.t-systems.com, acsURL=null, relayState=null, time=2022-09-26T19:19:05.893Z}
Synthetically constructed SAML 2 AuthnRequest was: 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest ID="_ee938996-2dcf-4c08-bb09-88b872576dc3"
    IssueInstant="2022-09-26T19:19:05.893Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://iam.eu-nl.otc.t-systems.com</saml2:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true"/>
</saml2p:AuthnRequest>

2022-09-26 19:19:05,893 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Successfully decoded message from HttpServletRequest.
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:19:05,894 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:19:05,894 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://iam.eu-nl.otc.t-systems.com
2022-09-26 19:19:05,894 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_ee938996-2dcf-4c08-bb09-88b872576dc3', issue instant '2022-09-26T19:19:05.893Z', entityID 'https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://iam.eu-nl.otc.t-systems.com' does not require AuthnRequests to be signed
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:19:05,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:19:05,896 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:19:05,896 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:19:05,896 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:19:05,897 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:19:05,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:19:05,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:19:05,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:19:05,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:19:05,897 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://iam.eu-nl.otc.t-systems.com
2022-09-26 19:19:05,897 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-09-26 19:19:05,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:05,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:05,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:19:05,898 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:19:05,899 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:19:05.899Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:19:05,899 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:19:05,899 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:19:05,899 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:19:05,900 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:19:06,083 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,084 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:19:06,084 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:19:06,450 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:19:06,450 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromFormRequest:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Recording do-not-cache instruction in authentication context
2022-09-26 19:19:06,450 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:19:06,450 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1728184576::identifier=rick, context=org.apache.velocity.VelocityContext@7b64192b]
2022-09-26 19:19:06,450 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1728184576::identifier=rick, context=org.apache.velocity.VelocityContext@7b64192b]
2022-09-26 19:19:06,452 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:19:06,452 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session ecae41dea8e3a899bd37becfb763920408a9d16637185db122a9214dd41f2667 for principal rick
2022-09-26 19:19:06,453 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:19:06,453 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:19:06,454 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@52735d7d'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:19:06,455 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-09-26 19:19:06,455 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191906Z|https://iam.eu-nl.otc.t-systems.com|ClearAttributeReleaseConsent|rick|||
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:19:06,456 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:19:06,639 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:19:06,826 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T191906Z|https://iam.eu-nl.otc.t-systems.com|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://iam.eu-nl.otc.t-systems.com, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695755946826}'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:19:06,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-09-26 19:19:06,827 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://iam.eu-nl.otc.t-systems.com]' as '["rick:https://iam.eu-nl.otc.t-systems.com"]'
2022-09-26 19:19:06,827 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@52735d7d'
2022-09-26 19:19:06,827 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:06,827 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:19:06,828 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:19:06,828 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Inbound binding urn:mace:shibboleth:2.0:profiles:AuthnRequest is suppressed, ignoring request ID
2022-09-26 19:19:06,828 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: No request ID, nothing to do
2022-09-26 19:19:06,828 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:19:06,828 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _01895c04fb68d6ce7aa133d5106dc6d6
2022-09-26 19:19:06,828 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _01895c04fb68d6ce7aa133d5106dc6d6 to Response _d77cb4d57eb3716b7a4d395b27ed8784
2022-09-26 19:19:06,828 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _01895c04fb68d6ce7aa133d5106dc6d6
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:19:06,829 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:19:06,830 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:19:06,830 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxweAyvQu2LE9gj5Kpi8r67cLke6ZQ9c1oY381eKo49bQx4ii4riESSRRED2tjN1RijLSYjk1WuSFR2FJ/dK+ItyDh+uWbe0Wy4RDneOjwBU6ltNVFPAOoElI6JbR7aeFREfaEhY7m with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 80.158.3.50
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to (none)
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:19:06,830 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _01895c04fb68d6ce7aa133d5106dc6d6
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _01895c04fb68d6ce7aa133d5106dc6d6 did not already contain Conditions, one was added
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:24:06.827Z, to Assertion _01895c04fb68d6ce7aa133d5106dc6d6
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _01895c04fb68d6ce7aa133d5106dc6d6 already contained Conditions, nothing was done
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _01895c04fb68d6ce7aa133d5106dc6d6 already contained Conditions, nothing was done
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://iam.eu-nl.otc.t-systems.com as an Audience of the AudienceRestriction
2022-09-26 19:19:06,831 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _01895c04fb68d6ce7aa133d5106dc6d6
2022-09-26 19:19:06,832 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://iam.eu-nl.otc.t-systems.com to existing session ecae41dea8e3a899bd37becfb763920408a9d16637185db122a9214dd41f2667
2022-09-26 19:19:06,832 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://iam.eu-nl.otc.t-systems.com in session ecae41dea8e3a899bd37becfb763920408a9d16637185db122a9214dd41f2667
2022-09-26 19:19:06,832 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:19:06,832 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://iam.eu-nl.otc.t-systems.com and key AAdzZWNyZXQxweAyvQu2LE9gj5Kpi8r67cLke6ZQ9c1oY381eKo49bQx4ii4riESSRRED2tjN1RijLSYjk1WuSFR2FJ/dK+ItyDh+uWbe0Wy4RDneOjwBU6ltNVFPAOoElI6JbR7aeFREfaEhY7m
2022-09-26 19:19:06,832 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:19:06,832 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:19:06,833 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_01895c04fb68d6ce7aa133d5106dc6d6"
2022-09-26 19:19:06,833 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _01895c04fb68d6ce7aa133d5106dc6d6 and Element was [saml2:Assertion: null]
2022-09-26 19:19:06,833 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_01895c04fb68d6ce7aa133d5106dc6d6"
2022-09-26 19:19:06,833 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _01895c04fb68d6ce7aa133d5106dc6d6 and Element was [saml2:Assertion: null]
2022-09-26 19:19:06,835 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_d77cb4d57eb3716b7a4d395b27ed8784"
    IssueInstant="2022-09-26T19:19:06.827Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_01895c04fb68d6ce7aa133d5106dc6d6"
        IssueInstant="2022-09-26T19:19:06.827Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_01895c04fb68d6ce7aa133d5106dc6d6">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>vvb7ScqMH/e4QX483mN+PVbO2+JkVNjFidy1wcArGlI=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>ZWpRYLk73jkCENIU2TRrBk2H8Z80+bMBnUsAqIWLm4rJ5ztcGm+gvlSp9YH150E2DgovR1xdZrYs7/3wCKD9XodRX505Lt8sSzrh2oefldY7k9ZFOpwBdDcaOm3mu76qFaQB6dbJLHSXTkeuePyGzAt+Hj6bp0vLxhLHJUQaG0TIQ110eudJo0TuN3scwsp8xFDC3ZPfSz/ISH2/kU30VgFP47pp1SBMeMZ8sxNV4yTqK4cSIFM7KZx5LMbxl034xt9pPHgT3WnOBTeDxIXM6k+UZJFdnviVRYL+B4kY0bmI5VPPzrkfgdxsVzy+E7QRF1L3TKiRMwI6FQUYkpsLaQ==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxweAyvQu2LE9gj5Kpi8r67cLke6ZQ9c1oY381eKo49bQx4ii4riESSRRED2tjN1RijLSYjk1WuSFR2FJ/dK+ItyDh+uWbe0Wy4RDneOjwBU6ltNVFPAOoElI6JbR7aeFREfaEhY7m</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="80.158.3.50"
                    NotOnOrAfter="2022-09-26T19:24:06.830Z" Recipient="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:19:06.827Z" NotOnOrAfter="2022-09-26T19:24:06.827Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://iam.eu-nl.otc.t-systems.com</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:19:06.452Z" SessionIndex="_dbacef735c731bb4b82fd364ad03171b">
            <saml2:SubjectLocality Address="80.158.3.50"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:19:06,837 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-09-26 19:19:06,837 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-09-26 19:19:06,837 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d77cb4d57eb3716b7a4d395b27ed8784"
2022-09-26 19:19:06,837 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d77cb4d57eb3716b7a4d395b27ed8784 and Element was [saml2p:Response: null]
2022-09-26 19:19:06,837 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d77cb4d57eb3716b7a4d395b27ed8784"
2022-09-26 19:19:06,837 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d77cb4d57eb3716b7a4d395b27ed8784 and Element was [saml2p:Response: null]
2022-09-26 19:19:06,839 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:19:06,839 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;iam.eu-nl.otc.t-systems.com&#x2f;v3-ext&#x2f;auth&#x2f;OS-FEDERATION&#x2f;SSO&#x2f;SAML2&#x2f;POST'
2022-09-26 19:19:06,839 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:19:06,848 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST"
    ID="_d77cb4d57eb3716b7a4d395b27ed8784"
    IssueInstant="2022-09-26T19:19:06.827Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_d77cb4d57eb3716b7a4d395b27ed8784">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>V4SbW/jS4LI768kf7lsb7fY786z4bsORs6ttop9JYHU=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>oq3WPnA00cA6k2OntzRoyClHwieaEUEtRLshbKc1WjRVqTvNNCuAYop4me3j+U8DL+KZZYYka3OvEsKPHFAyk5neRXvcUKW6sL88wlfKcfY7eY1ngX2P05h9dv7/Pmth8fbuBRDoeuCUSjGLsqVRdOzFJkSun1HMP3zcYZaH/cbFlbHSbwIW5yOUD8P6sv71KfKfcw2pAwdBKHfS2uQ8oTjqa3yES4uKG2oEAGZ33hB4eNkK3uaYCHjjTxc5VKvvVaf5Ls1+F9Y3i9i0FIA+JCkgL6oHtIopfPQEZBVxrRQdQci5dXdqpb3WAveCJn52LbvW2aaQahDj/AqosG4GXg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_2d215ac8a8635d5342fbb981e5236c38"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_d7e08dc6ba6bc45c243f8b8ffb41721f"
                    Recipient="https://iam.eu-nl.otc.t-systems.com" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>O/FyZ4tth5usG+cprZcMudnoq5edIlVayd1dJTuFCgqkmzgNfqS8h3HqM9w06+wfwoxWucKWVFemBMsyuc9/KORNzPydWtgc79FWohIL3mhRsFI2bTjHpNYDxVqI/6ibqZDKMjhufMZJLKcD2gJp8jHjdVIweKY2I/Id494cpzJ4SMRi99syx/qUcKBLCC4MHH2vVoje5N1+CtSed8XT8fF7jV5lCc2Sp49OF6WbvmbT1SLuTaBl9kwn+XfWAoIFtbGY4gIfK5732S7viRFKJyhSxN+lGkrDR/4BT2WveCNQvX/8KNmJKbvDYurbA1nYKNyUyHFX/D0bVSKT9KM21PFgfbGotM4WsCxUJuXOEvaAlJ8YITxVPtFSvo5BrQgkydrXGivCqAYfTjWBjqS6pDhxp1opcms+oUoGQyyf37Oer7erSgmqJ2z7tiFd8qUV3OmNk9GCLq46N2dBTf5XsSGhVKs7wIqUlO/sziMEsZxKDTysKvVgSw3mkPhz9kkXeB2RvHaioX2aq0bWCT4+pqyV3XXRgW+IqsZj6hvbrmO5X6fq6csCykKPoY6OgfCTVBUPE9OhVE8KSL032xxZGuil2nhaPUoJrsCt4B71BhT9n8icLGiAPeGQwgj+f9FuPBwyamrLSlapk5LQFtbfA3XjdMUFidrnMkdeLfzeA+4=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>BDRHJJFR/Ddg3oREDYgeFBgQ4HyoeXVwjHrqM74OljtKuE+02abI0XHwscPu2TLyrbAyGvzAebcZaWOqeksIovSM+ywLkAIDKglNc6oUenuLvVhrC0e1zNn6+T/m1UAJIPDTgP4XGAOpimiAtGILidsheYAIdK98gQuu+qL1PZSuhPBeymU+g61j2CH1DKQ7hhIclBbgTtOWXR2eMzP4UWw6CQzTD+yO2aoUAbqumDApWfXQZAZGJYuwe9Co25HFlg5SU9SyorD2d5UnoyKFGZrYQ+CKv4DVi3gXy2BXFJ/r0Hr9i0yKLqyDCQPzGaKFePF7gqbpzbgXMRU8OvIRr3VEYkmrnEZRUR3gTbMymBIGtqgHwmbNuhVTcoILfdrIxz6Fe5841fcNg2dgipG1aqf6Hfq0LJ6b6kiA4F7SrPJmX3PodtuU0/MYdmtSUwEPdqBvGpIvY11p4E8mdNu2TDng3cZN2KjXybWR51wDJxp9YM8Vnid41IHZBzsBareShV/RwH5pmUIb4G3ONeE6cpaNMalU5xJtjU4Yf0jI0DG4/1/H9ghNlDcRbCPBS2l0RintiV6Z1E1Tt4+mi/SaWgFwLZd6ymq+MAZij0MCv3Rg45PrgiUgrgtfmoOCXibkHvxGurc15+w7HKc63Iytt+6wt9gPmQfx5t9d3zs4dfIiCJaYWbNNHJh86zv4kLU7AEmsitYAi/b7uGf2XkA1O3qbQ2SL2fVa7EG+YLpJSQ7zXWt/K+XlOiKk3V0c8KSgg3wTBEluNG3QgWIvkReWp335sqBlmP/y7ahncbXpxmUtvU1P1Qj9wA4+0qPoT3WrJZTkySPr+Ud228J4FfQYuP+g9AtqBJGGr/mwNR61aH1oKxAApBhrfQIIf8meLqzzbIToeGNxTZHG1tQQ86UwEdiRf/nNWt0JO+1dVEIVWjT/pU1/vxEAKKMtn91uQX9W8q0+8yczqS6PPm4XWSNI6a7QP1ho1JQHPErtY1JRryJJExYEWfbkwsfnBhvZEiXsqXFVm4xqu6Y95hi1/yyQRJhXY87+UPKL1KXf9cfxZDkfZG52+i1/gJkSjoTO8MHT2nlZ8UMmuOZWZS8nn6g0pAoynGH3DyWe4ppC6vzrld31l3iDonom2oQqLD1Ihm/3TgUnYK0FUgMbDsG1WgnEmSPXUwMiJpyM6Pu/KmgxqqtmP05cNpyirWCWWCo2ZOgAdvydipR/E/sXYm+3zt6OBMkf61/lSu2u7oa7HOiLiXilTyCUgxD4Qzwsa+SrTeFZrl/sAwS75tBmdHQSoPew3EbjZKU+/Jt9wh4t3ezp1A1wOEiJywE4z4lBSZa8lAuyAmn724RlD9B9pd684XbQsJxqsNg2tC6+f+ALV8O+6vIeZgrFp+Og+8jRjUfx2aljevJGh1zj2ZXxPchNjGP4gf7a91/3cmrUZnTujU5GEnplMMK7ykzi0FPwcuryb901kSM3rTJqxhsfl1v5qUq6G1ZgtrX3xcZg2FqGjNsNCzssQ/VXFfzINbG15MXfoVowPIjDkJQLg06QQGZYSxwlRXq3lY9XKuN9wFcWX4izNoMNTHfkg0b0hRly9GGbhXOIGdqXot8K+7fDfPoXCoRnUFLqgCModDRzYoh/+f/silVCIRDCSUEgXtBbdM7sRniKti0QTEuBr8yLcI/xpfXkuuSkvbv3SPD0KWHrJZrE7cT3t3zm+ihEaXBsvDz7ekswaIXPL1/oh0WKM2c0nAIAcbN78AF135xE3uMf9vxrgoVokto4JstK6miNhpa9RWWLVRvIi7eAZ5QOO54BsyvxTrb629dLzB5oZHLfab4qAvwoFc+Ea/DjSs3nucwnlGAYrSFq71ZQOqI8X3uJm4yhkHnEyvA3iEquIhPsG7/Pa5XsBXsEq3A9Pu9nnTIT49YDymbc3LUPBw8wO7Yi55kJx+ctl/jrX5Omj8W+FLeUyUyiGhMohiP6dcAiif5T3sk/BvzuHwJ8mtzBHGtNFXll2Qua90Ku41ANeuSJrSMgMwShVd7YR4Yrw1QFt/Y8Mga7DoZtWHEPFRIIbQARrO0vmMqYumGiTt4pq1uYgGbkrXEYRFVez0PgdbPLWsRqqG5AN99NHX0dSIbrqG4Uqx/SBIFr70DZXLmZIYBoyEGIQDMrlXGerPpJ/Z2Heyw4/CAjyGAfB83AyI0dRrKyQjr6VxD5x4TlfnEbf9djsJh8s9+WPhahEbexNkauK8xy428nCssq7nDPEb0f481eiaAq4qRs/DyFIa/VIVSTMfe8brnhHOQiH/1FFUq7WKniJPlE0vG+Mja/pwdM3OZyxrqwsdGzgSaocYYz3YX1ZchPZ/f4X/KDeUHjsO0gbwHkrtqf2upLgFAwji+nvf1TFYdDPBRUXQx4SHAHftEyH/HBFCggu+8Z6R13qdcvW8o0zJVEK69LSuy/duOWfZJ5/tmGGimVj77z0ODMHxt5c2wFailEepzYP8PZfWL3V4ekiaK2LO2OhsRpBz8UErlphfqlJJV+WD48vnFruqnKO+jDVJ4KAn+gtk6RnL01z552WSXx5uo5WTjdv1C5EsaQClZxbB2Bdd2NILLJu0b0I+G44JNO9iHMhWephmEA/E0zz9eBO0pVwCbGW8MbnIkD8E6orBueqiKyO14g+EGZTf/UsPPCTnJbgrO4On6OUyypaesW0Gitt3QsJem1BUO7P9TiU3SvZqbfkKkirJZl/kPesR4Wok7fUMSeagf7pfsSXc4cWv982Mn4ds7uTQszaO7sEScgA10fVj9Z4DZOR3H0Pb6fvL0guXwT7D7NXTc7SVsKIJD64oFaNA8TU5gd5460DiZvvlYcXmjRUtSFT10rODqWxyXZ01BTakGjuzByqVK8rvygHoftjzglIGyfE+Sx2RS5hqjMMD03mWRrjjghU3mNV6UGQkY1A1bNoyijsxfZQU2j/R22brfnGI37B/fYHrQodHKfduPW0iCuNL7RqbHs0oMj5pRUBl8QE9lim1psWf/AK2eOtwCXYTp7jOb0bwbgOVzYGZtNp+Vlyn+LLLo1sa9ofTomnA7Js6pURpXjns0BN5ByabByWOkDek3gFaCDnto3tCr9RJU5gmqzMkbd+x3PzqVVrSk8zeBw9AtzgI9KQSE7vxRnlvWjQgbDkZy5WsXmHLdvTLO9nNmTeMuOizkeHjWAh5WShqbwgl+g+bcN0EfoiSbRyLGOaKKWGbtkAryaIyMMTi/6afbxy1tlkz7POUjgopTz12yGvtm1S7S2exyWD6Sq4aRq3MsAlkPmexBWG5HTZiH/AosQsWQj9x6+4IxwA5ldE5/vPrGyT5lAnV0N2IY+wFDYo2Jz/Yl5y+/csBFy/NVNVxs5Pz2G8iJp4OV0EFBW6HKu8ojUqMSfsws2qqROwKDCN3OSMgKZ5ZeZviluNOwjJ16VcZMph9XGL2nOB9mIS5M3v+mJlz1pS7n35D9jHYG3UfdZ1WmNshwQeYIGEWd1if4WjGuknNaC4aKgTvl7RfMr0wARgfjmnIt/3dTXKT4ZTPpYSZedW6AlWJcqJshQo/fpfnyF+gd+lWi52PIazJm+YVLtwa3JaJOZJm7VmhgOmbkvK5Hsd+9g6j/tGxtGGL+q910gMv6feCRslETCzl8DtGmpKxsHbDDsf85wyer9h+XSFU9YUMBkGWIZWK6twc4XLH3BnQTGxAj6+cIRhno7bSo1ecPYu5fohhyB3StQJKrF2dXJ0K/Ii2EuKf4Jd6EieSiNslA7OT7vdIwPZLC/rNWh9vcaIhA/clgT4/VEUoLZoYiSb8qeKZzV7Hnb+KFeP3erJwrlFtp00PfyECsI7ibLZ5GgGq+07KFPZy8xvd48sGqJMTmIGjOLApIg/2phRkWOic+TL9mbyCqkfbxewMoeGKgfjsdklx6c4d0Mmr+x9CMxxAClLCthapI0G63K1hXFPITG9XyMEIuRzQuiIT13Cs/xHsYdZr0Q7rhf4ujlh8UNoIIK81GQB9qIAaOstpkXoy2CmEDWt/ZSQA2yc+JVRUpxRz0BLfQFaubIs3d+UMPtLZJkjJJs9vaVTtCI26xSjID8fuIlLTUpOVBX9RWGVEB9fFvLvgcvkWPCsKwb21WF6SaSu3+uLMFv+DoHPq4YNyBmmXjg7RFPTQyJx57Y4wHeyGE3mZJeBl5Uq5Mp/gfbNt5oPJIEqAx5L2aG2xEVPQSpoScMVLoA8i6mms4HYmUfYNKw7njuO+THP8m7TxGXCq9dJXRTsMtprHfQgtTeOPjupZfdM3zjhnLEuT/l9mI+ImRi8qfnJ8FMS3fKEpeXmRho3XJZAJ4F32oBCFoFvnkMu0kzYaC6SzilLmp+hA+kvJutnuP0wkNzwvBSP/ef5DKVfcs+bp0ZaasVgR8GP5W+IM7gzOdVs3+hUIKtsB18K0SmAYCdKAEZROwgRRcG5Hm7zd+i9Ilqncp0bG5jgO0WqLJAnzGmzslqjaZ4ap/SEyhRSpDf5Qnnk/jqdoWcCvBwr01+WftHRoWJuO7/dfzsrRBSgDM8vkKHujZooOc07UThx4TQ1NNADbN96YJ/qEFlMjhn80oQ0EOH59RamFg3+LhonGmLqngqqQ6AcPNydBOCUWBVIs/kBYZlNNgNpNKyDSYEBWMxfBKSMDRrV4ZecwYpnc8MjQyo3bwJkM5za0PIjW7I/Wt6z+E0ZCH/qDonYgLEG5t+sDo+ieIXkW2VtsZHNQTq8gBUGIu6Xe+nnOuN4jomPVUZRauvViUxSsRsO9yaATfwZaf8GibGxUXzndIT1WNHHus0CS9jv914HvqPXszq2f14W+nNlfk46g+PEac1do4YcpUELpB184adwxCOM7aXyqkSmINczLg5wPHjHNOrUIIB5vssxR/NAlS/ude6/R/mSX4qUG0cQjnJQh+Ggg3y5JETrUTEP6R9ANq9hFkZb+90IZhoJazltO69aMhC07gcaa19j0jZFzA42/8dziqYC7pD82cIth0sOYINOInhR7b0tmmw7mr0E7qTgshaYNMcr6v8rrXzOhbtkSYc6RdicWLsDmnKLK6E9uWD+8uotf4UDHKEMV4cdU0zgS9SgFU9tXn5MLQW2YlsxRmyD9yoU197qNPl8FVGsKVnPm1VZEzDKSUW+qDBm5XIyYgjL0on0Yzh0mGnp0YXwn4BM/JJNus0ON1IIPUygG0ibieal05XPPOYnYHeK64vtqQWTYG1OUnko46ie4JT7uGw11/8JyrKzSbP75OCngw5QZCsxOLwmVLFghEhW+vQZZjAKRkXw2XO9DtLwATMrxI83/Nk/g7QB1o9hcpFb+Vfpwfk98hoz6+xdTd7qBnHCccH/FdJNkOSoty+e+arnZ57quWbs2txyVmWy8RsfZ6rffkXO+ZK09fHKCNB3DIzZdYhbMPESO8JZuoZWWRHyCL1e/9vbu5OxIqMy9z7eAchliJDvwBxl/jJB7OABzZWHeac0+pNe9nIWw3usQ/SEsXvrYeV7Qfr3+CryHIOwePFFWW4MdGSaNTuxAGovtEs3cDruzONhyQk4SfU93uwLhJ3I/XcP36UpvrpEc6lnEztNBN4f5ZtrCbfrQvb4G4rTDLtvb89OeU4/xLfq0HniTWVTgYZ9ZeNySI9MrHFeLzJ4sS0TDlBahP6PltwzYOiVwQUT2UXKhHX0V6yU2ZBFyKSuYkW5ToTMg6GtUErsCKLj6oBKNaMaxS4v4cJYEt/cm8eNvQtFW9aatu5gQnHbH/mIPKg8xnMtjGk/yLBh4mZSsXWuWqwSlzAlzP/0pUtwHQXioxJpbFPxLtXJ0S+XRRloCZAGI1bu9dqitqUnRqlJa1tZY4E8fBhcwioAkwqonSZPJ3+M+dFiyobPb7yx12GR6eHW9XYX+sIUCwrMKAZ1c+WGTh16TGruumHlWafS4vdxhyLSe67Oxmy9SKzyZjLNSzWRl2maE5idp7nwUwCsJ+ECqMhRcthvR9A5iSI8Nra14Dbml2p8tvq0xQoWJsKRb/cARovOFVmLDob8A7Wm4GGEZtGXnj3XqwoIErQlp7kQsfHsTCNYJKY3NtsiM9x86g2j0P/Tl9UnK3BNjkp/vfezOylH9sMeswinoUwN2+rn5lQ4Uv3Htj5H8cHp/iWgZCYq+i2RCs2dd1yofChN0kaz5U7KL2W7VZT6CDbF95yDwnrhW5uilOv8RTdfQux4fdonsR8t+2hVuhs4L3qfs8ewiuZ7rSg9GgQEbtuE9OcV8bXiN8BCTl5bTByghFyEBr1Zzhof1JCgpBhdlhdDqFCEkdXTnYxYDGf5kMwbG71RWEF3CkbMVMH3/+DSGc9DYNNLq9lbbFK9QY/50YZpUKUIyzd5olqolqHhv9/JlVCGP6J1d2jTrWL97h09IHe+y3rWLHI1wFAZMcGsgyUnosWmFfGVySSi0smd2gGdl6f+/ziXdekY8mQOXSEg/zp/dex+uNN4I6sfXmpB3poCUiHUeYgT4fK8PxntU7b6CNaXqh5Rr1txl4EKopjCf8pZk12AJgtIep0g7eJ/+Wt9jOyTbHZiSpkzXRq5vhJZtpI1aW8+3UVlMxbCMvJo+UfEXIuqgAk5bij2Kd5sQva9iePjVJFbRWycBcxT18qt0RXvAaC1vX8EK/0PZfgIk0DTIzLc+M7YEqcGvIhjWl12iGSDGVuU0DQhTNuVKrQ099BHw6Gzm9l2EzD8Ky5DmmLtfPjcMjt8cRiyfwDUn1xeO3FRS8ErwZQ9aXMF3yzDNSxhKmi/lPlVSJywgKkqvKrIXP/nLWlvnT7Gy6r4BgV2K2+toQQlUt9jzw2vGpa9E0RMkWPRhrsoMydQw+LWy1whvRe0iP2dVF+0nwMQM3yy5aX8YecV7FudxEW3m1EOgHmgRarsIu4pXBE71xyIHKcpGeF3D3NIkxNUSHrNZ3S8y6o3r6P/OVOttT7fVVzZzCKh97XgqxYtZW7EymqBqD7LPi2BmP0IOIfSJdQhVN8hJkR4nbXlajkWJQx5P2Ca/xpanoLlQ2daoFogx6Z7po7/ojHn3ooZTgsPYKlVfaOjU8BYk1cM5HzLIdcizhYHhwSJ5TOPt+YNKvsvfGp852PznfBrEZkN2TeUTbJB6z08OycdhvgPpaLDElU5PuwzJoue+Sq5AHHKFZlBEacHe4OFoMCfpbzVRJ59OWeS0/VVkYqH4+fSm+krZXcpULI5gjACA5MTTCh6DonwfxFxP3SxQI2YoOGkGbY+88n8fO6M6L+VKRCQwKWwJlGRmx4HxJWM9J8+TAF3tv9cJXCrr/Rs0bgjQoXqjgQbiHqk9ErMV9S6YqqkEYdiWzLArBr+wUMFDN02kqjCJ75fsW1sdpxIXiXOqyc6N+rOzNmuC5Z3Qq9Qu0BurjLaCMRStm4NVGfviOMeg7/daSJT+Mv7C92bEGTdSH/Bb0UObwvQ0hko0Yhy2TJ4pD6Yxw2NrpdSg/dGXLxGluUr1l7u5clWkM0QY2ZD2BYvevwKl2TzOKagT6a/HwTypUzobygNKS96reELDJAqrnAiPcC3R8mb6Q51LGGn4B9negz0govtXddJ81I6ANEYiIpe3Wonftg9D6NaNiK3ddguzL/rW0LU0lk57lDmhtkTDnKNgcDTah3GDbLhRl7gbqTKYs5FBx1T4npMt20Gn9TFO/0eqfw6Tni0nWcDW2tihKFiDkXytKKzt6FGRbAaZwhdEthL4hipGdKLM7unFhG7iOywvVNyMQ/h1QdyL0xl3H9zwD52I+s1FDlB24pzQ6EgyGpRflSkxvX/Pb3iXWO3Gx5QLRxyA7P3EkzcoaQooGXDRmKqABausB2WKuslnoichvdLx6TuM8+h9P3+Qii7tec7qp3fSRbtPVlFYTiSK+Mmb3qPX2xM467vrFNytKj+xrWsl7pgu73MAQIe3O9D/VU3TTAZLfJ5fYfaNb5tKJkOQevhR7Dy1hJ0aECIWqIygT3ErUFpros/XeSc9CzX0QS1FcY1PW4EsEUjGUyCMbE8jjhppxji4YkMl/omebLKyO0UIiivqIaQquthhS1N787NkY7PmEuwujGsXEc05ARflDnAquxXgrbBCvKlo7z6a7waVT7mvZBd4B6/68+BUJP9zISFCtyRSi5poKtAf8asS2wPekaG5+0ERwpPu1y3lqzihpFiN0uSKMpUBPrwtwJPOwJUZKbjWbRnPBMB8urXLkMrPa6r7fCAJugwNngflYRzuA6SPzxEcsbdWvs5eTLYKYg8isyBplqUTSwDiYVM/1VEQ7XAFVT15uZLZFXNA==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:19:06,848 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:19:06,848 - INFO [Shibboleth-Audit.SSO:?] - 20220926T191906Z|urn:mace:shibboleth:2.0:profiles:AuthnRequest|_ee938996-2dcf-4c08-bb09-88b872576dc3|https://iam.eu-nl.otc.t-systems.com|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_d77cb4d57eb3716b7a4d395b27ed8784|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxweAyvQu2LE9gj5Kpi8r67cLke6ZQ9c1oY381eKo49bQx4ii4riESSRRED2tjN1RijLSYjk1WuSFR2FJ/dK+ItyDh+uWbe0Wy4RDneOjwBU6ltNVFPAOoElI6JbR7aeFREfaEhY7m|_01895c04fb68d6ce7aa133d5106dc6d6|
2022-09-26 19:19:27,351 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: https://leehealth.onservicemd.net/ssologin?stat-running&d=D8B8BAA9-3966-4E66-A270-FCBB7D4941B4
2022-09-26 19:19:27,351 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:19:27,351 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:19:27,352 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_f0f3be98288e02fea03a60ee8dd50c2aabacbe2b63"
    IssueInstant="2022-09-26T19:19:26Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:19:27,361 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp' from origin source
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:19:27,361 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:19:27,361 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:19:27,362 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:27,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:19:27,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:19:27,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:19:27,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:19:27,362 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_f0f3be98288e02fea03a60ee8dd50c2aabacbe2b63', issue instant '2022-09-26T19:19:26.000Z', entityID 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp'
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=pZLditswEIVfxejelqvQkIgkkG4oDWy7IUl7sTdlbI1rgSy5mnF%2F3r6yvW23sOSmIBDMzJnzzUgbgs71ej9w68%2F4dUDi7EfnPOkpsRVD9DoAWdIeOiTNtb7s399rVZS6j4FDHZx4JrmtACKMbIMX2fGwFZ%2BbsllUuF6p1QpL1SCUC1iWiCtjXpe1AqigrlBVy4XIPmGkpNyK1CjJiQY8emLwnEKlUnm5ztXy%2Bmqt01HLR5Ed0jTWA0%2BqlrknLeUIySlRWCOt6WUaorEO5cio5BmNjVizvFweRLb%2FjXsXPA0dxgvGb7bGj%2Bf7vw0dYovguC1S0ZzvTOGRJdmudzgayi6YwWHRt%2F0EIGm%2BVQ41TdE%2FXUa2nHqRnZ62%2B8Z6Y%2F2X24ut5iLS767XU356uFzFbjM66GlRcfe%2FtB0yGGB4EXYjn1tt5j%2F1IUEeD6fgbP0zextiB3x7hjFiTd5MpZojeLLoOT2Dc%2BH7XURg3AqOAwq5my3%2F%2Fbm7Xw%3D%3D&RelayState=https%3A%2F%2Fleehealth.onservicemd.net%2Fssologin%3Fstat-running%26d%3DD8B8BAA9-3966-4E66-A270-FCBB7D4941B4&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mfhm%2FrOvU8YWk6NxmujxIB0fp2A2AcmgaJAc%2BeEdiy9X27yBq0gRdgB7Ueau0PiHe2u4YUobh%2BfXll2oHCGI0PQ3fJdTJID96tfuc808fnUFS3HRSxDLADvJCHvI0sn02gWRStON%2F2VOm7EX%2BdStsrtjbGspjWO4%2F%2BW%2FGGCjjTd8nv6hDAOdxKRB%2Ft9GLa9et%2BEQW6PZqqU2%2FMNZFvtpwcRIXqsWq%2BnfZ%2FKu%2FyNvPCd3svVX3UDLp7AAj35zKNlY1L0ESKKY79WXCsHr7gIgDwXFQAefNotbuFVwv2E0BuRjGpY2VXH3kEG87GHHCRVw74ZqKryqDJR3X7QoWKkAcHFLRShvtKtJge770%2F%2F5GgpbrU23tCxhZAwxdGpOrQbjTiKKKchwlYASCUEPskMLjgkiNn%2FFOCjdzObDWPItt9iU5XtK9dzVayFVDv6TX%2BZkpAM4Z%2B2QlukWXU6GFWboCP7AEoOS5AyJlZ4G4u%2FDbAc%2FfQMeMipvh%2FbaqMtRmzVd
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=pZLditswEIVfxejelqvQkIgkkG4oDWy7IUl7sTdlbI1rgSy5mnF%2F3r6yvW23sOSmIBDMzJnzzUgbgs71ej9w68%2F4dUDi7EfnPOkpsRVD9DoAWdIeOiTNtb7s399rVZS6j4FDHZx4JrmtACKMbIMX2fGwFZ%2BbsllUuF6p1QpL1SCUC1iWiCtjXpe1AqigrlBVy4XIPmGkpNyK1CjJiQY8emLwnEKlUnm5ztXy%2Bmqt01HLR5Ed0jTWA0%2BqlrknLeUIySlRWCOt6WUaorEO5cio5BmNjVizvFweRLb%2FjXsXPA0dxgvGb7bGj%2Bf7vw0dYovguC1S0ZzvTOGRJdmudzgayi6YwWHRt%2F0EIGm%2BVQ41TdE%2FXUa2nHqRnZ62%2B8Z6Y%2F2X24ut5iLS767XU356uFzFbjM66GlRcfe%2FtB0yGGB4EXYjn1tt5j%2F1IUEeD6fgbP0zextiB3x7hjFiTd5MpZojeLLoOT2Dc%2BH7XURg3AqOAwq5my3%2F%2Fbm7Xw%3D%3D&RelayState=https%3A%2F%2Fleehealth.onservicemd.net%2Fssologin%3Fstat-running%26d%3DD8B8BAA9-3966-4E66-A270-FCBB7D4941B4&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:19:27,374 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:19:27,375 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:19:27,375 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:19:27,376 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:19:27,376 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:19:27,376 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:19:27,376 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:27,376 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:19:27,376 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:19:27,384 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:19:27.385Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:19:27,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:19:27,386 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:19:27,527 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'leehealth.onservicemd.net'
2022-09-26 19:19:27,527 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:19:27,527 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:22:33,265 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: iakGtW0_nGivUXfFHDMawIAI69HuJ7uMNOfJvPOmlenW3pPEL9arhxUD
2022-09-26 19:22:33,265 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:22:33,265 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:22:33,265 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://api-v2.conformity.pro/saml/test-sso/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-9ef5620a15632e62530e513613940c13386e6e1f"
    IssueInstant="2022-09-26T19:22:32.603Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://probe.conformity.pro</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:22:33,274 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://probe.conformity.pro' from origin source
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:22:33,274 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:22:33,274 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://probe.conformity.pro
2022-09-26 19:22:33,275 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-9ef5620a15632e62530e513613940c13386e6e1f', issue instant '2022-09-26T19:22:32.603Z', entityID 'https://probe.conformity.pro'
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://probe.conformity.pro' does not require AuthnRequests to be signed
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:22:33,276 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:22:33,277 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://api-v2.conformity.pro/saml/test-sso/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:22:33,277 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:22:33,277 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:22:33,278 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:22:33,278 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:22:33,278 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:22:33,278 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:22:33,278 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:22:33,278 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://probe.conformity.pro
2022-09-26 19:22:33,278 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:22:33,278 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes128-cbc
2022-09-26 19:22:33,278 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
2022-09-26 19:22:33,278 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:22:33,283 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:22:33.284Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:22:33,284 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:22:33,285 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:22:33,503 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'probe.conformity.pro'
2022-09-26 19:22:33,503 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:22:33,503 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:23:01,357 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:23:01,358 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:23:01,358 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1690210770::identifier=rick, context=org.apache.velocity.VelocityContext@79635a55]
2022-09-26 19:23:01,369 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1690210770::identifier=rick, context=org.apache.velocity.VelocityContext@79635a55]
2022-09-26 19:23:01,369 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:23:01,369 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:23:01,369 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 5247ae6f962ee42ab54231c5af465b738a4a27695be394e781e6b15b48a81b88 for principal rick
2022-09-26 19:23:01,370 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 5247ae6f962ee42ab54231c5af465b738a4a27695be394e781e6b15b48a81b88
2022-09-26 19:23:01,371 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:23:01,379 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:23:01,380 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:23:01,380 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:23:01,380 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@51c34999'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://probe.conformity.pro'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://probe.conformity.pro'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://probe.conformity.pro'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:23:01,381 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'probe.conformity.pro'
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:23:01,601 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:23:23,559 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:23:23,559 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:23:23,560 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T192323Z|https://probe.conformity.pro|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://probe.conformity.pro'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://probe.conformity.pro, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695756203568}'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://probe.conformity.pro'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://probe.conformity.pro]' as '["rick:https://probe.conformity.pro"]'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@51c34999'
2022-09-26 19:23:23,568 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:23:23,569 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:23:23,569 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:23:23,570 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:23:23,570 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _e585f2c5b2352acf18d36922a0832eb7
2022-09-26 19:23:23,570 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _e585f2c5b2352acf18d36922a0832eb7 to Response _97f1c4a61b445b9e4df5a6565f2c9d9b
2022-09-26 19:23:23,570 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _e585f2c5b2352acf18d36922a0832eb7
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:23:23,571 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxE5sB7QHS2c+2USk1qsrhS6Vig4iyaYfmE0b3gk+w9QKLvgWVNKCXWoLcVRkhEm9GcNxnw9XvXhLORebLMqsgsFL6kFSXWPphkHPnEH5ZRaJd3M3ZjjQjFQ/ZbADb7Q== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 179.216.185.37
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-9ef5620a15632e62530e513613940c13386e6e1f
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://api-v2.conformity.pro/saml/test-sso/acs
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _e585f2c5b2352acf18d36922a0832eb7
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _e585f2c5b2352acf18d36922a0832eb7 did not already contain Conditions, one was added
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:28:23.569Z, to Assertion _e585f2c5b2352acf18d36922a0832eb7
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _e585f2c5b2352acf18d36922a0832eb7 already contained Conditions, nothing was done
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _e585f2c5b2352acf18d36922a0832eb7 already contained Conditions, nothing was done
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://probe.conformity.pro as an Audience of the AudienceRestriction
2022-09-26 19:23:23,572 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _e585f2c5b2352acf18d36922a0832eb7
2022-09-26 19:23:23,573 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://probe.conformity.pro to existing session 5247ae6f962ee42ab54231c5af465b738a4a27695be394e781e6b15b48a81b88
2022-09-26 19:23:23,573 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://probe.conformity.pro in session 5247ae6f962ee42ab54231c5af465b738a4a27695be394e781e6b15b48a81b88
2022-09-26 19:23:23,573 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:23:23,573 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://probe.conformity.pro and key AAdzZWNyZXQxE5sB7QHS2c+2USk1qsrhS6Vig4iyaYfmE0b3gk+w9QKLvgWVNKCXWoLcVRkhEm9GcNxnw9XvXhLORebLMqsgsFL6kFSXWPphkHPnEH5ZRaJd3M3ZjjQjFQ/ZbADb7Q==
2022-09-26 19:23:23,573 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:23:23,574 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:23:23,574 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e585f2c5b2352acf18d36922a0832eb7"
2022-09-26 19:23:23,574 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e585f2c5b2352acf18d36922a0832eb7 and Element was [saml2:Assertion: null]
2022-09-26 19:23:23,574 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e585f2c5b2352acf18d36922a0832eb7"
2022-09-26 19:23:23,574 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e585f2c5b2352acf18d36922a0832eb7 and Element was [saml2:Assertion: null]
2022-09-26 19:23:23,576 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_97f1c4a61b445b9e4df5a6565f2c9d9b"
    InResponseTo="id-9ef5620a15632e62530e513613940c13386e6e1f"
    IssueInstant="2022-09-26T19:23:23.569Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_e585f2c5b2352acf18d36922a0832eb7"
        IssueInstant="2022-09-26T19:23:23.569Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_e585f2c5b2352acf18d36922a0832eb7">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>x6j1Frw4YLizlT59wT8rvl16uBsSiSdoq95Tn5Fx2Kw=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>hAh5hxuj0I0O37lHqsm0+DqYpcLYJRMavmFonuCaJwNBQL8HQZMCEMhWSt3cmkyecxXuT5RzzezPe+AnijlABdrgkGX5Hab8TtRLT5PO9AcA+wTr9N6PkhKbzH9MLvA/hx+VlrVtLlZwGet8s9dTCeHC+97z1jYgC9dAFqZ144I2j51JbsWPz0EozJl1OnajcpEamBJqS4UP/Dqu27LTrgaMSVs6y0LXMZt3VYTzzPFkuNnmAZyCy5F3D8RhCy1R6Sd9H/0cPh4q4K5ON4CV6QFTOBIIyPlRJRjqpWoSZkkiGxmDBy837BA+60bn8aKm7/RHHENs2+1Ia2y+h8pC9Q==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://probe.conformity.pro" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxE5sB7QHS2c+2USk1qsrhS6Vig4iyaYfmE0b3gk+w9QKLvgWVNKCXWoLcVRkhEm9GcNxnw9XvXhLORebLMqsgsFL6kFSXWPphkHPnEH5ZRaJd3M3ZjjQjFQ/ZbADb7Q==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="179.216.185.37"
                    InResponseTo="id-9ef5620a15632e62530e513613940c13386e6e1f"
                    NotOnOrAfter="2022-09-26T19:28:23.572Z" Recipient="https://api-v2.conformity.pro/saml/test-sso/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:23:23.569Z" NotOnOrAfter="2022-09-26T19:28:23.569Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://probe.conformity.pro</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:23:01.369Z" SessionIndex="_c84ae844996e63e3bc557ca661fce65c">
            <saml2:SubjectLocality Address="179.216.185.37"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:23:23,578 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://api-v2.conformity.pro/saml/test-sso/acs
2022-09-26 19:23:23,578 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://api-v2.conformity.pro/saml/test-sso/acs
2022-09-26 19:23:23,578 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_97f1c4a61b445b9e4df5a6565f2c9d9b"
2022-09-26 19:23:23,578 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _97f1c4a61b445b9e4df5a6565f2c9d9b and Element was [saml2p:Response: null]
2022-09-26 19:23:23,578 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_97f1c4a61b445b9e4df5a6565f2c9d9b"
2022-09-26 19:23:23,578 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _97f1c4a61b445b9e4df5a6565f2c9d9b and Element was [saml2p:Response: null]
2022-09-26 19:23:23,580 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:23:23,580 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://api-v2.conformity.pro/saml/test-sso/acs' with encoded value 'https&#x3a;&#x2f;&#x2f;api-v2.conformity.pro&#x2f;saml&#x2f;test-sso&#x2f;acs'
2022-09-26 19:23:23,580 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:23:23,581 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'iakGtW0_nGivUXfFHDMawIAI69HuJ7uMNOfJvPOmlenW3pPEL9arhxUD', encoded as 'iakGtW0_nGivUXfFHDMawIAI69HuJ7uMNOfJvPOmlenW3pPEL9arhxUD'
2022-09-26 19:23:23,582 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://api-v2.conformity.pro/saml/test-sso/acs"
    ID="_97f1c4a61b445b9e4df5a6565f2c9d9b"
    InResponseTo="id-9ef5620a15632e62530e513613940c13386e6e1f"
    IssueInstant="2022-09-26T19:23:23.569Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_97f1c4a61b445b9e4df5a6565f2c9d9b">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>ATcnOrZeT4VxlfVTwm7H2quMSxO/Y55jZ9pKEVlwcAs=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>lSB2nG+n55l9whY8FQ9ocrh/cHyaBrZp9TtR7Ja0d/GYKgYHEeUsRZPUbHvSyghicxmt8qxy9s7sdFrSpHTM8fHNKj833atVIYvynfQ7kUT942R/hXHAizLF6ZxtUmYrATKhd1NYsTxPgvbhoxUfYM8awHhgt9QwtduJh9itkyT6uscmhoWYZ4TgxxHq29kVLiXRImQMqMaGC7nxZwe5swBG67egLO8KBHZTihr6EAPaUZhvxlut7J5kwFQEAPZxUeCjL8CQLs/UIHvCgJV/pf2V5QTouEvq6FtV4ClSQMIwns1nxV74FZFG9Fb5dFwLvzwe+BsjREg/maVGaBNk+Q==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_11acf0f86b678e0925ea0731a065597a"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_68b10556c9391dce1aa52d87cf94eb98"
                    Recipient="https://probe.conformity.pro" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIDEzCCAfugAwIBAgIUBPhOL7d9J0J8KvO2FAsLI86pOlswDQYJKoZIhvcNAQELBQAwGTEXMBUG
A1UEAwwOY29uZm9ybWl0eS5wcm8wHhcNMjExMjMwMTQ1NjUxWhcNMjIxMjMwMTQ1NjUxWjAZMRcw
FQYDVQQDDA5jb25mb3JtaXR5LnBybzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQ7
RKPHQKCPuD7YFnSgBL3lgXzgSvbZ4Bp0CPrn8+A3cK2wphn3RnmnJ74XtT38D1FLdNplXe1z/0gr
1dx+8BTpHVW7h/dmlJyEBwcPhXn7jO6nzyt88ltkiBtsROAobu1tGeBBUS3NROESI0rSaS6Lbeqt
YAd5wE8ojMIoG8UkiGdiKOiQ061AYnR0K6c//kBMtkWXFroOwv4gcL2ZFCgqZE5d6/jSGNQb80Mr
oLNecKdXDqa3VpVumL841Cldp9yR3aJXQiHtgntuPHiWb2y5nbHe43C89IuTZoLWO9+hrz0C3En+
wyggvQ/cxbq9tVxgnQbTQX18MvQ+3lwPoYECAwEAAaNTMFEwHQYDVR0OBBYEFFQWjRS5IDvjqB04
COL73Ec78muOMB8GA1UdIwQYMBaAFFQWjRS5IDvjqB04COL73Ec78muOMA8GA1UdEwEB/wQFMAMB
Af8wDQYJKoZIhvcNAQELBQADggEBABJFh5Z3x0sup/fZKVvl6sT+/V4tflvYyEe8/Yto+OFhsr62
klimR7DZrNPJYnFzwDeSRvwjFEw4K6ecNYanS7Bzj7tD2L+eyxhMCFJp/nQFJJfpAYt/kmdhzoeT
L2lP5on8fLFQiuUVCuFN7LtfB8ujBXRuYcg/+iE2rfalZefRKtmw0hrwdJ/wl749LXh/2d7+YDx6
tvIkuTF7Tfr5H5B1BVt1SiY/0RGKQbFGNHfMEUbJ3nHEQDDRygdVnPsXIBPM37N9BN1oC7utzbwj
iCXhcnuBUbeVq1h7x8z1+x4TmN7to/BpGiBbwPkWEvPW6QnNFgFxmY3QN3pZEmW0aSQ=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>WmtrsBeUB0KlpDHsk4YT0FuiWzTSAZGclNJnpmUIM+Vpupo0nXXRICiSftAJEVlUOhUWHkWnn6hHPwkp22ZOUH3F62WNnpzQu2W5MPpzg4rltrTmT6jGBONvFp+faI63s1ykqZGOnzMl+cGT5AqpWHy0xUxo3eqb/Q0CySqzxQOh1i9xWbUJO5g+Piyo88MdtkBv6RuvK1mMg4qrvDLiBEcHJS6UN4rcAkuUpGd3tYu9z9LFIle1EYYho7wLTslMPw/xpkhGsKsGVVsgX2D/LyYE5pXfjBEwrqHJ6G7igZCX5kXkY2zjBGFCYtkqHaHnZaPnrD2YCrmyxMzEGecu/Q==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>Gi4k96Lp06v0GHjudBaQN9jM1IMpP03fgnqH8cB2eLwULwC/gQJF67CG3TD6FrASFTra/0H4Enu+tre/1Ceg03YxABz6Pxwe+kfJOABjluPO2I9rP36cq/k+tg4Xqg6NEpZXi6h02kScqhlgwRPmrXucTI0qeMn1/H5cIz+pqRvy5pRuGXLGjp5BCzoTsPZB+c0/ZG2p6yYmlZn3O1RyPeUZQYACMSkYVFxIE+i4rbVNCQ4Ub2h9AnZ3N8iMGkCxTT2qmCXFBoNsDJHd2Z4MZYQ4l+uiU2A6xeg4YzxrDH/kLslUvywnKTFkGgnpudYOGUwIzvmSmyVK5cVButS32RE1F9JJ3kERdLrhX2yxF2UY08uzLk5oY4Hx3US27tuufKIwZYc11swP4BNl90K7EO2mYaKIKOg+sU4kqR5rRL2KE8MIudLEDPgSKRn89l//eG+CuWReUzcF7saRNL32/fIdF+HUGcnWof/XjVTg0UsfMp4CuhdJqJpVBlqi7+nQ84faTNUNqiH2iwO/lkiIPv+57uFM9A1RhwnO1cO3tyBgnls99cDx4qhgEJ1IGUK3+wAPbfnOd3RZqP2rk9VsRUsEMOs/vgCC9oh4fkXMi+7Lt2U04/uC8IZjloOo4Vq/4tat+s+8kUzY+6pzQcrZy9YoFJ5Nqx6N9QoqwEIY7AwvjLOHnhaTIELSH9h1VhH2FmU3blcdeFoN7FLZ9+Vhz4ZU3SxL96TeddYtCWVJdN+pSu6VTm7yElbGNUN+XsBGp2HX3LcXJqhqMMGMDRb0RU4Bt8bpWVyoTalzzSOFgBzTBhpxptjAEd5ehL5NnWNxn6uGQErJb0zv66MH2Msdvr8CW+MrQXVc1oqbzA4mo1xkP62BRfvYuoXRb5dr0nbbvtXGxstYNlxCqfx00pr2U3NJw8IXZcvyXgiy2e5Brc9pjtTV88+nfYWhJH37aDjigycI1GUj+YM8k3WXc/kgv+iUCj3PqQMJCdhU0lWIg48Mr7CvuJmsuYoXQRjlZIxxlROZt7PmWlHf+I1NjoKaNzOoI7xll6lkYr6nAkgsHGclu54GiLc45buIOU++KnotZPX6/deL7a/G8GLGzvfXEGCDytEHuBu5O0CEQSPaTeGRJAVMdkMjgXGQzuf1uPOYV7OaLsYFaGGka3uPn+rQnez+rBZM6ojBMwm761SFrzCCiNtdI4AYQnrQBaWe23n++PSy4s3C3efNrE0aQPUtmXJj0nnn/FcV2UJdXPtbrFOGCiH7ZfogKW1QE4b8WF/jkf+HHKbzR5mL2WSILNuZrzyn6Bf1uUURhfR7ZK0bVbKX/XXsSVCdtO28OemAmxhnI9qzbmrcxuSVUVvHmflpTwNCwlakd+YJvu7b4xlKBBrUNx/cvB1OU9wVgTFRRpn2hhS2RFwJAzrIzs3/NokiJnXrUakB6AJ0RVy2Lzf4FzCCcMwMq2Kyyde3KbptgeINMv8xKllTzSHJ6rSFN9dmDnUmNPONAq8Gr6fELkBhb6t7uqGXaQyYM0QJPNJ+kcOlPmuY5l00LSSJie+B+ngB1iu5Uzm2FXrhyVCoIKSaxpuPdKERuaV9IuBBLVGqGh8d8PWr6HPoFDES0eyX8xQWPdHgRPDXAgF5vYee2Ucun4oc+i1RaASdbH8NdHUsVgKW0g03wEqZ1+wLOrKace17BhgmZUC2Vm7hta9vmRjfhmFKlWud7QysyawS3ODXD26gWMSh8lsswMMr0LpQK5vhIEEXDIqE6S0sR9VKK60jOvNnDSy3R6oCKN2OgxH30praV4l1dN2VTuhowpQPQBm8btsdvsksiWk4lZ2DzuHrGSJOdK6PeSPG2OLdhlGJRY4Akp8ftQJqgHlCS6c9x8morZcuoqiuEA9k1kE3pxiLgSn28Kkvk6LRkbG2GCXOj2ixjlQjCMLAG02n3GPkKyibfP+sD2CY0bfMtCQ4O94QbRRlTVb24lcyypAflJUUqruuKb1a8e0sJyqYBbuvSLLjN4mfhzZSvZDpRqXR3Mq6tkrbXq/LjhbGG5cO8SIq1aXDb1XSatN5U2eL728PVF7TVOEwh/8f/j3SryVrB6sWj44m0cHzuZth3wO1uJhg7k4KpqXLilWXs53+s9DjkGS0n5vdbRharRkpn5bSOniu/JXwaG7+lU1Qy6VqfvpvtHsF1/LxxjA18NOrA6ynjTWpf8Y0apkyrTiGaOmPE40hAWffl3wVGAdKqO8iveKLmowcK21tCwKaUcrorZyUPm7+gcrVvSYWX7TTSEBKXzYr2+37TIcI4Y9sPghdqa3iH3NuihnJ0r3r51SNZNzzCGklQGlZdk4/vO00P7DFLhdyQZE7cr2XDASQWPNg+99KLkaLhNuZB2Ulaj9pZ5CuXMVWQ5dYE2ibjud6lmgPrL2bH/dNpTGKBkeia45Jsyh9+tzMmzLGRY7qMn/2qMqOVvF9Z+eqnBlkumJanG9GK1jDoh6wXuNkXx1Oo7JWozBVO/16Ia5wNBPYonBUissqvUqiYQv4rHX7dxzeZ8GEKarVHf3nFmcZVKS69Qa+XCWgwTIMWQNvW1/Wfxy7lcj/QkKVvmpUEjkhN5ZQLuizeYTlPi68+mbahC36YSgWLoW4CpAgwz12006ekXcLOadWS36bHYLn+ULcy9wFEYed0E8oHuUqMmGfvj2iJuFmqDX4UgEe0EKiLm3A5iO9tZ2Jj3/5cc6SDOuIRvd2OqSdFUZPLCUWp8v33VZYaf6NoZFoxfVMz57OfAgdaYpUP7q3IwmoFsXa+aFMWB7gA45RdQiOFNK4T8Gqr0UR9EK/skME76BTKnA/xksonQMhQH90SL9vu+/MlsA5w4HdSoflgXOxzZpUIY+XfLMi779daGdT2eGUgUoChxaiSY9FHUQmROQ316KflAPXkuyGg02BgsN8cmd5W5Kyc1mGrshbpRleYBJ02ocojlZR/rpGf89NS5rJM61QOwUQln+W9n2xdD9AsbsDOXnTpgjJBguWxtLQcXkR0CtqEuhyyx65WLA/hePeX13fJ7aAXH49e7Pi8JLiNT4CJbxYMcYdnAX0Qp3ZFi4V+77HntKYqsIi/TcrLGfsfjDmlqqBspvVbed0QWkW3bgYi1HxMcnuyNbQS2U4wTZlwv/Wbm5TDHaPgx37/4nZdGcGYATymkficTT/zN2Br8Ao2cMdFlYl01CgOR0F9DnV0Qz9NJjenPIL+Xp3yiLAelmwxHYWbjVlqILv1xmUCZsyygB6xvJzUdHh+kF94lDYi85CDh3wCezfnFHhwlfbNRIOzTDGwmz2J7w0xlz0y1rJtE71CBqfBxWSZIT3pvxTMPY4oRWRa8UHTOwzZ+thAsJ/Yc58ZpYSDx8LG7CUbP7AY51UgoG47XvMVzpBEAbf+xVamboT7rV0N3wPoBtRv1wuO+zTp1Npk+OXazgIN1DS9cdRcKZAYO8yT3RgXafhzyCe1BXnlVCllnt4YUZtHX9geGeLOICwwThwb3Dj9LG+2k9FMrE5TOXcRmXkdmaks/6FqznbNY7LFMOETmwYCgpWUZCgi5vCEUmZHrnfxqI/Sf7/j8yBuTwA667Oq7qOyCSKBHMcTfxAaB0J2KtknGfqW6gYvuf/2cf6OKfNt2PHAU+iFb8OnSls1PV2uS5uz6J3bGaix9U5bCwHvu20YTQNaXvsXVByvhB+bEl/SzkUMzpmW2kgs3XcvBvrYMZP4EJogb3CZW0oMoLkcLKsHMKnVC523hANEa49iWAsGGhORfCxdJldkTKYOVa/hLU8uWggS066DqQkYnAMiEgn47Mzv+CUrLgX2Xr/91fF173da+FAcV0iiGGyfVcpU/aOJIOqvsaCejP6aW5+ZxjkCoRCTcmEoNU5Qq+0vplF0drwvneeMvmI8YPfjsDEZTWEjMv54ihxpbGUg49ukfksOCdnJVKW74PNcZRDb8p0xxdEMHYCD/GBRt+Jw4ANzL5OJjDwnpHJfFBZRRGC/xuPRp7tOVsAguf0WaJDbyidPzY3QvvVd2HZnM0ghqUJHNuFyHtpZ2is5YHTqFzD/PGUZirZ3yejJXGWLKnUTUipTAS++PSD4mrFUYCrmo/VcmV6FuzQqL5byk4bDJG0YQIIUdmMb4gerwgoOQh5GfFPHPpaDFudv4uJ0p4OhygTvv40aYIXfYpMbf3wpj3QQcYQy7XSPjrnH+3J6q0glrSeZEYKPqJiVqLhxcHRzCWdCqymsrV7ieh86lqT7B7AMjVTcFwjC3NFEpx/KDJFamIl8xAXIUlSlw66PriSyHC0FPvDyTlFVS4RlWOTgG0DBevh4FHFS3DwkTmB1T1kKmglCcrYRKGadUUbzuCXlBkt1/GSBqj+ukv7AOHEgVN83y+h5iHlin0x1SPWRaBVO8VxwjbFEKK7Zd/k00YBtYJ5FoekPne7EPcWx6adoAr1yHokMvpQgPRUDTHIdTHH1yW7MIfQF1c8MxCeohoKOlZln5UDVzK7hSDZcXheG3tR/9U+//1ckI0/dVI8R4tc16eEQNfu/T3wUeEQQEL254t1RJKfIn4u0FOFM/jGGaF24g+TAExzq8TuQd8Faav3Zcnpb6WKIYY6K0ciZhm0XuKx1Irwul6ql7OgmZ+9mt2NfcZuC4SqRLY5QkAHSlhgxcMnGd+gytehnnxwVnFOu2reM4ZBG2jIk0ypBZxQbpzOfzV+jtpRt1Gh1jbtGW7mSmoFD1IrQZtnWR29aaScT1mSbSUyNFU0hPHooGKgRd7s7bpfXtWUGZqGV/E8eqbvJuL3YaSAmGPcnEbSlD6By9Sa1GKrcrRoOW5quEvs9H7js+8edWDAYX5O3/mbKDIybNChDn0bJRM4Id4f9PbuyMa1cQbzOE7809LNmAvNd6+IkDKsmHA1I1kIcTz1JNkgL7Ri6nqAAnJQ4w30UC6lF7aqFcfHAiyR6t4kJWzJdIy8vBk0VgBPbFPJ9MI8Mi5snkgKFB404Gt19BskCNQgoBvZ8xgKBWeGuEpBVFqE3gz6gFxQkiWZYwAtqyYa4PAg6FKZa+tDKHRk/o83TZUB1jlzqIO1gzaQ97UfwfXpKrdIi1lX9txE7TzDHHp+ghtMeUO4rgxDZqP0SL5Rq1fHlexEZ+AGBhnTJVE6zB05I4mr60zMA5TMFbv4kGQI4e2Axll66HbCnxYI6CDrHLtedXRi5QhBmUFIERi0u9JanBhLZj+2G6Nd6tbJp5GPXQBNha2z2ll9u8cKs2nvKk8EFPsYUFi5afJ4PkV6swK9gHpRKVBLp3EyD7iaT/2LGV7zNuQR1Dkm4bgNxtFcq4ioP7vow85+3bEdF8xVqy4sjCEcMBrV3GjQrAgq8cp+8QNleXM8v3k09tkjol5OWbBJmu0xv7XETgkYMxUEps5bNyejpDpdVPPQD3vXV+iAyZxB3j4A3m9Oby5eGueJfcQDuVNd3kaWmg1z2bCqiINvf9ZlKRn7dAI4u9ersWGwPS5Wtzsc7ioDWmdDrp9oGIUkSfdmqES/i7t5AzDNeHz8Ofok2d06EtLmyt5kXjqBuf2oieHcl4NHL0uyMUYyuf260Ydo94V+dsLTw8BTtHm8Am9CxshNDmyJgoVrhWxyWZmbbc/3AKQm7MJajTFi8wRXlJiL7nBBmbPTZoKtPIaXdNUVLKC+HAZXARNzxYSEzOj0f7PuD2Nvfsxqq+hm9rYeeL/UomZXWkgLfbjHDWk8HicQ0KI0sfk55kMj6bJu1zl3ov/xuxaxVJ0PqeKHKF+qDFfo503k3XlOhaQvvCDTi5m/tn1XWh9YFDGe+SXqQeoPXNZPiKmEn2ioZURCLLUjU1Dcn/rEv8UmcNBSv0tsNX1Vovlc2Lj3St+Z69SiVwVHBuP7MMJxVERMTJAPhaC76MNsRKw7jS7TKuwBW0BqzsH6xpiKhZH5RYxlHRDzAViZhEDYMydH+uhsZ65S/TF/PwgvrO0WEBVCYyKbHoipGn4UexDOJDuooS3lyTFB056r8U1j0pAVgsvA+7dVUsBw36Z4Yd9OcjpP4hhtaKog5Lz3K9UrvpHU/ezob4Z88OlMcT3EKm9zzh77d4Mdlq7AElpoSrjWo9FPkct9q26kpPT23UTuou2LyHsbJUytWvtRL8X/KyokhNBAo1lVyvvUS1zxYFO9hFYtThC6g02VwgosZVG9FBgk18kvaGX7IhORW0oFIeUn1dLPUa+6ETWaaNNneM4ApkVT64qlthbzQ/ZCZ6AYmSusYREQNVwcEoeaA1iZX4lCbfmbiyyUcHztmG8GFG59SO1051HekT5rPiFDQpCnZGwfDCaoXc7Yme3MfiphhCFnra5Ca+LMHEmF8bSxEcP9TqcCCMUeT6JLu5KabdHRTaMlb46AZCA+byfJ5mtnxJRBdCOIqVku6KbG4zKVOCUYyYgSf/l4loU0tsLpChBBPfdRnqdTkYgw6duW3uN1iDqYeLO/5wwWpHArEYTVRsO9Yw+0XX3FpfYlDW65Vjvu2+6cnvrnuxZIOGLQwYf11ekAeuTNtoReLiQ1e1PrjbVyaJXUPXSbMieKE/29yEKRpNLlA0PTWoLVBjQe+mPsAysQ4/hBhVUiPnh4rkzMlijxtEIH/ZF2DLzukYLH8irK9+tItyVqv0rJNVkMwXZilWoMQGX5L3yHaIjHGjjGef6/afEus2HvuA6mCtEBukqjHcJcdIoPw7ALFGKJQPX4nk6RnjWe9SCsLtiQtl+7SR1lzfbf1vn5etFYTCF/O4AaKgXGFis+Z6hJCDTsqMi99rT45Wja2JWOepIJYjRrOes/11Q56dqdFNlvl99FHjYCnvWr5hI6jZAb3qzXiI4rs3pviJHreZ2pGwOUK1+T5oH/zFABHqJB5gcFCf5mWzLP0vB/on0U1JIpx2qalqoGv6eh3qm9Lpu//Q10miNGWKUzYUEAGhRDR0TVqPMXV3/JAzbUedmKVkrzKWuXJIGIkcFmmseQl0Pzo1a43SQ3qxFC7aMbyVjfmLtI5UnzEgvkC3C6aNmFOX68VKooHI7cPI7gy4qbA6lmTvPGWTIQpW7v2xyBmfjiBlsjhHzfG6pcm0j6rbz3MZ9NnWKtwATvpn3oi2m5wZmaioehr+nhMtqsSUdfLnaZE/SevZhWDTGMsUwqkQAaHsaNxcyQ1q+dOxT/e6C+gaRq7Ux/4cPOcJeYReZHPXNb2rcr7aqbFNNB7aAgehZ+VR2weNRRg0qhxDgq6VXsXPR23UcftVCJbBFvRz8MAgxOCnDoBv5oPFqRyA7TnY+TNiAYU5XQn3N7LgibWpfQfUaPIFFSXWu2xHS2yQKWeE/0NLBQ9W93IhnlexPvCfnNILbio8S6I+n1R1lPM+YRDOZvSqdgtAsXUbWlmVMAWOh98Eo4QSEy9TE2CAHrlHeF4tf4SoPrRG+djKxTL+CpbWNsAQUNo6EbR/6jaOulvQ711Or9RaQL9pHNsnDhOdzOEM2AzRKXMyo5aOUfHiuypsr8T2pxqSj/SjS/n49l7O0hco8+BF3+3dFhUOjpVJgT+gEZnc4JupEDpY+vS0RrytXkPh/LiYkk6y0pZA1YdGMNeLG2tzLru20hdWPyENbs1FsYwtpXyj/6VZXLXpDcsm9mXIqD9STy+ajUcZbJKTpynMQFR6pI692GNu5BqwsrMtOSIcE56noA++HhASX+8wEbyy9fUJUA6RrMuX5Wof73RdftMuGY9fz4wehnRrw+Y8KWJt3vxHpaQtDSCSVXWX30HaA0Szh4336Wq/qX9RDJ/EEwt+/sm1R/0tzaskKE96rJuw79KzO89lBW1KWYE+eYeaWmTGoC1k4NzfUpQer8RNDsP5LI2a5SXmKirk2ubLuTUABa59PyWBhJcEskNQMR7cnQR9AgwK8zUl/R0UfZsLNryS8a8kpMD95zFPj/zQgbv2eWCA/km/CzsNupIWjqbsSn9m7Uq8Qh3hhfkOLLlGYDfpzZidrS3+URA3M3hOlBX8WvqaE3MEarmebhN5XCFIiEyBYvgQ2UP/8zxXkv1d/OWdnZP6wuuaXJ3i8I/mPAHpMHyGGLxLKyKFMw/K9/4RBMIr4dTPcT4lh2Uur3Gn/Mne7JYJXU/7cvEcLYyeaWcB0iSxPcaxMhmss8T1tRcU07c+hfWar7bSLAehtuFfHmsPjoZzFj7jWlyaucicKwUrjot6eVH2sDbnmTiHjHE5xmYk5+VXnUzhYpJzf+GA5bpavcZ8Tkg8nGblQIFnxwU+ciJ0Z2onZEOs/wghs7sl45BPK4z8Tz32Hkjvo2wmbrKoQz3ajF6MizX+4o+jDwUBckRuiXkAE=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:23:23,582 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:23:23,582 - INFO [Shibboleth-Audit.SSO:?] - 20220926T192323Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|id-9ef5620a15632e62530e513613940c13386e6e1f|https://probe.conformity.pro|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_97f1c4a61b445b9e4df5a6565f2c9d9b|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxE5sB7QHS2c+2USk1qsrhS6Vig4iyaYfmE0b3gk+w9QKLvgWVNKCXWoLcVRkhEm9GcNxnw9XvXhLORebLMqsgsFL6kFSXWPphkHPnEH5ZRaJd3M3ZjjQjFQ/ZbADb7Q==|_e585f2c5b2352acf18d36922a0832eb7|
2022-09-26 19:24:00,503 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:24:00,503 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:24:00,503 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:24:00,503 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost:8080/saml/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-3e2d554801f8cff5e47118e257f5e906d48c93db"
    IssueInstant="2022-09-26T19:24:00.134Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8080</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:24:00,509 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://localhost:8080' from origin source
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:24:00,509 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:24:00,509 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://localhost:8080
2022-09-26 19:24:00,510 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:24:00,510 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:24:00,510 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:24:00,510 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:24:00,510 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:24:00,510 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-3e2d554801f8cff5e47118e257f5e906d48c93db', issue instant '2022-09-26T19:24:00.134Z', entityID 'http://localhost:8080'
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=nJJRb9MwFIX%2FiuX31I6XbKm1RCqrEJUGq5rCA2%2BefUMtOXbwvQH271HTIQ0J9YFX%2B57vnmOfezRjmPRmplM8wPcZkNivMUTU54uWzznqZNCjjmYE1GR1v%2Fn4qNVKaoMImXyK%2FI1kuq6ZcqJkU%2BBst225d8UNKFfXVSPLobHDUEN1V5YNqPpuqGEtb13V2PWNe%2BbsC2T0KbZcrSRnO8QZdhHJRGq5kkoVcl2o22O51qrSUq7Km%2BorZ1tA8tHQojwRTaiFOBslQFp5J7ybxJTT4AOIs00lDuB8Bkui75842%2FxJ%2BZAiziPkHvIPb%2BHz4fEC1EKEZE04JSTdyEYueGEscrZ%2FjfvOR%2Bfjt%2Btv83wZQv3heNwX%2B6f%2ByLvlf%2FQSNrP3KY%2BGrkPOJ94VwzKqIZKnF9790%2Be9eAPvXpvwyYyw2%2B5T8PblPxZSNhE9ROJsE0L6%2BZDBELSc8gxcdJeVf%2Fet%2Bx0AAP%2F%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=jlNocj7RbnXqmHC%2BrlxaHiuIB0S4M4ln%2B62%2FkMUcA%2F4mEObY2qk%2BbhH9VRpKUrizheWhHkUzXKDM8ZPBJszrKTLN5SPNq3ZrPxfOmBOfISDR67JRUvys%2BdjoCDiZkiEy0BxsI9Irv1V7on8xrL5UO6VvL4pYF%2BB0fytCXKDcsV4GO6dOJR1crmf5R4ba69oHBp7ewkMe3ihIrwwvTy8UdxG7FObfX8mlxaFVs4gEKakgyLyYQOcr232gdexrjaDJW%2BLtrc%2FyfEw7PENvf774dFyogwx7GXd5idBPU6um%2BegiXSqLjwJpwNxC3d9mCxBRnyVmBkLz51hkGi1WXRH4r91BnUZFEgK6WcYYWFiWv6sVBXNLSnZxyChVuPtDs1qKfYD8lF6JewqiPTt%2F1nf2RyPynyjWvN4BAdKLtPZ%2FxLrzlfo0%2FbZjca6ikUvmVZ%2BCye8o2BbLySjAAXp4Mze4j34K%2FsGhoGLIVvzeeF3PQyyCprBUWAGAwx%2FtE3yuv8MsE9aB%2F8K2mw4ZqA7yqGPlgk55RA%2FahFrbjXXUbnDy%2BwSgJjcZKBF8sfGn%2F%2BynG6YNDgMP3qaBTKydSYrgNkyS8kzuBDfczRZ9xCE2s0hS64DhOa%2BsNq3UpcNXemSO6o0CFXbHsRojyUlzUcMlKn5vCsfRUplgpMIVDBF4caqIN18%3D
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=nJJRb9MwFIX%2FiuX31I6XbKm1RCqrEJUGq5rCA2%2BefUMtOXbwvQH271HTIQ0J9YFX%2B57vnmOfezRjmPRmplM8wPcZkNivMUTU54uWzznqZNCjjmYE1GR1v%2Fn4qNVKaoMImXyK%2FI1kuq6ZcqJkU%2BBst225d8UNKFfXVSPLobHDUEN1V5YNqPpuqGEtb13V2PWNe%2BbsC2T0KbZcrSRnO8QZdhHJRGq5kkoVcl2o22O51qrSUq7Km%2BorZ1tA8tHQojwRTaiFOBslQFp5J7ybxJTT4AOIs00lDuB8Bkui75842%2FxJ%2BZAiziPkHvIPb%2BHz4fEC1EKEZE04JSTdyEYueGEscrZ%2FjfvOR%2Bfjt%2Btv83wZQv3heNwX%2B6f%2ByLvlf%2FQSNrP3KY%2BGrkPOJ94VwzKqIZKnF9790%2Be9eAPvXpvwyYyw2%2B5T8PblPxZSNhE9ROJsE0L6%2BZDBELSc8gxcdJeVf%2Fet%2Bx0AAP%2F%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://localhost:8080
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://localhost:8080, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://localhost:8080' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://localhost:8080
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:24:00,511 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:24:00,512 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost:8080/saml/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:24:00,512 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:24:00,512 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:24:00,512 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:24:00,513 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:24:00,513 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:24:00,513 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:24:00,513 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:24:00,513 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://localhost:8080
2022-09-26 19:24:00,513 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:24:00,513 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes128-cbc
2022-09-26 19:24:00,513 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
2022-09-26 19:24:00,513 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:24:00,516 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:24:00.517Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 9730619adc745a68297db92ce9cbfe7b59e92194e359aa9fae816becfbb9ec27
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Primary lookup failed for session ID 9730619adc745a68297db92ce9cbfe7b59e92194e359aa9fae816becfbb9ec27
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:24:00,517 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:24:00,518 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:24:00,683 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-09-26 19:24:00,683 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:24:00,683 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:24:06,720 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:24:06,720 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:24:06,720 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@419754013::identifier=rick, context=org.apache.velocity.VelocityContext@7c2447b8]
2022-09-26 19:24:06,729 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@419754013::identifier=rick, context=org.apache.velocity.VelocityContext@7c2447b8]
2022-09-26 19:24:06,731 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92 for principal rick
2022-09-26 19:24:06,731 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:24:06,732 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:24:06,733 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:24:06,733 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:24:06,733 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:24:06,733 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:24:06,733 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:24:06,734 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@772fcdf7'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:http://localhost:8080'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:http://localhost:8080'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:http://localhost:8080'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:24:06,735 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:24:06,812 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:24:10,756 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:24:10,757 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T192410Z|http://localhost:8080|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:http://localhost:8080'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:http://localhost:8080, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695756250757}'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:http://localhost:8080'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:http://localhost:8080]' as '["rick:http://localhost:8080"]'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@772fcdf7'
2022-09-26 19:24:10,757 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:24:10,757 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:24:10,758 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:24:10,759 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _06de9e21d1c223bf876355da10955eb8
2022-09-26 19:24:10,759 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _06de9e21d1c223bf876355da10955eb8 to Response _7a750b4adbeb650b75181cedcfd0d1a6
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _06de9e21d1c223bf876355da10955eb8
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:24:10,759 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxAAt/qLXT1uTaqOTGz3Q9VsYVtJ+BCjX9fXK6MFWKGEBRBUeyVOW/zDuq7IiGZ1KfFwuW5pwVV3XqEGSHI9Y7qLNKlXo+Jwrng1ofZJ2LyGC7vN0Kd99reA== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 136.49.216.210
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-3e2d554801f8cff5e47118e257f5e906d48c93db
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://localhost:8080/saml/acs
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:24:10,760 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _06de9e21d1c223bf876355da10955eb8
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _06de9e21d1c223bf876355da10955eb8 did not already contain Conditions, one was added
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:29:10.757Z, to Assertion _06de9e21d1c223bf876355da10955eb8
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _06de9e21d1c223bf876355da10955eb8 already contained Conditions, nothing was done
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _06de9e21d1c223bf876355da10955eb8 already contained Conditions, nothing was done
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding http://localhost:8080 as an Audience of the AudienceRestriction
2022-09-26 19:24:10,761 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _06de9e21d1c223bf876355da10955eb8
2022-09-26 19:24:10,762 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party http://localhost:8080 to existing session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:24:10,762 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service http://localhost:8080 in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:24:10,762 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:24:10,762 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID http://localhost:8080 and key AAdzZWNyZXQxAAt/qLXT1uTaqOTGz3Q9VsYVtJ+BCjX9fXK6MFWKGEBRBUeyVOW/zDuq7IiGZ1KfFwuW5pwVV3XqEGSHI9Y7qLNKlXo+Jwrng1ofZJ2LyGC7vN0Kd99reA==
2022-09-26 19:24:10,762 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:24:10,762 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:24:10,762 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_06de9e21d1c223bf876355da10955eb8"
2022-09-26 19:24:10,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _06de9e21d1c223bf876355da10955eb8 and Element was [saml2:Assertion: null]
2022-09-26 19:24:10,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_06de9e21d1c223bf876355da10955eb8"
2022-09-26 19:24:10,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _06de9e21d1c223bf876355da10955eb8 and Element was [saml2:Assertion: null]
2022-09-26 19:24:10,765 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_7a750b4adbeb650b75181cedcfd0d1a6"
    InResponseTo="id-3e2d554801f8cff5e47118e257f5e906d48c93db"
    IssueInstant="2022-09-26T19:24:10.757Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_06de9e21d1c223bf876355da10955eb8"
        IssueInstant="2022-09-26T19:24:10.757Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_06de9e21d1c223bf876355da10955eb8">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>+6qYSOhcq3bbJJmm6A0plWBS3sLLnubF8Upkq1+OqDc=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>skrlWu7zgqCQLsf6Z7Ddj+vukAJO1kovM3ignnroydiTyilqcAGvTWj7tRQYJSXGqhcF9ShkA/fJo3qQfVOt2M29tQ5Tut+aliMBJooNtO96tCCd8FefEpLq/G/NiUo0hGVcwUWK/7ppCECSujSPJSlzzL3q9Cj+8WGm/qvA63XSYM3IWqwFYije1T6O8KUXvr9xkvxwGiD7QDe8h5hkHG8jPQpoK1E++fu1g8wV4Z4JRRbmISwHT9UQ5xsKcFuLdOsXMOHdeFBHlWrmiEtuB1PZ3x1+AH3YXZLiwrpJY+B3vD3YYVoEpFZCu6tLW8BZv5RDjdQv619rEVOZRiL8ug==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="http://localhost:8080" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxAAt/qLXT1uTaqOTGz3Q9VsYVtJ+BCjX9fXK6MFWKGEBRBUeyVOW/zDuq7IiGZ1KfFwuW5pwVV3XqEGSHI9Y7qLNKlXo+Jwrng1ofZJ2LyGC7vN0Kd99reA==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="136.49.216.210"
                    InResponseTo="id-3e2d554801f8cff5e47118e257f5e906d48c93db"
                    NotOnOrAfter="2022-09-26T19:29:10.760Z" Recipient="http://localhost:8080/saml/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:24:10.757Z" NotOnOrAfter="2022-09-26T19:29:10.757Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>http://localhost:8080</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:24:06.731Z" SessionIndex="_1eefdf785653b2b3d3bd482f88314b98">
            <saml2:SubjectLocality Address="136.49.216.210"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:24:10,767 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://localhost:8080/saml/acs
2022-09-26 19:24:10,767 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://localhost:8080/saml/acs
2022-09-26 19:24:10,767 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7a750b4adbeb650b75181cedcfd0d1a6"
2022-09-26 19:24:10,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7a750b4adbeb650b75181cedcfd0d1a6 and Element was [saml2p:Response: null]
2022-09-26 19:24:10,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7a750b4adbeb650b75181cedcfd0d1a6"
2022-09-26 19:24:10,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7a750b4adbeb650b75181cedcfd0d1a6 and Element was [saml2p:Response: null]
2022-09-26 19:24:10,770 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:24:10,770 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://localhost:8080/saml/acs' with encoded value 'http&#x3a;&#x2f;&#x2f;localhost&#x3a;8080&#x2f;saml&#x2f;acs'
2022-09-26 19:24:10,770 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:24:10,772 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response Destination="http://localhost:8080/saml/acs"
    ID="_7a750b4adbeb650b75181cedcfd0d1a6"
    InResponseTo="id-3e2d554801f8cff5e47118e257f5e906d48c93db"
    IssueInstant="2022-09-26T19:24:10.757Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_7a750b4adbeb650b75181cedcfd0d1a6">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>dEXF+VI1apZJzW8GUJx/tMMOZN7B/d3lmKvqzi32L74=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>NIaRNFYUeFcknZ+74fPSmfQ9qYP7scJAXOG56libu6MqiCgPbLzs8A4Kt9ExIaV7zWbgrbEpkTv0TKQDAVLhXtzx+cPsZBlloCbo3Hiub/DnVBbNhCCWDxJen48byxF8hKJegxmQAEQAJBhP0QaN3ADSAl5+U6V77qkd872VHHG+HYfG0k91n5npRrFTu0zvyxMGyc2x6ErTOUUuqFrwF3cyhl00xU5I78q0e5fSdJr4wDj1ybjEwChE6RyzM9GLpXWj2oVgdFOE8/nd8Zm/6Mk4KBNZPvV7nlpPeNcN8uf7ZhJguqqB4I8AfcJPPNP06MrtZ9L6m+3/hCFWVzNeIg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_1385bbd7f115d33aa4df78aa61d0dce0"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_38474bf50d1a1dc8a086a9be364ab275"
                    Recipient="http://localhost:8080" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIEyjCCArICCQCmxOUH7nOF3jANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDDBxvdHRvLnNlY3Vy
aXR5LnRpYmNvY2xvdWQuY29tMB4XDTIyMDkxNjIxNDkxNVoXDTIzMDkxNjIxNDkxNVowJzElMCMG
A1UEAwwcb3R0by5zZWN1cml0eS50aWJjb2Nsb3VkLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAJ8OShVn+SieAwweDp7Jj/R9c6LfzrPkcoK0UU3Eddct6bY4jzow/ZfGAKbsQ04I
sekZnER09KZXYFB/7S5XUhxBdWGh6BYfy7L3/DeH2lkG5WOupWMKHQL+9occa/+I3Yr9J+Y2Nq5z
/5+UAMq8orpkXiKAyk96QgT1NEnZRFR37IcgS0hgVmMhfks8N7NMJol+Y8mcv+AQ/oIEP7SvJE1D
kgTWlV3ARPYkVzE9SPmi12t1xfhoRVgYmqd9NYQlwm2ZkbkKYAlsmP5JZpZfInEAZZu6SuYY1E0l
Tum6cQ29xyMW/KsCSv/vy5SLC6zDkIG8+/Sv5ZVGckewwDza+CMOic2gWVyEzPkWKb+IEsfJOloy
ox2aw89D6NLaxz3CjRFPpDVwZzgLpVdM4nQt3VnLNZ6RUPKGTBkRfjXYlkWJOeyJhkQp9OytVPaE
jkHAsh0jI7zWeDdRdhXg5/3GELDhIbRLvxxypZnMmY0t/tegPmb2tJa/6ZcHQBKGFaq8PkyOL+gH
/veQl66tiwg8NyMtvcijJOA3k/SSzl9iOwnRH065SAzJttCqsCLYg06a3pPFvPEFdshFGGS6P4vT
6fSVPpEl7oa2ESQFULp2TqD5bWKeqIsVsSp2rFrb3/30niGJCs3SKcTeUNk1LFKeS4IvK/l/109e
MFx73HNxbcCTAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJjkAzq7Q5zkZ1eSr08d22OSs0H/apUk
9yEm+gZLKUTc9o/1F5DMN2N8YdjJU5fYk7VnHEyf7HMmH4SA9YEVUYnXdw/PUMrM5EcctX7/gxfI
vHn8gyZKD+hS/Pw75cOU+4rNYGr/Py6+a9IWnNMu/FwwIcudLKnfAm1CLXP4Q2+HKQmgc4mTmzE1
hkdmHF9niqyCvRLbHrVZWNR9CUdxDa/3/zZ5cfzisN/cLqLHaL42xUDyuZqjD/V0muIfeRpBu1L6
8Fi4FCIGxoIzf5uux7Hw6/+Xkgf73g8Aox+DjPEtM2+a1QY7qIPrr2Uy9iUPmcMEqyvvL7r2SaFd
d5tLK21CXeGLDnqe/MYRC9pbUikCvn932R6ly/7wb5PYff+lBYSV2BAicRHHo/L6TSWXJ/W/+PSH
OnKdNs6ioXBHyhFjDkG9qon3/l1WQoIgTMKN9Q7kYuoUY7fEF63W07xviYUgjq8x4/cAapCRj4Nv
Nt7p69hHN+6ugKjBg/+R2eOe3D7bvB708i9Zg4bo4pX3wcM8i+c5/gbZ/tyOKPUqfyTayXI/HybE
OKssPWqCVQtMu7Vpscqv0Y9cxCexgJKBS663//ru6Txan60hifz7x0iH2skYVfxEo2j0Px6kxgca
0wUryoRYDWrtJRK1luTJVocMPhO7SaiPSf96faciYCl1</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>TQslNboms8p0vAtDOusXFtPGcpuUzaCOOqSXPLHvVdw2o3pqtLF0TGvlR9yqvrCp9ocfSOPfUmLNaq1GkqmvubRqEs6z1sYbswpjtkwxyCgJrUZWnX305lDQeyQtiuBw0XKgzKrNv1m4Cd3gU4RfBUj3MiqNsHK5SYSXudRAdt0mOd4906xqaKYLSHGSmB24M95OOk1G71iCXFRsgS1inljLoekTWwv5iFsg1y0DP9UAnV9NBWitks2AIfNOZq+KbfBBdt/i28otlLYVu5Hj+973V3GBaOzoHYqCh6KTOQP72xLV50oSv9oY05lrO0BhFZiyCttM4X6MMpvFw5lx+T4Y67GsQb5BMzNQ7w7egAdX/odXolmv031TJyWffTy9s01hYItKi78aIMjDSIYlXpeOhepFHzlTAIoMcTqe77aCd2O7RvtzNOBQ+QKLHjx3xfclbA3CtGJYlWVnW4si09VXp0+fBr+jE/+6TH6RoO2niKSVQrLspB0OGHSHMf42gbugFulgSH3NNIma2nzK/rFu8InoOQ9lj+EGLuYuUZNwkH67Z6b6ThVyd8wjwwF7J7lKDgiGNuGarOVTJUz2uHef38fcVpOBkZfV2g4V5U+PmFrOSVasUoaMX1+ph77uIm8EbvkO9KvI1vnt0Rn2uG0WG3BdXRiGJlTKIv9AdbY=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>yjHZB27653HWUmpKHwD4PHNh89c09g8v8Nw34Yhl4y8FnvFJjwB62lXCe9DetFDbSwyN2wh59e3u6bI4QSWcdmG51rg+SWdOHaWJCpSONaEOe7gysm12f8nTqRtH2TAZJgH+YtufsYc5k0XmbjDyjRLNcmbUzzS01oM7N8MJ54+CeY4aHlYfdGj2SqFU2PM1kjYMf35jUW+PrklppZbVNkE8cJMn405dzbcW319nmghiGEFUpOOExdPxVo8F5o9F/zJJhBckuqqdHN7FiLmNpUlLSaGmuBHl404lBHKziZjFOlu4UESeMmk0f1wnoFUFAxPFDrbsZTVHeSSKXizBjwSXqfDMN3tTfdClr80rHhjwLRsGJX+rZ/jijnSNWadFkNdpo/rlYDYr3N3IDen6ujgsY94hpu94ydjTZM/jfw2BH1gwVLd4UOLhBk75ON/JoPc3HLUj0rkuLNYoaaRVQGJ6qZrvzx/eVlB7pUW3E3Tze3LCKINdK6NOUnspG8G2K2QKL8aBHJtlNzlkvwaVcEDg70hCTkrKGtbrPegB6TMxzxNpR7g2izwkGs11/LtktPaRRpGP6EdUjOZKFVxaXW/M4OHCy5Yj6qvctlrBbnR/c++IQrOTFPhBxXCLw6dGDXVqCAi0QObibX7C26Ju3uVUzxcoq0STw2RJqvuOZDXHGh6MXFcJ6C2lg9G4xBrUPxsLbg4Xhyahk7f1b4MVs/k5RWNGm/VB1bRf002xv6r0gAPPrX6adTQ3ysvcIJtyRgekIPe0Li+Fb/UlIGTMP3+PKV8Wegw2F78CndmfV3tdSW9kEi8ZRI+/j4FeEo2443h+qwJX58r/y76WEluqO9reRq8eDlfTMH5Y8pRmzAsqVcDMX7JM96C8B1YaK+JXjhdhMODRrlpcJZlvRsTWAtBShQX3AkMsyxD0WQ/ExdzOxMZNZkqETrYiEbsRzg/m4eV43w1VAA6p4fe/0MbA4do1QIN8wBdG+mP/rkDZVhU7KetlmhqZ7RCFl4INQj568lfAXTgCgNDQqy1K+aJ18fVtsw8qD14/wXjjapG+URr4OLoidiyRgaYpfDvNTdMnqjdpcwVRwkk8XbNUl5Htcom38Ta6QucytlkIaANpTsS/rJDvSpDEb985iXhsJv5/vPXnEZxqaS6tNinXCkS96mm8MPNXiIF5Q1Vswi4Rs/MjEMgFmichluc89v9OjB12bjAesimrh7yMt8cwFUzkrxbsvH57oyDR0/a36q04CrDKYLB1BYd7Feq+w0G/USRlBYr8OTGaPm8xGoqNmF7eK18M4LZbCYoDjN5m8obheEsrhZHml4p5JXlfJMUmeO0WENUCwz9GFFGt3ld/zfA1fxDNYHQ7GiAoQUQot2Cdo2n447b8wkI5IHe873WUvJ6bxFaALtGpbZZbNHLzFkG6QkKiMXaxp0HD76ppAZaRwnx6ONfD2f2y4ahwucwDr6ztgTSCmIh5TYjq1w8lQ8YzpxQjJTh9QAUTMhE/oA0b18+SanxO8sj6Y3J3oDGbm82+O0WyKrUMk95Q88e7KfZifpwLj6V5PgY9bkK3rli7jb6Nud5/h+R8Zc4iB/uFMt0kFuTeqgksnVnDROdYKfDQqo7ApCT8MAkVNfxkflqkgEtpqGqWpgq68J7/T4eOZ3lQBv8xiDcsGEsLkKLSoexvsGjdaizMC7E68USBG8/GmSO0VmrtBZ7ak0G8K///eY9vwQEgpSLFeaTTi7w2INtP63Lgpiz0tKzKyLTsnC2didgZ4Ta6bIdC3VtY9rzX48aKNU4g6O0SPJEckT5z1dU1T/PkKpRtG+PBA2r6sYuAGkECxe5E4vHRD2iXLNoTpn6QaHNm57tMzO1SQkGT0bFI4EpBmgfihxkZNVWS4t2ig8I5VosNuwSAgjtUCJ5H0pc7Nqc0qqRCpo7O6v5nmXq7AGBh81x5o7pij3CKuCa/qYFcAWt0Oz/j5PgXpKeZsR4LaYIUsguIRJ5yJAGKciE9ytccoFBz8Bz4VbVSExRlvjQN+7SDv1oD2797a+64TnfrC00IZRS4PGPRvjMwTI/P17i6Um2tYKVgTLzjeHfh0Nf1yky0RzFGeqbE5QisynLNA/R2N3Y611PxPipuSOGmRpB6CgtCJXKiJ/McR05PYn4l4KmoAchNO6MwUYiPXaSUwg8ppmEReTJdq8t8bkqXtuFf3OqsBYWQlnXWVQMmzg1oOM9itwblCfv9OmI1qCkxNcs5oxVpOOuoRJgRZ26APQkdSlPgUvd9OZdegJkHrcnFI7vOV0Py/yF3xR83GGZpFZO+zu7RU83+afoimKG8GPCP7KrKIJLSiXZ8fKRS7Ejn/IYlNeyCec00V5Nk/edy7Ctbycjm/wDS9F3nJIxXz/004q7WAJq4/nZ2mpMCwvfePp9JsGqDztdTTgovbV6Zzfxs3xhl8lYlNudbrHxOI1QdGLBOdZ0cfjNYMqIVRGUagIbKoOOHbXNWeBy+LF77pXEVvcg5EJxfJfkmHmJc/fJTMUbWwjWbxopB5Rn+vMpTsPvzSfDUDVOZuoy8vis2fFn5EjHDWAyPSriXgyIqJXJP0xj8THWIeZP7coMYOjUy4WvB4X41bFY+/Ye8GkZwBktJhMMt9Y+d4Z6hLrRA5BoipM/N9fkI02xUlpCeUMebZgBO7lAjpqAB0FpTA6nfO/lvI9O2Y+Z5Oxz7gTw8T3UPfchvZ9gpcnzQHOIAgvzhnLc8gWw6OLhXJmQe3xzHPwK5MtEinxKbgV4KMGOec5cs2A2BmI7EJgm0RQG9nz8Zz+VSf91PEZQX06GlS8gmNC9sgPsFl7Xrjpg00SgWd2fqtRES2urdPcTwv9Gzpo7sujiZCysN/Cwal3DRVrbPdHZOLv8FNmF8rE2uBogHwBm9tLTCA0MxUqA5OanvUh+L4i6M4N7yplULF0WvI0NwvHz3vHFKoy+KEBrYFKX6NU1U18vGa8ukQKMfb45ZfI7PqItVuZT0sdIXtNJ1UkU6aOJOIIYwl4b+AGg0I0m0Xcl7Ng3SFKkZVGa5oKyUY2wI2y3OvblxjNJ/IeOfk4CgHStq8TXNqPLyo0R13ZpDbxScDrvUNyDMRXcWaEOmkKoJ9gqJN0fxTbszHM/i16i0UKf56LzHyEDdTus7/Ms8jX1sxsWK64Pt/b0uk5ZRCw3pzqBb9KvEKh/wureXuyie/zZNGHViR5bs2fbJOJQkckfwZQ5nEBA51fjUmQlm0led/GlINiSXl00AA/+HLpS5OxvVbtNs/nsMq/B1Be8qjg57dkStjrZQyQ5lQG7QxT/SXpPdnRaeBPqt/liXS8SyN2+FiRDl9bXcfaKxaKOsDbzKeOJQtX8VFk58PlFKpfb1Ba7ou0ZVT7IfDPck2xY6AfcekF1OSPZnBAzUaQBfHHCmqc/NFSSSPqaMnHKA+tcDlXEhcxuq7o1Hw39bNwPqRz4/ICqXN6wonA0uCh3nAx7XO1t42GjFrW7leXhOKEWaW3Cget2JjCSerrFfgowBm8YcwETXMWpudC8gOsRse83eIAkXNmpr7wKhrmbQXLQyMNtua9VnRvC8EQiP5/4/M9Rb6CeUK9iIMWJrCuRRi4EjNwtuliIyxshZk0S5g02tOV1JnhMgh27ZUSzlZiy0l5J6xM16RKp1OIwBEfMC12UjdtzZNSa4gN4OMkdtT658xup7d74hq44G3SU65fSWCunu62dWP4xcDCZ4i4y8Dy0aSr4tSVoRYFvBhSQpOBJTJ1r5dd/3jdidl4tDIbCu0wgNmK1IU0//e694gmA24u/0fXnaASzrOygwA7tyBX2B2s2/eLgWjTCn7bHaPG6vQrhZ2v7JA3c+ZJ85JpydBmnvsb0lSXTqCTgb+BAGrs9n3LwskZ5odIAfFCdSs3r+rJ7HH9NUoDGFfEIsBCgKvAJgREaNaolAlcuLbjOCh6kIBa1vwuOUHuVt/sU/HQ1aFj5FUeOENRz548e6cbNYzz6bLqOsewle2EiB64jqC2NQ3ZxNHbz3cskub7Sx8rYK8x6SzA5MvUXgzLGFflDXgMBzPMWDTSRwHGmrPILGxM/Ws98tA56hCaKjsITTbuJ77GyQBADmflkEJ+81m+GiwPeSd+mthTf5y+pZ+keem5Th7HPnh8CgHj06u+3OSww1l6WPSSpjRYO8xxSBYWbojuCDIqynm81NYaOE98p4O4EvfWIZ22xJvrHxDP2X7KpmDNrMIpHNgzYZ7qB0h2k8F8j7Ar3lHOUp0qVjEs8oIPAOzjuilzjsWraTbp7uHd5ySsWk2olMS7FQc3SktB43Jst2O8AugMfDtslmTVrKOf6cEk3Is4chIcfebZUh+SFF6cmPEv8kqy8DO4niUC7DQMxJsA2pTloFsYaNfEUaglZ+cXHBQBqkofe+yvM3TjYWYeT4pvWPi77HlsqOvWbH3eN6LQdlseWgEzn3yoIpPOuk4M42Zk/C9biO3PdsD/Z/L84H20sy2lPbC/9ID36L9B4M6FPOqSQgHT/SQ4g7X7p5yyDeBtdDgfvfcPZjWSpqHuBOHAd0+fK5m2z3HhC2/dA320QelqUiVgetRS+W624yspDvWNQSpmGgX5FEhZdDuw1TxYo4hV6+DQ2jT+IwvtTG+U3MO3+g76xAwQ8eGIicq6u9PlZmDaF2Ffvl28hkHUJ9tQTGxzOb3ozRc6vwe3APvkj7yMNffoE8T422eyP3FDgw4COJfD9U415VGelPy0fI45O6IodjlV7W6j3Ht4VFcKPCDmZue9ngl+z+k327MYroiF8zuQxjSOVhX/wLyFghaYrkM4KY2jWMjZUP+jKQEqRjlgFIWsOWjnE7AGVxTMmn5IQqmjaqyhmZeTvBrwu4uKiGc0cqspI2zL1GR1LH0/SeHsWfVnBo+HeB91SZP6Z5R43kGr863zemBlj21GHbzOlnWkWqnoNJysWnpEcdwgGeT4kxAXEB7VqQO5TumRGnaRfQqfnGnrP738Iql+3Pba1LxSCmsPY+kuIlmLRoel+dUkg8VmSRck1/BX0YLmtzfIdjGjyZkb/F8pH7WDFT6RnYqXP8+3zfKKdXSEtnEV34iZ6ncZMdtXRlbpNGewZF7qnJzfJb0H+1hoCw+XB9IXjn0bbOVW9uYMuLB/6XkszqPAKUeeF3Gy55G8yXhIWX/g6sgPwXc5suEIMubHpMoDRzWwSJUZVKxD9OOGBt0mxavWDi2noAZJpBFaG+anflF/G6TnAlyPnBtIvuPbl0fmCU3O3UKyzkMGklFURbxs3nIwcqJt980f335QwiApkUFgw1R8faUeNVULUDI5kRZHlEAHP0dyjfGgYPVwyzinfVboM90lWWArYUy5h/TwdLOdsTTqUeoG5U+Q0rr+WbGq4ekWWYvG+xW+j++y09z88ybqWEmClXGDJBkvSkaOUtmJbPGy76OKmwEXlY/L2cfgzzmLaWsQPQtdha3oL1Jyx3xlknXeGqZlW6rSF11nTUh2MgY9sVXpGrELbJnvIVKsQVNN4qkP8msUm6iSbyV3uY+oALnr0gC54Vw5HmF2+GzUkic1fJ/OfspgQdmhCKea7+iayts1G9Thf+2Vfsw4QQ/HF+XHZyRvZQBdcCFVnBxJ4PlRUeOzlsYRjLbaxXGgEW26wFfz9pIfYzwO4KxDkCBMsGFrfnQaAOsywr+H1M9EFUS9d+lxbgiY3mmPfffDFwkBqck5zOpx/PrAJbT8MfwHjDDMUR8miQkAJhk6QETn2YrkoZ+NpqEQmd3JyeZwMnDvZs4XRhPxVCSEapRVs8qKrF8HcY1ex1bbLYzkkXEl6JgiNw+3kEalGYz2nlWsoG7oQWifpb9eYYDRaUjWunRqvcjDlzukyYTQ0vhxixChYB4gmVMIHoBEG8olDpOG4PJ6Nbd1GjjRL53/J4ujTC+MqXdxrBudBC0TPEge7h8glBy8KGHdGuwocE/jMw7zTMXlnzb4ZvHvtWcnXeLpwIe/lebxEG+pgto3RFF4gp8rN2mDp98ASxw3d4Jz31Tyiu+ilRWI7faG5/1fEw7AX+8Sb/hId0T6dokZdw5YCm7Km8yyvNobK8/YEDEN9TF+hYeo8IVg8oU1EdmA+Ii54Arpl2aBHQHHftVDSL+IEgYVZJ5Ntpi1saj3ZHZ/1har5mGIglYNWbYODGQbyPYatOaQErUaRn8jOMev409BTy67qu64HNUJUV7/gJGUIKMCCkga56dMUKkjh7tVLq9aHO1uBedegNPFloBFLTlGdutGGCMF8+oCB3/+tVCMLyzSfzgWeRD3WJblXmBzym2yAgLoGpijApWAfJRZ/88bto8I1t9+nZKkL4vVyamrawKhUXeeXA4XvTe8Ch0lGaZGTM1Am218CvzwZz9hMU7j4LLkM2OyoiwuDAcEPZmfPkl7uzoNuq4lzZ6cn30YyEKdh2nsrUr+RBV/V9CMO6SktDYjNV8sdx0Kwlz7SdrN6VM9ncsGZB/EE6S7GgDMMg7kO0LyI0DxLvMiQeqq1HHq3+HpLUphd9EsxRkc4nazsm4bz8NIs4TXGd7cq9TPhWwoFSj7sPsxuYjuso60tix3mwkPfCq97FisiVCDab3b2yifB9nA/xOv04lSly0WcQZzAehf9nOMNoSrjTrCDCfdk9/3id3hlnUlJgAZE2YghSon2DuEJ3g4wrlDyE0H/+jZdn97SOKL7ud5Y8fLu/hBUDnQjh3/ZZ7cURCq0OZnwLtQmd9gEleiLFHdT4FeVCtecedV+Ra7xheU+8TGX+UdidwJTkWMM9C/wBoLaVS8BNKRlRIKKxBi7mt3Gak+7lHxkvFdwHtXYG8Zfpvw4ZIU64ocgFDS+MTClI6VBXgRVs4E43EG2offGPoWXfjYTuXKsuV40t1l5NgCmUYerpSpCFEF/S91CB6QJ0Tq1ampHr2ARrSfi028emUR5Qg7wbLhs6dYxAuvnGYW6J+OI31R76Nz3XiOlnBiyZKAN01F6RUP7W5fXxCq5464krQTyHMxkMOGLs/+Yy1mw3Dj2vKrLd8ly9C/5EkokbUWw4m1LiAfoyhWFgvyiP+U5hnltyVM0RdXRQyzyTve9NkgpZ7cIQ4WHFuxZ/B54QIlzsaDZyjRm7prW6T8LeAEVUif1kQYAOvbxDKYsOalJTmsb3+T7PDkd50zNvpLVoy0xBiIH5QKiUQ1hhUYX5JhbxVMlz1MeFQY6e0mg9CsEIurJU9PkQUThNarRFD5WRwfDAiO/qLzU8tPaqz7ygZGrGnG92unBdDwtHC8w+sy4kHCdBOgjUGADlNKn6umBfHHBw0WnpOa9sWDQkfyDeOAZ2I30VxXmeH9s3NVbUzDKWOqttbAljUHLkuCETmuQvv6OoJHm1Fnvfmrwzu9HFvleiH1f2GolcI+zd2mqeW9CM0bnMnutX8FDgAWB5iEH4pZ/5FfYTkcbPfbszLS/GhG/gOt6HN1ouhfvhykPzQkX26yP9gd/zBKV9g43dfYhdMBjg70u1UoRncimpcSZY6/UgZOVs7jIr6RJHQ59AzhTho1Zqi5sSI8POHsZ57HGKoC4JbtWaRiP3pGN2Vpufzpc74CKy/ysKkqP3qGorVJk/QHKlg6RHVmdAgY5AuSd60ubzvHG8B9Ez9ldPekhrjCZzSf7vyU8fLD8Hz42LI+5DpYThkuj161FWlYcBrrh1y/WGjgCNSz39HvTIgaL0kRqbTeeMgZEGBjGZte2+lueLAIRr7EDG047QHnQ0fDY1ZUt+IHu6ysrBmQY5z4q2VBuOqgGuLkiBy/2pc+YgtlwNNSNNCIP5WDC63b/ijRT/UnzoGBfenMY2pnPc8id7rZjV4/SRAiCR3lKeG5qfVoMe4uWHrIiEahH9MVcyyIjw1XFh7zxzVf2UrxZUpcwLT4OJcLvqACxPJBlPwRSRXQ4vyk673BPs+TGCk4YxFJdhmc8QmJwNxvQdbovnl/X9xyOPohLnPylzmMu8yAskKMgFdQomsjIVxIADMHzQesW3r/H6Z+5WbSmfxYd5upgFXEkSatxTLEDgizpALYD+IXAubsp3oeCUZMbl7SPuuC5SzSPuTtNJJEipwqwZ01SFAfm4T3LE2iSEhwzeK0nXIBOyeW1nyiRuXb5vfb0qQQCgM6r1i8wg3nle4pq+9MSpFGFSp/soQM3S3hLTULRlTPmcIfWUzuNOxh9LX2mba4sl8kQ1kTOpeCZa+roAcppf/X08yKn2OScuMa/6jfqQezbE8xQ=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:24:10,772 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:24:10,772 - INFO [Shibboleth-Audit.SSO:?] - 20220926T192410Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|id-3e2d554801f8cff5e47118e257f5e906d48c93db|http://localhost:8080|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_7a750b4adbeb650b75181cedcfd0d1a6|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxAAt/qLXT1uTaqOTGz3Q9VsYVtJ+BCjX9fXK6MFWKGEBRBUeyVOW/zDuq7IiGZ1KfFwuW5pwVV3XqEGSHI9Y7qLNKlXo+Jwrng1ofZJ2LyGC7vN0Kd99reA==|_06de9e21d1c223bf876355da10955eb8|
2022-09-26 19:24:30,440 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:24:30,440 - ERROR [org.opensaml.profile.action.impl.DecodeMessage:?] - Profile Action DecodeMessage: Unable to decode incoming request
org.opensaml.messaging.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message
	at org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder.doDecode(HTTPRedirectDeflateDecoder.java:108)
2022-09-26 19:24:30,441 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: UnableToDecode
2022-09-26 19:24:30,441 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-09-26 19:24:31,611 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:24:31,611 - ERROR [org.opensaml.profile.action.impl.DecodeMessage:?] - Profile Action DecodeMessage: Unable to decode incoming request
org.opensaml.messaging.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message
	at org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder.doDecode(HTTPRedirectDeflateDecoder.java:108)
2022-09-26 19:24:31,612 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: UnableToDecode
2022-09-26 19:24:31,612 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-09-26 19:24:32,782 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:24:32,782 - ERROR [org.opensaml.profile.action.impl.DecodeMessage:?] - Profile Action DecodeMessage: Unable to decode incoming request
org.opensaml.messaging.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message
	at org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder.doDecode(HTTPRedirectDeflateDecoder.java:108)
2022-09-26 19:24:32,783 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: UnableToDecode
2022-09-26 19:24:32,783 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-09-26 19:28:04,551 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: https://leehealth.onservicemd.net/ssologin?stat-running&d=2FC73051-D2BB-4D2F-B887-49835844104D
2022-09-26 19:28:04,551 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:28:04,551 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:28:04,551 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_49322837c18ad04e88d67c360158a9a0fbf51e73b2"
    IssueInstant="2022-09-26T19:28:03Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:28:04,558 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp' from origin source
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:28:04,558 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:28:04,558 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:28:04,559 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:04,559 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:28:04,559 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:04,559 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:04,559 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:28:04,559 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_49322837c18ad04e88d67c360158a9a0fbf51e73b2', issue instant '2022-09-26T19:28:03.000Z', entityID 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp'
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=pZJNb9swDIb%2FiqG7LUduE0dIAmQNigbo1iDOdthlUCxmFiBLnkjv499Ptru2A4ZcdhJA8uX7kOIKVWs7ue2pcUf41gNS8rO1DuWYWLM%2BOOkVGpROtYCSallt3z9KkeWyC5587S17I7muUIgQyHjHkv1uzb7cLAshymJRz0ql8xsoSz1f1MU8n92Waqnyy%2FlyO4NFcRYs%2BQQBo3LNYqMoR%2Bxh75CUoxjKhUjzZSrmp9lSilLmxWeW7OI0xikaVQ1Rh5LzAZJiIjOaG93xOMTFWOADo%2BBH0CZATbyqnliy%2FYN75x32LYQKwndTw8fj42tDC9CAstRksWjKtzpzQBxN21kYDHnrdW8h65puBOA4vSJVNY7Rly4DW4odSw7P231nnDbu6%2FXFnqcilA%2Bn0yE9PFUntlkNDnJcVNj8L20LpLQi9U%2FYFX9rtZpu6kOE3O8O3pr6V3LvQ6vo%2BgxDxOj0MpZKCsqhAUfxG6z1P%2B4CKII1o9AD45vJ8u%2FL3fwG&RelayState=https%3A%2F%2Fleehealth.onservicemd.net%2Fssologin%3Fstat-running%26d%3D2FC73051-D2BB-4D2F-B887-49835844104D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=ArojoypgAFfxtaArYjBFPYwKOcV%2FN%2BAITCCYtEeMD1nvMQDbrngnq6pWCLH%2BrP1xTpAD8JuyKZXilP5i6S0bqNCIJS2nTQngan6ZahWqxqnmuPCe9bbmIEbpqol%2BEd%2FEDLLtYKfku0cF18o7%2BRvWqJwWOKg9JqKt929mpahLxZXofqd8qhIlOciFV%2BBjxNZTCI96yEtAX6upRC7pAmAx8V2pwYsGxSwz0uzd4izglF3u22%2BVEzIrORUmjzSuAxMW6Xp5xuRNc39noEwp6yb%2Bv%2BQKVVD5A4%2FGBG9%2BOrBmI39SSIkGcuz%2BKocSMLCLnc3IzzoU8X2YYOelYFtTV%2Fx3VazktDn6qGo7LVMyCEMUmz7qq0iVnQk5FZRRKrLF9mdUuW3w2blj5BpGbYscOKAia7EKBj5CJp4NvrQCm5QbrkFB441PO1jSRZieDOspFRagxFGpD5DwADTxaX1XCTTn8PGX9iRoDCl0dduAVa9d8mFZxYSj1Zf0XnJ5jnPaWHhf
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=pZJNb9swDIb%2FiqG7LUduE0dIAmQNigbo1iDOdthlUCxmFiBLnkjv499Ptru2A4ZcdhJA8uX7kOIKVWs7ue2pcUf41gNS8rO1DuWYWLM%2BOOkVGpROtYCSallt3z9KkeWyC5587S17I7muUIgQyHjHkv1uzb7cLAshymJRz0ql8xsoSz1f1MU8n92Waqnyy%2FlyO4NFcRYs%2BQQBo3LNYqMoR%2Bxh75CUoxjKhUjzZSrmp9lSilLmxWeW7OI0xikaVQ1Rh5LzAZJiIjOaG93xOMTFWOADo%2BBH0CZATbyqnliy%2FYN75x32LYQKwndTw8fj42tDC9CAstRksWjKtzpzQBxN21kYDHnrdW8h65puBOA4vSJVNY7Rly4DW4odSw7P231nnDbu6%2FXFnqcilA%2Bn0yE9PFUntlkNDnJcVNj8L20LpLQi9U%2FYFX9rtZpu6kOE3O8O3pr6V3LvQ6vo%2BgxDxOj0MpZKCsqhAUfxG6z1P%2B4CKII1o9AD45vJ8u%2FL3fwG&RelayState=https%3A%2F%2Fleehealth.onservicemd.net%2Fssologin%3Fstat-running%26d%3D2FC73051-D2BB-4D2F-B887-49835844104D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:28:04,560 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:28:04,561 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:28:04,561 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:28:04,561 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:04,561 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:28:04,561 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:28:04,561 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:28:04,561 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:28:04,561 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:28:04,562 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:28:04,562 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:28:04,570 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:28:04,574 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:28:04.574Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:28:04,576 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:28:04,576 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:28:04,576 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:28:04,576 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:28:04,578 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:28:04,801 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'leehealth.onservicemd.net'
2022-09-26 19:28:04,801 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:04,801 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:28:22,512 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:28:22,512 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:28:22,512 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@952939606::identifier=rick, context=org.apache.velocity.VelocityContext@52ec55b]
2022-09-26 19:28:22,525 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@952939606::identifier=rick, context=org.apache.velocity.VelocityContext@52ec55b]
2022-09-26 19:28:22,526 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:28:22,526 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:28:22,526 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:28:22,526 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:28:22,526 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:28:22,526 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:28:22,527 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:28:22,527 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 7444d6e3b72684869db75decc88821fe676796c9082ef8f52ffeb42cd594f313 for principal rick
2022-09-26 19:28:22,527 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 7444d6e3b72684869db75decc88821fe676796c9082ef8f52ffeb42cd594f313
2022-09-26 19:28:22,528 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:28:22,529 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:28:22,530 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:22,530 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:28:22,530 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1a1a406e'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:28:22,531 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'leehealth.onservicemd.net'
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:22,644 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:28:35,683 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:22ebdf5e8e5c96da0cbf3ccbcf1f1820158c2a8466f7d61f1eee24801579165a
2022-09-26 19:28:35,683 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:28:35,684 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:28:35,684 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://serviceprovider.opentech.it/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_b4440c6100a376e3c6b67d526e66fc41"
    IssueInstant="2022-09-26T19:28:35Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://serviceprovider.opentech.it/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:28:35,692 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://serviceprovider.opentech.it/shibboleth' from origin source
2022-09-26 19:28:35,692 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:35,692 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:35,692 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:35,692 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:35,692 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:28:35,693 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:28:35,693 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:28:35,693 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://serviceprovider.opentech.it/shibboleth
2022-09-26 19:28:35,694 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_b4440c6100a376e3c6b67d526e66fc41', issue instant '2022-09-26T19:28:35.000Z', entityID 'https://serviceprovider.opentech.it/shibboleth'
2022-09-26 19:28:35,694 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://serviceprovider.opentech.it/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:28:35,695 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:35,695 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:28:35,695 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:28:35,695 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:28:35,695 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:28:35,695 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://serviceprovider.opentech.it/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:28:35,696 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:28:35,696 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:28:35,696 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:28:35,696 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:28:35,696 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:28:35,696 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:28:35,696 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:28:35,696 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:28:35,697 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:28:35,697 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:28:35,697 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:28:35,697 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:28:35,697 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://serviceprovider.opentech.it/shibboleth
2022-09-26 19:28:35,697 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:28:35,697 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:28:35,697 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:28:35,697 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:28:35,701 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:28:35,702 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:28:35.702Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:28:35,702 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:28:35,703 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:28:35,735 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'serviceprovider.opentech.it'
2022-09-26 19:28:35,735 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:35,736 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:28:37,802 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:28:37,802 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:28:37,802 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T192837Z|https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:28:37,802 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1a1a406e'
2022-09-26 19:28:37,802 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:37,802 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:28:37,809 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:28:37,810 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:28:37,810 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5
2022-09-26 19:28:37,810 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5 to Response _e18ed2829e8556386f1a593af7e3252e
2022-09-26 19:28:37,810 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:28:37,812 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxT/gtdmtY0n0BdQE0bPE0WljZ2avbGRYBbOk1jfL3dAHyBUTS0n2BHac64GA3Iw4rbcfXydKgHqCn0vg/Ytjm1JDt+vhdogRPy5Jtlr0jnVCQu6zBNi3lvr7ROHjE4iCTzdO3M1ZsXCsgk/hfpjs5bB1anUcccHX9LQkqDPRzYnpGntC0LLevesMepIu3Wg== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 47.213.152.74
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _49322837c18ad04e88d67c360158a9a0fbf51e73b2
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5 did not already contain Conditions, one was added
2022-09-26 19:28:37,813 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:33:37.802Z, to Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5 already contained Conditions, nothing was done
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5 already contained Conditions, nothing was done
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp as an Audience of the AudienceRestriction
2022-09-26 19:28:37,814 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _6ffdbf4cb0ed2cd5c40bd5e0f0f781e5
2022-09-26 19:28:37,815 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp to existing session 7444d6e3b72684869db75decc88821fe676796c9082ef8f52ffeb42cd594f313
2022-09-26 19:28:37,815 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp in session 7444d6e3b72684869db75decc88821fe676796c9082ef8f52ffeb42cd594f313
2022-09-26 19:28:37,815 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:28:37,816 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp and key AAdzZWNyZXQxT/gtdmtY0n0BdQE0bPE0WljZ2avbGRYBbOk1jfL3dAHyBUTS0n2BHac64GA3Iw4rbcfXydKgHqCn0vg/Ytjm1JDt+vhdogRPy5Jtlr0jnVCQu6zBNi3lvr7ROHjE4iCTzdO3M1ZsXCsgk/hfpjs5bB1anUcccHX9LQkqDPRzYnpGntC0LLevesMepIu3Wg==
2022-09-26 19:28:37,816 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:28:37,816 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:28:37,816 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:28:37,817 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_e18ed2829e8556386f1a593af7e3252e"
    InResponseTo="_49322837c18ad04e88d67c360158a9a0fbf51e73b2"
    IssueInstant="2022-09-26T19:28:37.802Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_6ffdbf4cb0ed2cd5c40bd5e0f0f781e5"
        IssueInstant="2022-09-26T19:28:37.802Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxT/gtdmtY0n0BdQE0bPE0WljZ2avbGRYBbOk1jfL3dAHyBUTS0n2BHac64GA3Iw4rbcfXydKgHqCn0vg/Ytjm1JDt+vhdogRPy5Jtlr0jnVCQu6zBNi3lvr7ROHjE4iCTzdO3M1ZsXCsgk/hfpjs5bB1anUcccHX9LQkqDPRzYnpGntC0LLevesMepIu3Wg==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="47.213.152.74"
                    InResponseTo="_49322837c18ad04e88d67c360158a9a0fbf51e73b2"
                    NotOnOrAfter="2022-09-26T19:33:37.813Z" Recipient="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:28:37.802Z" NotOnOrAfter="2022-09-26T19:33:37.802Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:28:22.526Z" SessionIndex="_a5167191289ae49d08fb35f5ee8723ed">
            <saml2:SubjectLocality Address="47.213.152.74"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:28:37,818 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp
2022-09-26 19:28:37,818 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp
2022-09-26 19:28:37,818 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e18ed2829e8556386f1a593af7e3252e"
2022-09-26 19:28:37,818 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e18ed2829e8556386f1a593af7e3252e and Element was [saml2p:Response: null]
2022-09-26 19:28:37,818 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e18ed2829e8556386f1a593af7e3252e"
2022-09-26 19:28:37,818 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e18ed2829e8556386f1a593af7e3252e and Element was [saml2p:Response: null]
2022-09-26 19:28:37,820 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:28:37,820 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp' with encoded value 'https&#x3a;&#x2f;&#x2f;leehealth.onservicemd.net&#x2f;simplesaml&#x2f;module.php&#x2f;saml&#x2f;sp&#x2f;saml2-acs.php&#x2f;leehealthtest-sp'
2022-09-26 19:28:37,820 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:28:37,821 - WARN [org.opensaml.saml.common.binding.SAMLBindingSupport:?] - Relay state exceeds 80 bytes: https://leehealth.onservicemd.net/ssologin?stat-running&d=2FC73051-D2BB-4D2F-B887-49835844104D
2022-09-26 19:28:37,821 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'https://leehealth.onservicemd.net/ssologin?stat-running&d=2FC73051-D2BB-4D2F-B887-49835844104D', encoded as 'https&#x3a;&#x2f;&#x2f;leehealth.onservicemd.net&#x2f;ssologin&#x3f;stat-running&amp;d&#x3d;2FC73051-D2BB-4D2F-B887-49835844104D'
2022-09-26 19:28:37,823 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/saml2-acs.php/leehealthtest-sp"
    ID="_e18ed2829e8556386f1a593af7e3252e"
    InResponseTo="_49322837c18ad04e88d67c360158a9a0fbf51e73b2"
    IssueInstant="2022-09-26T19:28:37.802Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_e18ed2829e8556386f1a593af7e3252e">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>y0Vr2qNucSpmgzy0dGtiXWgSVa+V+HoeSYUTHnlkJfc=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>f2hLVyM0YqrnWTYPnXPQ3guwMCpjlkIUsm+uH+SKHDTqPQx3wbdZjVyAG91p0v1MpUVBaieOCr/cBs4cevXv6cAcbe8Ks+VpWzUB0t6xCCXZM43Y8g9KZ0ZStzjl9V6jvOSO0aegexrPGAqmkt7wXNp2qNC6s/H0UvK/E1PlfwM6giaq64ZWVL8FPcgaUdEyfOZYR/dLG+oHzqzEur/O0hcxyBOU8GSFrInMk4Dq77526k27ywY6lsmmriqK71LjKcdWpnqW4E62at5meL3yKaDWQfLoFq/6osX3j9M9rCxmYY9wHmFHaWui+7PXtvsBS7I/7Als+SQkq8yrJJFjwQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_9c88fecb4985dbcc5df0fea8170de224"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_cf50a72896811daa5255648e38cf52cd"
                    Recipient="https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIFCzCCA3OgAwIBAgIJAN8bGC2m0rNpMA0GCSqGSIb3DQEBCwUAMIGbMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHRmxvcmlkYTEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MSEwHwYDVQQKDBhPblNlcnZp
Y2UgU29sdXRpb25zLCBMTEMxDDAKBgNVBAsMA0RldjENMAsGA1UEAwwET1NNRDEjMCEGCSqGSIb3
DQEJARYUdGhvbUBvbnNlcnZpY2VtZC5jb20wHhcNMjIwNjI1MDM1MDM4WhcNMzIwNjI0MDM1MDM4
WjCBmzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExFTATBgNVBAcMDERlZmF1bHQgQ2l0
eTEhMB8GA1UECgwYT25TZXJ2aWNlIFNvbHV0aW9ucywgTExDMQwwCgYDVQQLDANEZXYxDTALBgNV
BAMMBE9TTUQxIzAhBgkqhkiG9w0BCQEWFHRob21Ab25zZXJ2aWNlbWQuY29tMIIBojANBgkqhkiG
9w0BAQEFAAOCAY8AMIIBigKCAYEAtXR2BXo6kYy6YswvIb4nMoLs5/yuchgZyz7jbk9JUCmJ/RMF
BtDTfa0HDXUW9kajsNiBNX9MsRiE+BvjdLodRxvRqKISSlvANvJvBWTFBX5IPANOrsJvVb2jmP65
MBAtLrffnaLr8CbyqNDgwta/CUEWdpwhTdBejWQBrjxev8WrXp5PdVIBXVusxXfTx2qUE3n8yx5F
QUypbeeDMSOBgkqvYJgMVSotgrfU78c9eO1rnscoS2adNwRb+ZRVMxGe7iGKozv7oOR1kR9THOVs
2WW2HepsK9GDOIZAh59A7Nw9NMGsmrApZaURmtzuERlDaZzcM44Y//xT31+cRzMWwByRyV5/fDqw
Ax8ROE9JUADUKnYXhDFAWRSyDw6IQb0Ao5+LHvYUbumJsR7tbwpnSVLK7TqMyBxX3HIAz7t70NE0
xSn2KMwhyDtqx4rWXc7HzPyOINivjDl7Gedhh1PdF1/G7xthOsym0iDpy11yeA+aw05HQSWhqRCS
rMidEFqBAgMBAAGjUDBOMB0GA1UdDgQWBBSYsnNNnaZdRqnKEwqCVJonpZWZ5DAfBgNVHSMEGDAW
gBSYsnNNnaZdRqnKEwqCVJonpZWZ5DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBgQAt
aTGmrt3Spqe1Rrhgx7iRWs8ncOqElaLT+sQPCzPHghO9NdjhP7ZnZEYagw+L5IqPmTVWbc459rT4
TEZsrl/J24vWlgEBSocLJTXYD68jyA6OxakPJ1OqTgUxFAXu1wrvcGy4lB1Aw18tCB1/W8k7tgd1
FjJCJnYWXdAUW5O5DHkATple8E5r7YGZBQhh8w++gYxubKrUsMIUbZmSo1+ZGCApOMs11rbKWueQ
JpGcO0Q6I41fhZ9aFQunVpIBe19tf2/gMyc0m8BemPYfk4mbwSfWLB+kS+FZ9mt8fKlYQX8dxvHL
o9SWJonWTGD769yGEs2tXYKXnlEVxvk3n4NkoGpLihA0Of9ljjmnmOdzMOI0IdnORRb/zdw1nTNX
l0vqHldVN+sfFGsxtBmhMz6tMK8Ns9B04Kxoc32MIJZ199/oASh4JnY/JJaLwWmfKUpJ+URwngCg
hRgtLimselCXaZocpXED4WCe3BKzCCb1hVtcWw5Bjlw5ian9Zv9GY34=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>akShhSiPsc4JlsroPyvZPDT2lnn7xMHSulq7RLp/tbgsNVuBL0Ra8Lo9JsrXCdM7Pq//vFI0tUmMBLws/tG1mtWjzHCJWfq7MKfqeWKjAthn5HJE5Fwcz2RX9YXIQhzxRp8oh6TzIMZDVbjoPEBJ+79kpH77/GcOrzF5FBR+11INZh8ej0W/MW8Jbijx751vFBjiEP94npmOxewHWyxGGfnXrVddg4wxEMjMlGlt+/DABjS/JClcUtIAN/tCNhM7zuciHgwj7VW/98vY3bx4R/0jpoTFiKh0QBI3fzQE6NUPjtZr7BVkeGqBdSHA3KVuUSxDbNdZcnqJmfAOmtDDwdJxdl0JiWeDzikdkxeunAeozk7Yq4JFpfZjO7pR9HM3pGigqHu653aFgfdOa7tYs/YB2k+e61x1n+WOeDGtcqcLRdsEbyUHZfPe2l9kpAnC7nkk8WlXNdsQ0gCRrkhgv2vRlbr8UoNtB342SBw5pW+S4EWfd8bDwqSmVgUIUR5d</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>weA5j62xnCqdlJ2B/UBxqiO7f/ngiY53EKYo2D//KDy4NPlsG5POZ8OCUVIMRNIqEbylswp8KLWKw36XEocl0kSNJFIQiFYwf47taltqIBF9dzlCtGhYJsThpkDD1ocj3kGG95i35/da213PcoIuZm85viVR7KnL2AEq3iTiSE05A2LXccOZb2Hbs85mnoL/Dvz751wV8QkA/8rjy0m3buGtCBXpKNvQyssT3sXtrkF2SS1oZk7o+YJHQrPYvb5Qb121BcGnzkFvgx1SSg5hLlWF8/+Urwg8LWK58t0kR/7TqCRNOUT8QmeFZd3tIlNi7Gu2NFJy/swpkuZHu4dfNXroCmG4rudnDXozoS6uffqSIjrOhfM/FbkCssXzNt3llRllpDKOmCPSpZ2CelBggJgm61AaePc2Qw2Jb6XW3EKKcfygXkGKy3bBUq7yUEXZ3gEL1Gyxw0wr3OEcy6YQPNmMKQHUly4je3sJ1vEw2OsN5YolwRIzv8LfYu+m+kA8QQrpUgysLwNcARXL3V0qiUI1l1B/4qLJO9W8v/8O5lsQp35+Vlc+44bo5AQx47bpI7K2CEEH331tEkR22gyUgenC57Gfr7R3psEft9oulvXXd0MCaaAu3QwU78rTX7J52E0g0SJdl1a+iVvd6t3L7J9rojZFdfNXysLs7HrTWjV1uLUKj0VsiL4dmcOopGdTRe+QMv//Y+630zZT9gPBOLgRVGz1Iy4n5W7kdrRO0koZ9RLiFJltIzPtAe+sWfTUu2Z8Afs7XKRw3OJWdkGYl1MYKUgCq+AqR3STtLnr/7ZiNEtzMmdnylxIB7UgsnnRNmZMxOpg/+yb/mMMmJPSS85l4DKxlLqHd8nGLaQdshNqvwbkGPQR5Y5iJmn8OJWlYycbs7ZbdDJ4gViOxOwRUE5RrzTCQvC+oH0KWb+Ssw0TdvtoomJrU9KrD3G0oQtjEwULmqH7U/g6YedX1NdiwGtdaO2EUdM5Y6Yw/Hh0xj7YPMwGPtrB+Ur2z2gzX2GyR5MvyqXNY6EnsOqRU/OOjxqrIsUjEbw20ZEmEfzv7IRe6RWwmG/lG1Pv7CeqL1zD5EtGsj7YfS2hi77mUXd4VtuxMXxt8pRkgo/hctfWmqs7mRLw1KR7uMBf4M2BfgOYiyjd20CT1bkOI9UTwhJIQWZ96BDVm1Baxl5EyjWiZp7767vgcTFlZmy+7JtF30sljIdKk0VJBMPdKUfvAHz2FDoFRIKpZb0q+xNEFAnhCPX9j40Gcxzrree7gyQLk7VWufvX3oFEUl1EJijixfVnXdR9N6vY/D2w3rgS4KjyogMho/VLtbtKhkfnO6nk5rh/qZ9JGztDSmYlCHqDU+Ph/L74ZlT2EQiCU2hp2+4zLYiD+LJOotytxiaiGBeqXneInQ5lVal+DelYs2A07QcO6pRyPHg0oWWLJWpdaGjCw2/ePfDqnqAvvcaS07fCIc7RmFOFIFamu/BaDhsnrKsNafIp2YDTWPYU/SFiTqA1LUnDVxU0p8qd0xJz4PetImgZeHjQ6Y5cnqWZYA5LhFGJrQ3Q3vIfQTtPGpHpLB42HCRLust6PjG4/jdYXmaOHvPDse1WMnDDHIqccO7QqGnnUpXHESxnFI38b87lf86S8XqXTUZNJjrfFNQTXI3/zvj3GlmuPgKNfp+cn0tfw9NPtDLE490XZ/gfhAGxjGVNrQIpbF3878q1gn9VWlXYov/SE0kvDH1P3LeakOhuxoXyPzG74Dips0+VfiplRTU+V1MFu/X/V+dMPFS7scqzjB9X9ZxMxtNqVHer9H4IPaVw/6nPBBWl7Gmq6tpfdTRksPtYWudSqkVhhSYrUndfcpFZuaEWDjuMfzh7t/XC4pRAf0ByDKv0RTPZyw/K5noayiWqVpYIqSg9b3GTEUbbRnNk2fTIxAM51lzrNisz0ZqAXxWgl4TiUI6n3Gs0bpuDwF0dWWTjjp7v/YQ0cc0dcpUIr9k+0muKfdxlcms8O/pv79q20o6s8rU6t6CR1H3aARG4y3nYZF9uUqmv94YmFrP8Bs58dWO4d5Rex1cCk/RqNyju5Zyqh8rSMpzaQl7C+Z1X/BEmg381NPQ4CVTUspwqaY0rx0KeoItTtcY07MzUdWjSPghm1lh8/XYqyZMiy1XBptgvwsg5359vyE3jrYhuq2St1jtymm0dVsOyGvsGq0l2YgExtx3eMxonvdvE6hAd/RdLKdmcWrgawd4f3A4PNHLyMot1MbepJd1xh75zzpgp1cNst+w2JfXs0+ZEV+NFR0OCi0+56G+MtEDsY7/0b8Zfx4quYhGPnQrYbGdI8NtBLDHSUwqb8QwR1b04++MUEE02DXj/eInF1/7vvp/Dwkwe5OYOJws4WGq9FQypCeGJg3Tp4imonG0iIFes3PyiL1r3ZM4acMgAFXKHkuLwunXuuYw3pD+8I+VJpoeSPU9mNe4RwjSsi/AdbXy+7cEOfej3JZN6PiNhOANo0Xv2ZZb1E6L+wOdKhgZDi5WRsPOolaMBMoFwQR7OGTLeQZp61zo03djOgUwhiXLzgWqQsjkG/vVYslwhRIQqpbTAJJ8WFURoanyyO5tk1tEE0NUzs6fqzcgrl41nsrQUtYWY3gV4xKKHxrFfQR3YL4wMpmhUeh1a23/MR7DOtq/pl82X+lHmcwGXWXUop879ZEfLdRuSl/uH8ns8b9cN2Yej/+mwgG7fbYZ4V32quS7Z7rCWY0aDe5K+NqyJi/O72RDxuKT7vgGW85LwEvMbu1np0R/BIdVGgcHdIEQfruXegJFrm48g/3wrFNrop6gIf4eNUj+eVTRVQVCHM3WTsf4zk49/lzy1BZFsyDCM6pjk0pavMyUsctfr5j8q9S5Rm5V0UtxpvBuoJ7CC+qoRYzAOIudjWH9UFfCHKw3z0MWfv99LDVi6fl2xkK4mi9VFRCnH2Dpg2LuVl413LwMHtnCQyIJS/iD68AZo6zYR6r/u2WL9iq4CBda/j28MUH104uZ4LPAF/2vifERsU3I2D+Jrt2uTQuE4VNetuR/K89vLbokQhTq0KPrj6xXPLIjxKAP+2+d7sDf/Xg8+xm0FsyuCkyTlMZ3JCMFnIS0V6mQ/c4F94rav7kXTLOgIlkgcZlBxfpCWHgDNB9PA8Vu+tbqV/e5sRMlhLA21BvohsbFW3L91DLCa+kyTZU+7zSJjCAgtjPFrIxdc0gxeBFhm7Ffbn0MyStA0LM3UQM14iohOGnvzBOV+6FvYIAkS/nab6Q5JG2GNXVks/SveOzcsbjYIhlztq9uRxvCb2WG3MqKPamDYRnRn/E2LiyUPtpXX4Qv/v/T1MDVNimfQyyR/ZA8OHmOzRZRGxN1eGHZGKFiT8+iVSvrXUU723QeYKGt2z0z5D9ZXJSyEE/VQ/Fg95hsFtiJFNF0ar2tASAcE+orsmfz+EGr9RQ16dCkRsCY1iGpaPWfbTR+brFmyBFZ7uquj2KVf7VGcGDduao5I8VIqhKTOniTomwK8jZPA+nhzPIOCKEcO6fCaApT6+yzJiSZ7WpQAcaZXTez0QdCHIqlepWwdf60WkI+moLjs5SwELC9l9a8ktyvCaxLQKLFK2H6+LrPXQPse5U19Rpnk76dQ7Hi7rL0bu5vseD082Z9tIEkBaDgaFazqHLkKgS5ftnR5sCMW7RnnpjZflMn7fX+J/R62XCaaX07f0Pb0anREHC9TgvCbr80xiN2VBQWHc44ROTMWFtJt06p1x9RLdYLVw4A1L9UKwoSxL2/MefNA/VzFQj1eml00jyL1vGEq2eGlDFRlJFwpazv6LdQBjyM2DEzcXz9sXD2woCRfZd++Wa1BpHDHUyU1YFx2C1yoDMgCU/5KEncG2YW7b2A+sS3s1hi+y0+GoYxXLXbPBAB+iLAmQuSjsUKQPls4CY5B8uOgj+b7j2Gr4h/458ovIDeKJBG9BRDPRlqJbakgycK30ay9h2tK/e/EIoZsPW6D1+hhYg76H96V0P7YSwvqwujNAbkl0WDoY4t3Re+Pv7j66nkHjERanRUVJRYCfQGouH9YFQfu2q0ok5oTDqyzlJUpOXcrG6/2Vq0u5TuAKuWtEIaZ7GHhR5QJjfhn4UFgGjTUmKRx+GJZVQRv9sRk9X8LUNX3MAgEXiE7OuYagAVHCiGjwxfgpyP7nnQWdUJ2DTFnwxYncwX5WFG+oA5hGA5gXz9XlC0NID4BsmG1RaAemQXBI/Sc0Qvq/lHT4vqMB0nra8j+keaoulh0THOXjx5lira6tgqf2Y+QP3SHZRXUS/W0/L3SNas42TUWTtO3bhkmm6hXkWFEVrOOXjOR2uG97Wo5QLNki8v1JpjEyMo3NP/RcMevSnW7aRn7W1XuyWVtEGhz++6AUUMW7wNrAEWd12FehJuDFPHJT96swMTPTLKXMsVpvhZu4D26vi5Eanl+3SFd3CHIWEphIOgO9+L4TCmktAuDO3IjP1hOPT6LzFzRKUrY5tAZQJZw93M9pyvSEcAgIK6P4bIHEXjD1AIZ1yvK4RcBSR+EB4uFOV0l5xN0Dn4d28Lkze1peWmiHLG/MkDdyGh9PjLHHHXkoENb82Vujx1zQaPmohTXdxO5SneCGWE1cmqg4Up8esZhGlFMQTcDM3blqw/fu6ZCNqbMV99ImbjU4P84PL4rL5i8UFDDrsLLcGIOtbqKlH5IbSGgc8C87PNWI74ko4R+r9WDam1CqpUTY/TRUl1wY8dlumUr/L1kndth9DDE3CcIZohuITkRxb+IYRF0CwAAg6k13P2FbXgRCTwB6Gm3SX8MDNmAUvSayuZ6IljeahI7B0NRH0lRAbRrHuc/DbqCBIaBvXsIB/Mehn4Xa2meuZqN8hLDkW2P+7Ps/6NBM8CP8W5I4TRTzT46wPq7/fL5tAbZhpHwFh7EMzIOneCkhElp9o8hk92qLEahUzRaIbm9pqxGnK4jtSEplQ0O+aoAM7+mWlHCyk4P3+vanZcDCi09zoi3nzZSeHwQIGZNeQHg+B/H5Avves/GtacLKiMWEWAGxSJ+4kyQzBq7LCKvyKi5dRG8fGhH9cGQ+H9OeSxRMNE59WNH0M+SCcx0dKMb9aHmeygEnJPpJLDn289TMXDU6DWT7d7Mwu52fx79vQHs2R185TvNoIU0yfvdh6ueSmGiHv/51FmZohbCAZlccvkhk2BtpPcb0ok1N+jfrV2Q9VpjIuKsPnrq3mX1Kj74pL1KJ17Re3pjFHpFnCx+GYtrOOnauDgg2UplZFo+6JEGYq4elmpJSOnfPmvhDVODJcQx5kRBUwMny5gzQn5RXl/0n9HDx+OAVaAL0yg153ZidS0C5LUQEr/BKmM3RPjY1/eIH60bnauHLQrENOR13eHhT/sZAdI0T1B0IBAY8yUj+ay76u5/mUq7QrE/a9K9YNggRN6vg9Pq/E/SC84mMPuBNZ4E</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:28:37,823 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:28:37,823 - INFO [Shibboleth-Audit.SSO:?] - 20220926T192837Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_49322837c18ad04e88d67c360158a9a0fbf51e73b2|https://leehealth.onservicemd.net/simplesaml/module.php/saml/sp/metadata.php/leehealthtest-sp|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_e18ed2829e8556386f1a593af7e3252e|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxT/gtdmtY0n0BdQE0bPE0WljZ2avbGRYBbOk1jfL3dAHyBUTS0n2BHac64GA3Iw4rbcfXydKgHqCn0vg/Ytjm1JDt+vhdogRPy5Jtlr0jnVCQu6zBNi3lvr7ROHjE4iCTzdO3M1ZsXCsgk/hfpjs5bB1anUcccHX9LQkqDPRzYnpGntC0LLevesMepIu3Wg==|_6ffdbf4cb0ed2cd5c40bd5e0f0f781e5|
2022-09-26 19:28:44,783 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-326719-mTo65I0Kj1gKYG4dyYtS-qTgakMABsiD
2022-09-26 19:28:44,784 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-09-26 19:28:44,784 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-09-26 19:28:44,784 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_eea0ba3839844ad29fddfd2a7a33402160bdb54"
    IsPassive="false" IssueInstant="2022-09-26T19:28:43.791Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_eea0ba3839844ad29fddfd2a7a33402160bdb54">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>rrLMP1eM0l1nv+M23xtX0k+cE1E6215x+hZfhyRzuFE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ADlCuzAh6FSN7YcZ0/2dJTb5eH169s6wd7da++j5BGBPxBSm/ylgH5g07l1APAgDm5xT5f0pYTBW
2cy4Wz3k75c5Y+Sj6JnYLA6xGYuPsZhd8b7v9hejO24VEAIipHW3gDEPkb0cthgtyhM+UCLATFYe
gRo5xNPp2OPaiG0zwwC5wGU5nKBnE/kWiEHHtZ2D0nt4zdIIKoFpKA2Xt1Y2gHQCC2/ZXsTFLJ8a
Z7cv+4TyoV7HvAnLAdb6QYqnkOjYLpQK4xrzax7h5tlixM6R3snKhw/SyZqaNSpcFNRabdLM66RN
U911rRNv+POHUp1V22woqv3OBFHL/kWmgM8jdQ==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-09-26 19:28:44,798 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-09-26 19:28:44,798 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:44,798 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:44,798 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:44,798 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:44,798 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:28:44,799 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:28:44,799 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:28:44,799 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:28:44,801 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:44,801 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:28:44,801 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:28:44,801 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-09-26 19:28:44,801 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:28:44,801 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_eea0ba3839844ad29fddfd2a7a33402160bdb54', issue instant '2022-09-26T19:28:43.791Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_eea0ba3839844ad29fddfd2a7a33402160bdb54"
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _eea0ba3839844ad29fddfd2a7a33402160bdb54 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_eea0ba3839844ad29fddfd2a7a33402160bdb54"
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _eea0ba3839844ad29fddfd2a7a33402160bdb54 and Element was [saml2p:AuthnRequest: null]
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_eea0ba3839844ad29fddfd2a7a33402160bdb54"
2022-09-26 19:28:44,802 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-09-26 19:28:44,802 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:28:44,803 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:28:44,803 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:28:44,803 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:28:44,803 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:28:44,803 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:28:44,804 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:28:44,804 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:28:44,804 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:28:44,804 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-09-26 19:28:44,804 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-09-26 19:28:44,805 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:28:44,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:28:44,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:28:44,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:28:44,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:28:44,805 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-09-26 19:28:44,805 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:28:44,805 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:28:44,805 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-09-26 19:28:44,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:28:44,810 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:28:44,811 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:28:44.811Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:28:44,812 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:28:44,936 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:28:44,936 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:44,936 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:28:47,021 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-09-26 19:28:47,021 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-09-26 19:28:47,021 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1082235254::identifier=rick, context=org.apache.velocity.VelocityContext@4071776e]
2022-09-26 19:28:47,022 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1082235254::identifier=rick, context=org.apache.velocity.VelocityContext@4071776e]
2022-09-26 19:28:47,024 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-09-26 19:28:47,024 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-09-26 19:28:47,024 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-09-26 19:28:47,024 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 6225e3cc1ad40d1b1975cfa9effc933817c73cbea452cdfad08ac9f80d941f75 for principal rick
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 6225e3cc1ad40d1b1975cfa9effc933817c73cbea452cdfad08ac9f80d941f75
2022-09-26 19:28:47,025 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:28:47,026 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@189f96c8'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:28:47,027 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:47,173 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-09-26 19:28:47,621 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-09-26 19:28:47,621 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-09-26 19:28:47,622 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220926T192847Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1695756527622}'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@189f96c8'
2022-09-26 19:28:47,622 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:47,622 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:28:47,623 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:28:47,634 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:28:47,634 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _fc8095abb8763427f83b3d224fb028e7
2022-09-26 19:28:47,634 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _fc8095abb8763427f83b3d224fb028e7 to Response _d53a1a145db88896792aeeb12262d82e
2022-09-26 19:28:47,634 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _fc8095abb8763427f83b3d224fb028e7
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:28:47,635 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:28:47,636 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:28:47,636 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-09-26 19:28:47,636 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-09-26 19:28:47,637 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-09-26 19:28:47,637 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxUpEzOjd1OdGAfsUFIc03Mb+4sOx8tYPBYyhHIXoUQKT16ORFkjgBtSenmKWR2BQqULeDyKkJ+EPgpvEGx/f6oBSVQheHk8ku8BzamId+7MRayl5/ZY6xZ8DmPyMhD7IrTltQgGmgczrvXdfnhPXOtKG/T0IJ9/A= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 45.43.48.162
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _eea0ba3839844ad29fddfd2a7a33402160bdb54
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _fc8095abb8763427f83b3d224fb028e7
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _fc8095abb8763427f83b3d224fb028e7 did not already contain Conditions, one was added
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:33:47.622Z, to Assertion _fc8095abb8763427f83b3d224fb028e7
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _fc8095abb8763427f83b3d224fb028e7 already contained Conditions, nothing was done
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _fc8095abb8763427f83b3d224fb028e7 already contained Conditions, nothing was done
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-09-26 19:28:47,637 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _fc8095abb8763427f83b3d224fb028e7
2022-09-26 19:28:47,638 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session 6225e3cc1ad40d1b1975cfa9effc933817c73cbea452cdfad08ac9f80d941f75
2022-09-26 19:28:47,638 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session 6225e3cc1ad40d1b1975cfa9effc933817c73cbea452cdfad08ac9f80d941f75
2022-09-26 19:28:47,638 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:28:47,639 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxUpEzOjd1OdGAfsUFIc03Mb+4sOx8tYPBYyhHIXoUQKT16ORFkjgBtSenmKWR2BQqULeDyKkJ+EPgpvEGx/f6oBSVQheHk8ku8BzamId+7MRayl5/ZY6xZ8DmPyMhD7IrTltQgGmgczrvXdfnhPXOtKG/T0IJ9/A=
2022-09-26 19:28:47,639 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:28:47,639 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:28:47,639 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-09-26 19:28:47,640 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_d53a1a145db88896792aeeb12262d82e"
    InResponseTo="_eea0ba3839844ad29fddfd2a7a33402160bdb54"
    IssueInstant="2022-09-26T19:28:47.622Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_fc8095abb8763427f83b3d224fb028e7"
        IssueInstant="2022-09-26T19:28:47.622Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxUpEzOjd1OdGAfsUFIc03Mb+4sOx8tYPBYyhHIXoUQKT16ORFkjgBtSenmKWR2BQqULeDyKkJ+EPgpvEGx/f6oBSVQheHk8ku8BzamId+7MRayl5/ZY6xZ8DmPyMhD7IrTltQgGmgczrvXdfnhPXOtKG/T0IJ9/A=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="45.43.48.162"
                    InResponseTo="_eea0ba3839844ad29fddfd2a7a33402160bdb54"
                    NotOnOrAfter="2022-09-26T19:33:47.637Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:28:47.622Z" NotOnOrAfter="2022-09-26T19:33:47.622Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:28:47.024Z" SessionIndex="_86307b78d24a1121fbc0aa7ad2fd838f">
            <saml2:SubjectLocality Address="45.43.48.162"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:28:47,642 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:28:47,642 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-09-26 19:28:47,642 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d53a1a145db88896792aeeb12262d82e"
2022-09-26 19:28:47,642 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d53a1a145db88896792aeeb12262d82e and Element was [saml2p:Response: null]
2022-09-26 19:28:47,642 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d53a1a145db88896792aeeb12262d82e"
2022-09-26 19:28:47,642 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d53a1a145db88896792aeeb12262d82e and Element was [saml2p:Response: null]
2022-09-26 19:28:47,648 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:28:47,648 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-09-26 19:28:47,648 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:28:47,648 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-326719-mTo65I0Kj1gKYG4dyYtS-qTgakMABsiD', encoded as 'TST-326719-mTo65I0Kj1gKYG4dyYtS-qTgakMABsiD'
2022-09-26 19:28:47,650 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_d53a1a145db88896792aeeb12262d82e"
    InResponseTo="_eea0ba3839844ad29fddfd2a7a33402160bdb54"
    IssueInstant="2022-09-26T19:28:47.622Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_d53a1a145db88896792aeeb12262d82e">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>DWP507+iN9jsfj7/qQMWJpckK9xl/ERs79AYM2+2AiU=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>G6GiAAwFSiFB2sTf8qBLgiQAPUz1MK+pKb2Kwk1G7vm5e770JtjAE16FGIH/fSezAzZ91GCk3dy5EN4EBOtxHWFTcJIMAnMr2AF+bpicc6Lcxbg7ueSieT0alpnVxpb1dtiGKTv/0HoLzvfjrEJTu0fQn3UxDmkopDv7h02n9fr7g5PQx0g9nWDf0u9OYQQv/l+V9/ngF1jx57jpc/l+ZkwdHiPY70TcuNKJkzmQtLw13jdnqB8fb+rW1Xrp9iZJE+syUJ9aCqrX+faB3tmV4LHEIHSK00ZouG0mrOJCHbouGOIeMCXrq6rbXeF6s3uG+2Kh972Cb5rzagnOh2cnUQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_67512c159323b34b276ada7636a9bd24"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_3e87fd931e460620a430d8199c3f8e59"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>f2wHberg00Wy3RPYEtL36AREJojVvodu+Jg5jPUifJBjzb7VGOvqVP0fGTkr0NfYfai/QxSX/LavRvYePOPqmJgseaa8gxb2OSp/WEM2RtoFOCvQW8AgcmPF/ut2XlkvutG5B19rJoNSmi+iZ1frkLFrCtbxjqS9QSbp8pRlmG4UjjcO+8EXmhshI4ti1LsEaR420Mm0xZlvHjNY8Jq3hy4HQrnbxun6FGQCNgLQf9RqvPvXLQb3GJfQKqs8U+3LBl7cfVlBTrwi8ZeVZjInWZCgEkKSHm9eddsWl4g7HPR0ou00hRuZxBY593jKg5mwZki2yHmIx3gktMMNOywvBA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>UKulrVr3odARECAutQ1SDBW/ITO59OFxIPDi632jIQbW/pW0/em4vjSsKg7EjTx4Kfi9x+0uIjGomKATCLZED0mQbFoLdpioj453uZXDQV0aQV4y4JCebOODKbDN34WdFF0jU09+b3R4+j7IgUXHj8CvklL3qkdoJbLUGIzUTnc2aT8iYhIZPzhmA6eSFcKmEtr5jtEUVdKaV+M+6TIyOtethxONx3pSslkV3qwgcGLtrN9ezSyaLjm09zIYgRxzTN6xokis4oxY5093dMeY2gwkeEVyhgZUr2EBOfpD9uPHd0gVDfkYjZ0FoalsKVt3sROgw8rYsu+ouhTVLkBZa2IvWNZ7xvfYWjdin3zsEw/Dw/J9jJByvJN4IpeKj8KULpFEa1TDoMWEQRZ4rYLe+ickyeByJFJf/PtaKuOu2cIq94vUzuNlNMvDe5rfU+CArmXLW3oMsxhp3X+VRwwPyil9nB33OM5so09PHwJ1XD5gTizR7Yb4KlJwzVy31GJuSZSLbi8t8gZKHFFJiaRQHan+svFMKX1EYajPvcDeYXb1GlR3fCiZg7QD4Gc/jVtniMQpDoJdGbPDdCUffBmi9LIwIF3jzQ+rjYuMhzG0z3CdBuhPG/acKe2wRB1c+O++mTmY6PLXKU00/nyp+mQDNKZo0vuw6NiRtxjLtCAAPwfckguZ2ezvPe8mqmOtk71crt7iojVnD/JCEBvVXgCxb4+K+iY3jiSn9aUma0EcF+Ytf8RsmKMayHMpuQR1He0uX8utFv/uOlXshHsB5ShKXJ8llMo7uz4dLSpdyOJlTX1A3PRg//74PjHLSOeXDN9EPWBozboO27qOlPKMRfCHNjsin3h9tiAtEMYuDuMgC2u9E1kxIRwwMiV72HQjjXSDI4B0hoZvgOOwVcjnU3uvRxysV5zAEQ55bH75ctl2oy2gihVhg5+sLVS9kMqqu6CyA8uOeLrl15mCV7wzJh9XTO+WS4lQHCQI3fhJyiUyS3FI05l+Jw/naZckXzjiAblFZ5OIDP9ZalfdEZqIbGoitQBvVrO0PSF9yq1xAChlezJfxxlVIfwQzpLR79Z2DY2vSZGh6nO89G+3rqgAAF4QHi/N/y9hc18+hh+30azdQImPjHxXizu0oIej9J1nulBp5t2bpFUUVwA2UneTQ+SOJG7b2ikU+SrTie05mMRS1dUuIYp7lGwW0KRQprN51ewJdCp1D2Rob2WkpcrLsD8NyEHNx6aLzXRFQf0Z0+pvWXU2vn/I+UGj2SSc1EWvE6cFAeoNIy6JgJFBwC0HiIrf9+pWMiPm+SD+glHWLSE7KOHeTZfp8CE/Sdy1V1f6hDMo3Q3etFtlGSbm7HbTEnD/fcACB2fpsfNQx3+3qXZVFz2TzMbqGxIWzgu1Fmgm98mBaLQQ34yayKTU9xmhosDXGC/oTlJevDBiM3ec5jwaQKqYgJYlMNIUoQm1csLV1DtKbv3Avh3AFVtLxn8eFP2CfPZu3OeQuzur3RMMm1tGV4VysODcnNXAkPFjm3dWEm6TfkpgQCzT9sq8J5t/OtnhRPqPSx7aJhLjTFYYQ/PrOqPL8328HRlqBEPFZ2CY4DQV8rmpPvbJApCAsT8PcWlzdpY9ek9FDzpm8WCN8UxvaVb7WOtINBMVLF3b/6f8ifpvsrc7HWds8pnTkmIO6baJyrRmsYsXKY2Tci5IXvim9FzkBQUNRDSOlFHpbKwpd/ik4VlDH0Ek5gHfKnUCKZPK/XG9y8YbtPaRlpWUm6jJCul0y18rjhj6e6tYkGDIDQG/rVf4NkqMszm2UoQjyyqIVq00YvYnUTvQUSGVJqaHT2Hkn+torcjfjySaWPm6RLybtrJJ9B45MHZnFSEKvjMfES0nwvE1YbyvKBCzPARzaf0nHRD8jiiCxTI3ilLCr2ps+PP8QzFC0eng7Luw0ex8XKgDhBwP/Re33+ty6x8VAdX9VygOTsQni+9m1wbyC2cCpwr3yfw11Qn1/ibWzcSs7kP5NUS1A/mTnkRbcc77KnFY5FnmlB0fQO8KVRYTat+RpV2KINn3FEHJyxXWZ+aSavXsnzLhfZDqJi8i1mbAbO63+B+JT3Rm63+2f2CrV5pi2ISzsU2ifcRjH+lel/StNooKJiQ66VMxQCw36vFN6Dw/geIL/tdHjczmwEiYhZB/PUN378vJYL8IMV5gq9AsSR5UCEIvsZkiefPg7UAFe2p8481xK5cj/uvtxqG6LkdJG8opAMxkbcCGsxC9882q812pFOgSXxidOs4NuOI2mwAsp5jZrxo5DFbLxPZT2cxb/ZOWlwquCYC14ENCclExlg91UDlZkwPD2bCHd2pU6CQIEJN/S1jhSrZAN8cHg3Ifi3WU7YUZwA2OtO/PS1EaLX/TIpvvFoLJzUtOR/O4HeJeW/HZH3nsxa25giRgg4/sKlfZqgNLaNdWsYAFVx3I22lU7AJgtG9NSaZTm5w8b5PK5ZVPHjYnSebOzQAfxMc80elibTwJDYiJsrXBkIxZv+flZPLdxadD+umDoZndTKbQYERRIEn2MAiMxI1i2G6Ly6h/+wIiyBUkR1HWzl70XRgC/DMk+1cELfqgTFl73bWM4IjFSD+25oIPJi82aSVE+EZrNUkkL0NcZQE8jZXKBm5eTYeBke6reECgZlHpAQaLa3D9GnMEDiEjFyKM3X0vFcq69DtgD38cSRBJEjJogEOLRr0B+NJTDTeJ6JLoxFbh3hUR4DmqNGWg6g3DXutXTP9d0J+dlFKpECtbqC4ok5Cx9OkJ85yalRGhvkT536lfEsJDM0nkzJytL5MZFSPBizVpH1o7xS1epsD5pBPe/X2X6uppVJgzpM+9R6e1GMZm/fDxVlr+b8kcdUFVfBiW8A/NQww/udRrwuIyeQJ/Vc1vrpKmEMxZ+TCvY6EHnvPj0lRSHhWULAuxdYg06dd8R6i/Es1irS+1+JskMNOgSfwbddJzgzLYW/xTLgxXUxZTYcLCOlHZABg/kOxVa4ZtbXzrt/pnUNuY1B/X05OCgFSJ/Goi+RMx8fOqq7hXeYWOQj8HHj2PZRByX/ZlcTgaaN8eRf9DY3bbnKUTRHP+f2ju28h5p+LiRoIWqH8BzTZ5Z5iVm73a2sGAgQwj16jC0tFweDon68ijWagABomOWU5PpvKRiMerXBRypO5mhlLF24JQKOwLkims8JIDT21rgf0pL1eROhzKw61NNsV/g0+LdQDtlcr2oUp0tSQorkbprbeK5RqTtQDQeGESoLgaB+hP0Wz8Yv8zEpyRSlakBa+vDmOxSnY/InSNBqiunU3YRRxY+IPHc7SkiT62x8P2hwUrkbM1G/jx/ikE3d5GrWRmSDNKjLmgiSh4prHP+wCEyvB76dY3GluDZ2v/J2XhQX0QrdTuw4Edum/S0bjVQ2fa2yNVcA6LiWs+vh8lVztO3nhooZYyH/yt9d9utvDm9R0f3PVIqFwpLyEsfGXzTxP8el0u8Vu0btBOkubm6+n2XygOJCK1QwkFwkKVQ8zaCYQ2xcmUJAMu0WSBSNQQ27jIT7552ypu1+9LoXlMewgfMbqiq2hpS1QZep0CXlbHa1UYXcMuaWr5PI902OvlEbt8WI51ZdAXRb8yzEOZ2jhVDYlEy4jb4mY3CMa92xqu00o9vurgM/L/BupIF0ry0Ki+5hbljdfFYSS3bmixSDcTGg8xeh76Z8P6MNmHgmXSxUafBsSD5+u0CzhKO798apoqDuup80CaleJG4IG1qSdP0V/1x+8EOWSCL8nLBaUYViy1EsrjUgB91qtDlqgXtjDnfDWDyTU8WqPiYyY7SM1POmGlmbbEcg8Vi16ZS4ZlM9mNcTPdeD1BTf3SrXx2a8C7O1Y3IjBIKRCjq5KyaU//Bpq2sQL1t30L8mU+vn0sXAFGt+Y2GTwxWy5P6G/3ChTZidy3U+No9BKJoWx7zZxg8lDvsXKUHzSonaBkqFRSoZfuCq3LBcTB8kKfgm8ll5Nr9idLSIvplhrCX8f1Iz9IDRlpzkUou2r/0vFu8DSR9L7Ki3anCqRayZ1rePQgzzvw1SDD++tNJCSBqMiR5TzStYbngHIbpiIJrWa0je8Xi30lSOyxaxbERrKhE4F/pW6hM5BxWMJ1DVR54tLVmnPgFdbTx2E/faqTpJN5qzMomuiMQknXXa9cupfW5p4x+1t6tAxP6j1sZ64nBipaTv4KD6D6mAk4gDhYSlEp9RvQBCJYyb2kLmPVmjRIhGUtI2DfTkeY9yKyiED1jR3JAANA0Mpi+0E8gXh7lM497/6RA06hFbIR7Ff8twmnVY0q38TB7d7X7Y5UZPaPZMS8xkP3k/wxuQMxCZGfI85swnEeKlA4ipt9wLF3IE67Q6ddgwPB3SRBN8Bj5WN8rN0JhTVhwoyaKyJbKbV+ccDWoDTFavFK1d/BWvTLnARxFnJdfGuCvLXzDvBoluSYMrmnEGUCtomNsyTdTro2r/iTOpfwrpDp9H/Xbt+SnUAstiHTrFUb4UY18PYRy6AIOA0XEB+jrSgiTQpbFHxqFJRC6uTitVXOqRw62P35Too9047iJcpbKOqkXGpWrlwNHhzKhse87fLGhlg+fH9kj0NGGBOl63+YCOwVyIm4ah5uDRAi4vf+azdIFyGv/iY7lnWCxuSYol/kh/lsLo9kJT1LEaMv0El5BYg556EOq6wmk8nO0kxjv2nUdd+fooZO+YVvsAyi06bt1Z9BGvE87FTzNNwBE5rUY4yQU2tt+NbCOLhGCgccorM0XSmBf8t7eo7Qw7V0MOvAAj7/r4RLRL9HarP9KmswR/ZXXWywYhFNDnDKH8Ly9ygWa+3DaCWyifkNHMm+l8/BLQjv6Kv7hgPVvPYon3Nfar5EE6RKK9L/iXYz5xywXhRYN/FRnjuOUMtSmrTOg+PEYWPby5JusXwWDt7+sPD3e8LvUrvOsy/Sitjm2tZ/8l3q/onkt63H5V8uz5E5I7k5fAr9JUar5a93V4vgUUYLsqKE5N8w2FbpkqjrnvX9tDA8Rva6GW8C3DGqhm/aoJihWdY/tq6esFML05R2atNeO6nUOdr3UniCIx7NLq622VeW0DqMXM8B8DCLe9jIE/5lEpnKixyzjzss+2rTCcu/3JsHRv9oi6K/V2B8fAKsNSaNsDpLHHDNbtnNo+sdJdyTkhK+rMcq/o+C0aslzCzNmvZ0Tnc8Tsr36xnh401VqF7kMRf20EJQrP0KAJXNTuhK0U6a4Ky7PbFs0hN9</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:28:47,650 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:28:47,650 - INFO [Shibboleth-Audit.SSO:?] - 20220926T192847Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_eea0ba3839844ad29fddfd2a7a33402160bdb54|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_d53a1a145db88896792aeeb12262d82e|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxUpEzOjd1OdGAfsUFIc03Mb+4sOx8tYPBYyhHIXoUQKT16ORFkjgBtSenmKWR2BQqULeDyKkJ+EPgpvEGx/f6oBSVQheHk8ku8BzamId+7MRayl5/ZY6xZ8DmPyMhD7IrTltQgGmgczrvXdfnhPXOtKG/T0IJ9/A=|_fc8095abb8763427f83b3d224fb028e7|
2022-09-26 19:28:49,984 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:dd30f5acc0bb7c5f74eea1f515c194835f835892f1a2f734ef1edf11f21e092d
2022-09-26 19:28:49,984 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:28:49,984 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:28:49,984 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://serviceprovider.opentech.it/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_287ea37ce61ba6da6852be882b5d74ed"
    IssueInstant="2022-09-26T19:28:49Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://serviceprovider.opentech.it/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:28:49,985 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:28:49,985 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://serviceprovider.opentech.it/shibboleth
2022-09-26 19:28:49,986 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:49,986 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:28:49,986 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:49,986 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:28:49,986 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:28:49,986 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_287ea37ce61ba6da6852be882b5d74ed', issue instant '2022-09-26T19:28:49.000Z', entityID 'https://serviceprovider.opentech.it/shibboleth'
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://serviceprovider.opentech.it/shibboleth' does not require AuthnRequests to be signed
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:28:49,987 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:28:49,987 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:49,987 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:28:49,988 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://serviceprovider.opentech.it/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:28:49,988 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:28:49,988 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:28:49,988 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-09-26 19:28:49,988 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-09-26 19:28:49,989 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-09-26 19:28:49,989 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:28:49,989 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:28:49,989 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:28:49,989 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:28:49,989 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://serviceprovider.opentech.it/shibboleth
2022-09-26 19:28:49,989 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-09-26 19:28:49,989 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-09-26 19:28:49,989 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-09-26 19:28:49,989 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:28:49,990 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:28:49,991 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:28:49.991Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:28:49,991 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:28:49,991 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:28:49,991 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-09-26 19:28:49,992 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-09-26 19:28:50,026 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'serviceprovider.opentech.it'
2022-09-26 19:28:50,026 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-09-26 19:28:50,026 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-09-26 19:31:34,705 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:31:34,705 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:31:34,706 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:31:34,706 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost:8080/saml/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-d1f51d2bfbe85cde197e546a347d624ef059aee4"
    IssueInstant="2022-09-26T19:31:33.95Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8080</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:31:34,712 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://localhost:8080' from origin source
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:31:34,713 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:31:34,713 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://localhost:8080
2022-09-26 19:31:34,713 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-d1f51d2bfbe85cde197e546a347d624ef059aee4', issue instant '2022-09-26T19:31:33.950Z', entityID 'http://localhost:8080'
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=nJJBj9MwEIX%2FiuV76sRtuo21iVS2QlRa2KopHLi59oRacuzgmQD771HSRSoS6oGrPe%2Bb9%2Bz3iLr3g9qOdAlH%2BD4CEvvV%2B4Bquqj5mIKKGh2qoHtARUa124%2FPSi5ypREhkYuB30iG%2B5ohRYomes72u5o7m9miKwsrz90ZNqWxUFQPUK7Werl6sGu5gi4vKw2w4uwLJHQx1Fwucs72iCPsA5IOVHOZS5nlVSbXp6JSy0Itl4uq%2FMrZDpBc0DQLL0QDKiEmnwRIC2eFs4MYUuycBzG5lOII1iUwJNr2hbPtn5BPMeDYQ2oh%2FXAGPh%2Bfr0AlhI9G%2B0tEUpt8k894oQ1ydnhL%2B84F68K3%2B09zvg6h%2BnA6HbLDS3vizfw9as6a2PuYek33IdOJs1k3jyoI5OiVN%2F%2F0%2BShu4M1bET7pHva7Q%2FTOvP7HQko6oINAnG29jz%2BfEmiCmlMagYvmuvLvujW%2FAwAA%2F%2F8%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=ddST8%2F5cKtQORDkqP4AaWRd8Q93nSUpJ3mZEa%2F6iDH3RVWw9a3ggfjmCGsaMyvrHPsZbEV13FIIKZCiSg%2BAiNiMVHSQQx8yTsm9h%2BVSJjEleyoOyJ%2BYjUyYEDXlvqXk6eF0OfKSHz6BTCi5JqvFrMRAkKJZhjeKShWEtkCu3R1zXWUBwhn2I0tSQp%2FRI3%2FxnJb%2FeI2eOdMqQihyNNh2iWmrdGSpFYWlm5ufkMihC0jl0KtGxUy%2FxTIjEHTzOKR2aCVw63npFHJa75RlpxiOBaNpeDDJUpMyeXs3BX4Dr6d8dM1qx59rG7x2SrnB1P0%2FCLCtt8PYIx2qgTyrFy64u13aerRuXpAyuF4H1EV%2BRFaDtbC4SmBCG3bByzaAbbhVXucIMH88fnLzXnEtXAhef5axUbtnLLHmEZlDfjVzLMs0uwXSTVcR9fPcTu8dg89AWW5VSIKaF4JeLsxq7TszLAqTUa%2BJExPnltrjcxlSIC5a7o0NPoIzbwu6x9n3mVMpaTIWAMz5VAGdn5oNO9oYLeQmyN9pxsYes1rV2NcMDlxAlOAeIE2fxI0LJq88numCfV1eG2ak19FJeAK6Q28QsetrAPzghSlhAyt2QG7IhONydcrlWT6eYpkcfiMsaseF3J%2BJg4ibuQwqU2iG0nxIEUffbCR6iuJFXfonV%2BzQfzFA%3D
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=nJJBj9MwEIX%2FiuV76sRtuo21iVS2QlRa2KopHLi59oRacuzgmQD771HSRSoS6oGrPe%2Bb9%2Bz3iLr3g9qOdAlH%2BD4CEvvV%2B4Bquqj5mIKKGh2qoHtARUa124%2FPSi5ypREhkYuB30iG%2B5ohRYomes72u5o7m9miKwsrz90ZNqWxUFQPUK7Werl6sGu5gi4vKw2w4uwLJHQx1Fwucs72iCPsA5IOVHOZS5nlVSbXp6JSy0Itl4uq%2FMrZDpBc0DQLL0QDKiEmnwRIC2eFs4MYUuycBzG5lOII1iUwJNr2hbPtn5BPMeDYQ2oh%2FXAGPh%2Bfr0AlhI9G%2B0tEUpt8k894oQ1ydnhL%2B84F68K3%2B09zvg6h%2BnA6HbLDS3vizfw9as6a2PuYek33IdOJs1k3jyoI5OiVN%2F%2F0%2BShu4M1bET7pHva7Q%2FTOvP7HQko6oINAnG29jz%2BfEmiCmlMagYvmuvLvujW%2FAwAA%2F%2F8%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://localhost:8080
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://localhost:8080, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://localhost:8080' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:31:34,714 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:31:34,715 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:31:34,715 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:31:34,715 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://localhost:8080
2022-09-26 19:31:34,715 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:31:34,715 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:31:34,721 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:34,721 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost:8080/saml/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://localhost:8080
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes128-cbc
2022-09-26 19:31:34,722 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
2022-09-26 19:31:34,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:31:34,726 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:31:34.727Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Updating expiration of master record for session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92 to 2022-09-26T20:31:34.727Z
2022-09-26 19:31:34,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading AuthenticationResult for flow authn/Password in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.session.impl.ExtractActiveAuthenticationResults:?] - Profile Action ExtractActiveAuthenticationResults: Authentication result authn/Password is active, copying from session
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Reusing active result authn/Password
2022-09-26 19:31:34,728 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name established from session as 'rick'
2022-09-26 19:31:34,729 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:31:34,729 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Updating activity time on reused AuthenticationResult for flow authn/Password in existing session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,729 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:31:34,730 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:31:34,730 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:31:34,731 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4319af8f'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:http://localhost:8080'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@f76ae01' with context 'intercept/attribute-release' and key 'rick:http://localhost:8080'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:http://localhost:8080' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1695756250757' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4319af8f'
2022-09-26 19:31:34,732 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:34,733 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:31:34,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:31:34,734 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:31:34,734 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _33f9922df1b1e67e6e65bef967748eeb
2022-09-26 19:31:34,734 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _33f9922df1b1e67e6e65bef967748eeb to Response _212c6b63ac5e4ddd9eaf3867a696982b
2022-09-26 19:31:34,734 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _33f9922df1b1e67e6e65bef967748eeb
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:31:34,735 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxi8CKplX3teBQsDYBR4OP6IZTcLeGySJbVxmU03LokPnxv6vLj0MJucPAXwzN7//T2s/sf1v0enQT8BELWdn8TRUraddhBJ3Ef1U/AltZ2kQebcLtTUaNVw== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 136.49.216.210
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-d1f51d2bfbe85cde197e546a347d624ef059aee4
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://localhost:8080/saml/acs
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:31:34,736 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _33f9922df1b1e67e6e65bef967748eeb
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _33f9922df1b1e67e6e65bef967748eeb did not already contain Conditions, one was added
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:36:34.733Z, to Assertion _33f9922df1b1e67e6e65bef967748eeb
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _33f9922df1b1e67e6e65bef967748eeb already contained Conditions, nothing was done
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _33f9922df1b1e67e6e65bef967748eeb already contained Conditions, nothing was done
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding http://localhost:8080 as an Audience of the AudienceRestriction
2022-09-26 19:31:34,737 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _33f9922df1b1e67e6e65bef967748eeb
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party http://localhost:8080 to existing session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service http://localhost:8080 in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service http://localhost:8080 in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.AbstractIdPSession:?] - IdPSession 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92: replaced old SPSession for service http://localhost:8080
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Removing secondary index for service ID http://localhost:8080 and key AAdzZWNyZXQxAAt/qLXT1uTaqOTGz3Q9VsYVtJ+BCjX9fXK6MFWKGEBRBUeyVOW/zDuq7IiGZ1KfFwuW5pwVV3XqEGSHI9Y7qLNKlXo+Jwrng1ofZJ2LyGC7vN0Kd99reA==
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID http://localhost:8080 and key AAdzZWNyZXQxi8CKplX3teBQsDYBR4OP6IZTcLeGySJbVxmU03LokPnxv6vLj0MJucPAXwzN7//T2s/sf1v0enQT8BELWdn8TRUraddhBJ3Ef1U/AltZ2kQebcLtTUaNVw==
2022-09-26 19:31:34,738 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Older SPSession for relying party http://localhost:8080 was replaced
2022-09-26 19:31:34,739 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:31:34,739 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:31:34,739 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_33f9922df1b1e67e6e65bef967748eeb"
2022-09-26 19:31:34,739 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _33f9922df1b1e67e6e65bef967748eeb and Element was [saml2:Assertion: null]
2022-09-26 19:31:34,739 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_33f9922df1b1e67e6e65bef967748eeb"
2022-09-26 19:31:34,739 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _33f9922df1b1e67e6e65bef967748eeb and Element was [saml2:Assertion: null]
2022-09-26 19:31:34,742 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_212c6b63ac5e4ddd9eaf3867a696982b"
    InResponseTo="id-d1f51d2bfbe85cde197e546a347d624ef059aee4"
    IssueInstant="2022-09-26T19:31:34.733Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_33f9922df1b1e67e6e65bef967748eeb"
        IssueInstant="2022-09-26T19:31:34.733Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_33f9922df1b1e67e6e65bef967748eeb">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>ARiX8e/AJP3UZRMldsOPbDrxvaPKMpOfWjYCTf7C5aM=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>GQs7eGA2Cg6gV8QoG8t/9G3pNGrCQ2UskG35c1Uf6FcaDNXZED195uB7Zmj1PBSQ9RtymTqd23G5MZ0lG1WJmhhUC/9omI+Tt3ohbtUc/WGMTS4Humpszm8Tc8IKGexB9p0ukBM3MnMRuDnpHD1VhkQFBwhM5bSjJKJSQW5EPyoXXFWZjtvaowo8VGE0Nh/G1JlIAAdSWcSFjVifo0RczyW4PFVBWfk2PtrtC530kRksBSB+C1f9I4/vLg0GR9FfTyQVVFxKfyoR/dODevRAGQzn+BoltTxXr0WAo0UCgJhZRNRkzrnolNk99haUQIF6aE2WMVh/2c9SWjmipI3p5w==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="http://localhost:8080" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxi8CKplX3teBQsDYBR4OP6IZTcLeGySJbVxmU03LokPnxv6vLj0MJucPAXwzN7//T2s/sf1v0enQT8BELWdn8TRUraddhBJ3Ef1U/AltZ2kQebcLtTUaNVw==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="136.49.216.210"
                    InResponseTo="id-d1f51d2bfbe85cde197e546a347d624ef059aee4"
                    NotOnOrAfter="2022-09-26T19:36:34.736Z" Recipient="http://localhost:8080/saml/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:31:34.733Z" NotOnOrAfter="2022-09-26T19:36:34.733Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>http://localhost:8080</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:24:06.731Z" SessionIndex="_163f41105f0df52e4722539f66305baf">
            <saml2:SubjectLocality Address="136.49.216.210"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:31:34,743 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://localhost:8080/saml/acs
2022-09-26 19:31:34,743 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://localhost:8080/saml/acs
2022-09-26 19:31:34,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_212c6b63ac5e4ddd9eaf3867a696982b"
2022-09-26 19:31:34,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _212c6b63ac5e4ddd9eaf3867a696982b and Element was [saml2p:Response: null]
2022-09-26 19:31:34,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_212c6b63ac5e4ddd9eaf3867a696982b"
2022-09-26 19:31:34,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _212c6b63ac5e4ddd9eaf3867a696982b and Element was [saml2p:Response: null]
2022-09-26 19:31:34,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-09-26 19:31:34,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://localhost:8080/saml/acs' with encoded value 'http&#x3a;&#x2f;&#x2f;localhost&#x3a;8080&#x2f;saml&#x2f;acs'
2022-09-26 19:31:34,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-09-26 19:31:34,748 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response Destination="http://localhost:8080/saml/acs"
    ID="_212c6b63ac5e4ddd9eaf3867a696982b"
    InResponseTo="id-d1f51d2bfbe85cde197e546a347d624ef059aee4"
    IssueInstant="2022-09-26T19:31:34.733Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_212c6b63ac5e4ddd9eaf3867a696982b">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>4i6QY6VqGbPKvv0x+FHnu3K5CVmXzvMmgGDqfmZzslY=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>PVc2QDIvgHpE4++jQ1gyIR5x4PQ42AKWLtlPkBM1X19i00soK3Vsl2qgyWQ7U1R1HDy+b2bnncrR2ad+XE7R8vf7WzNLWmQCDnrfR3F/bpJ/Xxc5K5PLziQ/0eKxh9ymWiIkmMbCrCPBP5uRgkYkzWgvI+YGQ5xBHFiHxF8kE2+h6cIs93+ORHtOgHGfda0V4M2JkCbY1OwzV/7qdVyyD5l7mTLvo27pS2fW5hLkwxAZf7Co/qQOSGy1XzrHnz8USm2ZaAA1/faXCJra0Z95YuoqMgOY1P3941rIcY92+D5ihX7TDHFhnHYBgZusKph3ad8tEidL3UgejX3otKNcbQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_a5ce668f07113a341fef05966aee094b"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_ff78f01c1b425e920856b23b8223f8d6"
                    Recipient="http://localhost:8080" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIEyjCCArICCQCmxOUH7nOF3jANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDDBxvdHRvLnNlY3Vy
aXR5LnRpYmNvY2xvdWQuY29tMB4XDTIyMDkxNjIxNDkxNVoXDTIzMDkxNjIxNDkxNVowJzElMCMG
A1UEAwwcb3R0by5zZWN1cml0eS50aWJjb2Nsb3VkLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAJ8OShVn+SieAwweDp7Jj/R9c6LfzrPkcoK0UU3Eddct6bY4jzow/ZfGAKbsQ04I
sekZnER09KZXYFB/7S5XUhxBdWGh6BYfy7L3/DeH2lkG5WOupWMKHQL+9occa/+I3Yr9J+Y2Nq5z
/5+UAMq8orpkXiKAyk96QgT1NEnZRFR37IcgS0hgVmMhfks8N7NMJol+Y8mcv+AQ/oIEP7SvJE1D
kgTWlV3ARPYkVzE9SPmi12t1xfhoRVgYmqd9NYQlwm2ZkbkKYAlsmP5JZpZfInEAZZu6SuYY1E0l
Tum6cQ29xyMW/KsCSv/vy5SLC6zDkIG8+/Sv5ZVGckewwDza+CMOic2gWVyEzPkWKb+IEsfJOloy
ox2aw89D6NLaxz3CjRFPpDVwZzgLpVdM4nQt3VnLNZ6RUPKGTBkRfjXYlkWJOeyJhkQp9OytVPaE
jkHAsh0jI7zWeDdRdhXg5/3GELDhIbRLvxxypZnMmY0t/tegPmb2tJa/6ZcHQBKGFaq8PkyOL+gH
/veQl66tiwg8NyMtvcijJOA3k/SSzl9iOwnRH065SAzJttCqsCLYg06a3pPFvPEFdshFGGS6P4vT
6fSVPpEl7oa2ESQFULp2TqD5bWKeqIsVsSp2rFrb3/30niGJCs3SKcTeUNk1LFKeS4IvK/l/109e
MFx73HNxbcCTAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJjkAzq7Q5zkZ1eSr08d22OSs0H/apUk
9yEm+gZLKUTc9o/1F5DMN2N8YdjJU5fYk7VnHEyf7HMmH4SA9YEVUYnXdw/PUMrM5EcctX7/gxfI
vHn8gyZKD+hS/Pw75cOU+4rNYGr/Py6+a9IWnNMu/FwwIcudLKnfAm1CLXP4Q2+HKQmgc4mTmzE1
hkdmHF9niqyCvRLbHrVZWNR9CUdxDa/3/zZ5cfzisN/cLqLHaL42xUDyuZqjD/V0muIfeRpBu1L6
8Fi4FCIGxoIzf5uux7Hw6/+Xkgf73g8Aox+DjPEtM2+a1QY7qIPrr2Uy9iUPmcMEqyvvL7r2SaFd
d5tLK21CXeGLDnqe/MYRC9pbUikCvn932R6ly/7wb5PYff+lBYSV2BAicRHHo/L6TSWXJ/W/+PSH
OnKdNs6ioXBHyhFjDkG9qon3/l1WQoIgTMKN9Q7kYuoUY7fEF63W07xviYUgjq8x4/cAapCRj4Nv
Nt7p69hHN+6ugKjBg/+R2eOe3D7bvB708i9Zg4bo4pX3wcM8i+c5/gbZ/tyOKPUqfyTayXI/HybE
OKssPWqCVQtMu7Vpscqv0Y9cxCexgJKBS663//ru6Txan60hifz7x0iH2skYVfxEo2j0Px6kxgca
0wUryoRYDWrtJRK1luTJVocMPhO7SaiPSf96faciYCl1</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>cKUb9Qt1tF9g+ntnqJO7+j80NbR4urhvQ02XF2fomUUYDLsKGUxnWAbFKw/pwWPTxax+yeJPyrXKPf98M9Kg1ygytCRR0x+PVbg6b6kReOVFjtNgldJej9xyrApPhAR/jKu3WOJzaG6AOV79NR+i9F9YFbYeo9FUsa+gzVElOpGFqrQvVrExj4YQobjLp2kyL/AzIAVK1SOsxoZ7+H374XHZbSVGlexGg0NwVqKnkthKIA73n4FjBHt11EvFYKhRv7LX2GviyVbGGukkyQ3Xvg1YZReb5Y0jTY3zuBXj44PoVqpDt0NmTMRCuYq7jN06SuHF8VxGc/2PmM1ESnz0Y1qV37CLqOp0K+2RPOhx8DwtsATMgjtlNr2/8UqlOTmvmIUON73sGLbrbvQX1UN01vV7ejOnuZ0k1iM+9fSOqN8DqSErl8k0OYw0omjj5OSWyaXzgqQAvxpW3Wp3O8Ea9CWZHSNcqMVe/Tt7cYg4Wej/NlxrZ/TZLtG/QxszALWHYAqsvzMCS9LIcdf00qIaYfGQQllGFiWR3+dJHoO9FqbDVP0/mfMsXF7DTVja0q595YISNKlLrf1m9W8M3JKmxYIG7yy4dDdjOKNN7pKRFKvIysZwp8JScFopR78aptbSG+zu+2JzLskpY1h9gfzkqXGdNyzTeZoSOAAjbCksOWQ=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>xPMK7DRXP01zWfMfS2PaYiyi0z6x+ELSDb1bwnorFVYi06aUEP24jer0hjP4E+Je8wEC93eexXsWBNsPHQ7Ys2NhpnsZocD1ThffKwsSg3gICNO6QNWtLkCPZ8Wpmb7otSTYY37lDFtuEczG7UzcYp9U7bRjf42ghYx1QElYkt+/vsMTEZYsz3ws4LmaAd/tgsKlx5Joo8OI1QK1rsvWIWnG/cw1rWxTgnF0T7tBu0+WdujtfuZTpathsFOWWLEC2jSR2DpvlrU9SoJrr7LYt4kfY8hdX23EP6013bI/AeZRNThi/GXnEzQPdHrkdt2nZd068Q64D4X7DFeBSO1Mv8O31psZwemChN8+toSeVN+IwYujpk/fQwq65KkwYY3ek2f0lvDhJPHD+c+vn5HFdV2uwN0bjiIN+U6iYYMODF+7NNorDBItOy/0N4fEsi5iQMcRibyd8uX3bfm0BFJTneSH3DVeZNzOcdYqPVNJMrQJmPQ4hhrB3gADTM2dm5RBo1Nf/p3DWyenSxkUPfY3Qt4LXUjt+QNO2o0v/U/iZMEKahI9s/hkppBnUMcaDrLF6bsN2NwoNMyT8hWgR+C90T2dJnTHGwPu1JD1U56HbOkSQlYilGooxwONP7l9rMFcMyBwXe1lTlGma6VSKToR2ECXkgzx6Hv0iCfGg3MqfGq5jzKiUxLfvbBHIybKijFYet75P0o0I7YwighPbtAeka883ccaAjhfyIlFUgHASK+iMxeo6Tb9xVUyT7sZEqgSPV54Wa/cM/b8uL0R/kypNuyrkn/XaJZX6AoYydN6SbNJQDKcjiVAKvCNxl8YiOhWxrNLSAtzXu5CPF/kKYXiZb4GVZmWyRkLydDLs2vEovDjpfFe8+8K1njP4lEO6EDQ05LW4hb5ElI4+VJwnhJsajFrNroCcy8qT3AfAmH3cHscJjMHv5dm6w2k3PumrYxjhYzKf97V2qD5qAKZjVkwG0lprIrtnWv8tUZUovmjUFiAmATGaDcSjrv4h0vuS322ypTPhekb74bAU2cUhJNQRGO6Wj/9IP6FWzSRGV22coFNOlA/r0RlgYTTmeM0wyBqFolhAQWe5L9eae4olT0k0yBWc5oNFVfeI92IkutX/O4OeT2eFPtvUnIasY/imhOFgn0Rhqjm6nUr31q3Nk0pqE8oO9uG7TJdYLZ6u+KLTRGldn+/wAznj+lnixt+xqWNRB/25IMeKsJETBbeA7aZzZN6x/1lUHieIQMS59qKDZR7MXQ64UsYDEqOPioEqGEpya2nRIirZW6ioovSSTaHasDJgA+EkfjOl1IiJY/2eENKhdi4IiesDq2tmfw5lRRJ6DmynS2hwGl3JItt59dSJ0Kuc/Ql5alF+gwUT19T/+2P+VN3FKgGkveiOXx0FAUFhruG/dyejC7GAggOMYyTvhpwTtJkIlD1PfHhaVD0L4o0BOLrOIoOOj9EEV1yMFSRobo8XcihmARYK5e6f6JHlPp2cSPwPRlVdvP/5Z8lHiI/imFe4TaP1nxyR2XRHjbAVge5rQioizE104uiY16mHQBCLZUcAJq9urwZa84QzxIhHeBZbyviGKjXVIHuR98rsKze79VfXqxYo5zWre1bq+6zz38WPqur8eF+7eXkc4SVG3SB1B6igogk0H7HSVsB/UiqOZZnhsDGQr51479TvEN3w63j8kFyMmySXOIDpf/QrawJ4QJNANOFsLCKILrEK86Sa/LxeRj87tr9KYTog4iopEPA2UcuZYH5P5hHHfaayD6iUhCVyumfshJOLLTLkr6gr37WmZlAjadvLB2MUtck8Dy6IQWBewxAFiq7xGe8EPbQjBiDW7jINYsFu2MCdpWrLzkhVVCh05rTZ6E+SoEbg0vArjfmGUK4Gvu44cXuAXN2AQKl1kp/ln6OJE5j8iBGq2NTQO+8WiJXxNh+J0jUSzoJJ4+Cd9oaw7KDN5y5f8QxEi9IylH4NZJnMONm1FbD3J0jolxzuSi8B60C6WbVSH+8apBk1aN/iaLxudxuOx/zNwTxnKzj6+xhJBj5uaHaDlUSQzVSUGijmRWIGaoTfpHcrb1Xv5oIJf2ibNmwbW69U02jiR54rcvec3DIu1voiCptB+yHTCYAuZabD072amE4Ra7XoBQoSMzh9TcG9Lp1zgFGJqGOuaS1+HRPC6fy/MpUsvLiwY7j9AOBd3zDk/byr3/bXN2YjDv16krtgWef4dQI4LJu/K5w1C8joDA11FmJ7oWntD+av6i1OTuS1A8RkoK139F5CCYKPCyJ/rKNa7s0Nhd4x9Bcc5DosBrf6PpQVLnpGD89f+oJw6PbGeIIkN1cs0VTdJvxqBPKpgGj+Q/NE+dyWurimvoJ7xEADAk2bPTgFggGdY/FqMrtQEPf/x4l4poOszFd4WtkJtR85hiBOdWNHXbSJ5fFgsrN22YeA5p0pfecjMj+YFUAKanjhsFLbL7HFspHhe7dUb/3gcEyE1nDxyGIxRKA11X3y4UjRIiIJf09YR5luJYvc4RaOo8DcgPvHEPi5RUG0E59kFq38O4fqG+6kvFXicQ1On3vcZx2ndUR+0tq0bmeqJ7mZxb+hwgtl1ZQHl3rJe3iMz0ir2+PLte3IqYb8KMKDcNEoV+DkrsYMqzX/qZe3uqkZ63CpQp3zBbxamV4oCccz898Phd2pYRNyZvcQRIg0vQFxzAn93ES3J4YOOXJzy6xOebJ1bzkcAcFjuV8W7q74chtqet3TBLBmGdS1pIZn0zDt70HoBW9J7C58iKBm4BiCMLcFNlp+H4B5LHmh4cpFGf+OuqhxfoZ6YqJ3gN77Mihi9OwkvStg9bvs8Y7vJ3ZisvpQCAHHl1R/juBJ1qkqf0GONeTnvopukY4Woyu7Ea/mjYwq6wLKg3fav3N4EarWrh1eb9w1VCJX8h2edW9xjyjjSYJwIjAA+1DFxnC8XQr9Kr8vuCu3IhQK0L//RjDg4ci/O7cAeb1O7uwdJ/Cjv4+SIE1LkeTVesf8ZBH95vFAbFqdokAclQ8AoJRqu4Qobmsm/+KEEPRkrdQCby60rywkkLvrKVmzgvLEEaMaUktJwheubqqDnCuMHUOIR3fgGN7uBHUfbJjYM9PtmT+2FyJEYLDzdj8txN5GzF9ITAj5ttdEZwDQbylFrcwVnF8XAoysdf9gC7Wk48idnN9VniwecF02XBlziNGQ6i4fgMAm6dDpeGwfQi6r49UUvh3x89E+gfLDOk+CLHREu43YijT/z/oZVKafV6mPqm0pDcHMMrI4ADrEC9bWkY1nhisodB6um1zVyUKQI+NklRYZMBAPl7SQpZWkT/cHhjRCD2Y0XH7uxSguyHj8lp6uWvaJZUcXDbNCz0l29WItQhovT5SyS4Br6vWGlyoEwd8I9EsoK61Ux7AVYk7XYlWeyq7amEyMqw9ojo8kQaedgAyBmzxHgQX1LJDRvl3tW+KyLy7Di/cftDDjTA+2McNiW8ddFa+js2Y3i9rJSEj81KzUbC8/mdOiloNBoOH4TK9UTz4bObfMhtHsqi2F0QmEx7kLvl3C1cNutXgQ+nAOfZ9TNocemawZviHPOsn+nNfgX6NzN90WOp1iYZv97nl3d6pydDXuC046E1lTEjkLBoW7s/ah5ID/NoFr7QJgnF+rSi1gpwEE41PkskGZx4ZIlqVqOGy5STtBRK5fT4sIVChoqmHlZT85fPv34OB3MzHUOc/JWwNOkk74aNt/YE9ZfaWMowSM2/cFhgLuodxrLYxXR7uImLyUexnwT/azIoiZhR423NhVgUYo3ymoSP+hARPfW9FZqkDg0khi0Y4/Ir84JqocOa5kVNCmwbq/V4Zap6d4ERhchQygGqPDZ5Soap/r1k2/64gW8AC/NNaN3pNgcNJsIJIZ5vQRg19vSp25ELWVZceWlQW3wMIfz+MQt1ShaClBkgyFoZF64Duj60Wdjd1ZULzlY/71+HEXee8oFJe6An5muDry4n/YLNpFrcuAQPNrdIfw1+bbbN5FcJloatRQuUIsUBVaTCaFjCC7Lrk/kqNlz/BrFj7j3W7DHbfEeaa4pP1VjkGTrydMhVs1MipLtIv5ILFQJQlnNC9mJTe5Qd6gslXxmWe6uAkVuip5cDFSUz658oTSjVn359KNEpOJB+eAJcg50X+fGpbV2ceirGLr/vrqmavDeJgx3sUkOy0kipBLml3RyUMtppxjpHxbAxANBTP5+4NDvB4L4uM21nTG46rPLn0jZaBBeNffr/JVpwxTgeoDVmof1K5IEEiIPCIAYuNP7AqltntOOGPcsDKBskQRV23eucES5gY8nxLHzGLgfjizzLsbfd1G85E8qyXH5ikLPSxxskIDEoDM1Zo/0RSAwk372FuNyXoHKG74j6AN1ZPw75zYeYJfa9qaA+Agp6RA/iL99f4ShPEqH+o2i1K+zJ09cNtFeuTqiRj3kPAK/t+HuooO0p66XGpltcTUfQ9xP/s2jU2/9gxZidMPYH14+0bNmvzeNkyqRB64i8Cj/sMeXDSmV6wmTnddhWzkOzSoSBldBWUJ7BL/06eps+ev2h3NtkPY8jjU4bOrebspqeQdDAZdKxNlAm+QYRaVU/gWut2VTqJ+W1W52DvvsdO1WKgyqFRm5hOm5kOLG5L/bxgmVEjzyY17McFL4IJCJkOMwI/ibdDiydgNFIVDporuwECPZjnR1bYCplgaMZnv+pH0IoMfEn2MOQbvFPXas0tBfkQ3v0eiPAs+sYSMAkKw6j8Z2tWNAXkvnza+QZVL84KkNAOPjNChj0dGIVTXRwtkJGQdIPTPuoevbcSMj04qACtuciINYhX4J4Q4cAnaObV5eKeNxpOwWvlmEjl9xggFpHLa0Udfkil0RkhZ97JInAs6zMgwW4VS9qQsbNI5Vk4d2PSa+lblv6+XZu5aDN+CBZqtZJw9ZQbCFAlDt0x5/2d3qu3LLRfnAUlfKPHI4GrX4SikZsdwKKa0HaWCKwedaNWo0AddseEyn3Fg5vBOocI8QEhHdKhWXC+2IQUW58CzJkzBw9IMBXmeKgJVtx+UEfviRq05MYGjmiXZYJS3yOKtn0O11Vbr1k+qbJGLy+lDq3FqgAizPVLJMbazAvJcn30S8HgkFD7mA6KRqGZCC4fQLxhxKmp1vsKsPu6/cl7v8HAmnwatVwDlqX+0LSiMIOSyRU6Dj3lKRHgehlrE5fcd3mO6YR9I5qjzLWFwtQNsEkzUewbLDAdT8JHnCYU3EaNwkku3anmcnJ2m6wz8VyEObFhlTjPZ/aMhvStdiksZAS/Ht0o9bJzneHjWfzrp1hpTR3yPpsRVIUhTjUnVLeA7dj8msbqqv7eGW7DOHZkw+CZOYytOpKaQF7jp/purb3YFMxEhw5GFCJDbyn+dJEmedQtNVU3ahLARTFJbz7aeBJ27qBticIFEFWY5Bjkiu71jRhb97AFftsWv46JbyBI8nOng7e5rbHhDgo7RPwo6XPtF72Dchqm568vpgckOAxHpdKIrtWKQV0W7uiAItal3bQ4evPL1KaJ+AlCV/dj+FjSGU3Ta+7xMaDOB6XzJ5Uy3luFL0ZSZwmMuNamgL9UkGbmOFiHYWJ4JlOKOxAxUBDoDjp1m3G4xhMFM0BITfpbyOws0AnWE9BKRt7b0INZRS/kLbXIokF12OG4GuPkdXVHFp9fANQ368urHlhXgNQ1x6t1YfeFSXbzG7WBN4tXNiIPU5S83BIPUavTg/n6FD5lqE4E5C5afetpLHYvYsH3fpIMLdfhZ9Q6GkFrw6k6qppDefEFPMV7igJuA+3fiYnOl4Vxq0Myvsf+dJqFVXjTfDdKYMMxUX5KaEPW3/bzuuojaSbeFoGuu6oXVpZvu6ZHAGgc/AZYQC+2fgc9AzYKBS8gzCo8zVPcs5+FrcI+SPtJddAw8QwlDDhXLzfys1qjs1LM5rCqI1c7sChJLbNkhJHTgYdWGwfADy7dUjRtYvoxxthhVeV8VUNVpLDptTUGW7YSRqkFuiHy04U628zgxV/i9Fu8GZjgnzzBKEO5GhtVevrxnNA7LVvxrXYk5T31Mqm7h04qaZrQfO6Qd2tTHEuvEahFaatJWr3LBWw6UJh5Sst8mFXbgazOqxPH5FucacwtOlJEFzfufEPr06w1LzKD6iBWBk/xEVwXQDLaxHRFLo+sk8rn82QP0OwETmFYYYa+DhWSglpZQ8iiy0BBlBgZiVkNFGE/46bnOWOE+nVlaHRYL/BB/y98LD7yw12z1a4CAAHqve61IeW/hZMVvaXcNcK5rhSX0r8CCtpyYFpAJfU70SPeRosHn/GvY631R4UG7OeoJMluPiAdqaFziAOxlPqW2tK99bxu9q88YmQtTJLAZFftbWnbIRqvfIfyn6Nb26YMJ5xee9DPPKhcFKyzOzUZE7FRnHftyhCo6mKiWdK7tiRrxZCrWXiGDmz7BB0sJnNHjPK2SKhMAuGEc0c3F6egpfW/OCj9ihxw7x2ZOqXuaKHvK7W4mQvZvNSsuTK0ux+6ffYeOFdzjuNnNoUj7G2rk4KfK2LkK3O//fa7OxyI2b64KHDw7mxJpngtpB7GRO3stl+vmiFhFNgaGWr8sC+P8rgi490QkHEbkd/zA8VanUQ5tdCXWOqMUaLB6fliGx1W8zQ8Ss17XDJdFrVeDbvKKXU1nt9sc9UcWoMeaKH6U5DLzUkBNpRGqhMh4nFHpAHbbYpVmjX4KKiMjevJPN1Q8Qi9LxopCwr4GkFu/OzmNT50iXVeRnrEQKSeEq/MxN5HZPykJd0CZjwyZooWDPbJsxymFWVYh/jwkF4Yjh+p9vmg1m+l7AfS4ouRALj5U0Sbtw+k4i0WI4pjc6MiacdOM7vj00o3+lwctiFKrWbpWqS9KE105VvSYJgl8OpUtlwyBGJGirTsHqeJawAGwroFfNBC9aePmkC2nL6+AEx6OGQ6CJU5j+XJA+7Tu7aZ7hy7VttZUhDPg7F43rH0hgD6l7cpj2xcaPo5NtMZRbKFXpzv2Ov1MU5/imPWjucJviMfHUez6V9QbqpLF5RgEcxBSD5eQBwruktTImD+xgUi6s0Nlk3XgV6o99e8bXMBZGRDzXRYsL9VhLF/4XWFOnyuAvo5RetsDuhDsD6iWFm19wCQgArCYzyVa1A3OKZ7vd42qFoTz0AuTe8jyhsvvTSy7TFcqbaH3LZR+lq4696y4rKfKy5odwKMreHeBArcy+LZnDkSi399fOVhz0Mk0fWgtBIQr2IkxYNn++SzhXu9OSDlpY6txwXJ0c6YfOYjfUn2L6IHw0Xv6fPoHQ4txsc0LTzVsomH1+7fImIIaHPDaPouHzU/MRl8/N2rU1ry4kKQ5NJB+zI1eXcZ8m/CTQgZIHS4Vjj0HZp2Fij7oN9TVdLjh+2Sttfetao+6vBeslGKezkJxueEokIVAkjM2iJpl943WbxVAYFmDrQPsBY6tMsD7ojF7SYJ+EJ0jJlsFB2yb/cSmgirrUsI4fP7RdJporriMSd7Xfx3YqgqnkNHx0M3W2MZ56Op6Vok1fXm5ITIMUX9A7Um7wGMbSxP3ImX6pE7J3GOnnAE3e31ADuhATRAJWqQD2jtA0qDTqLo0A7uWctZm7efUYoK1pdROJP8rsoAN6Xedo679/z0xVtpxPN2X0Y+aVvSayNx1S28EWfAUCB6R6Gc2yhQ8guI5TnkV0FvVO3sRRR/WS0b1nXtqJo/EVyjh/+X6eZ8zDy0D3VnZmBoVsPVy3/ne+SZFdWAXTyDop+O3nr9VurIxouROB9BNQY8pnXGsMzOVrgD4G0lqqjq+yAERldRDQ/YZ07VPe6DJHTK1hsx5M3GbELA2YlCMWOFWi6odKIGs4NyuA9xVOFzcLx+XNbTOY4nHEGpmrf6KTVM+sWLG/NLEXxsbLp+jbDe1T4ks7+FmnAwQ5GEHmGrP6ILGqEEZ4DBoAo9i3DkCZ0At5JQo8yNn04DACNNC0RySxs2bzUL6zmoSw2h8OlUVQrKH8fXYUmIHbOYywRDcvZ8dtkWXt9piGu1p/0D6mcA29V4EBUhr0zdt/l4LE2daPsOCok5/NzpvPghp0BSfjDnq9ZdR+takkM6+IAM32ipJ5iHO/KyO2NaiEyliuw0rkENPJScD32tcaov7SBLL0nUfAG8g+r9kBB5h8nn2zCo1B2KS8opIW4yfDxkMPQ2RaMwqi4eVsqL6zx9/hAdrduDsBUbBVPJmOxKj4xtvMwfZJzZrSI=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-09-26 19:31:34,748 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-09-26 19:31:34,748 - INFO [Shibboleth-Audit.SSO:?] - 20220926T193134Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|id-d1f51d2bfbe85cde197e546a347d624ef059aee4|http://localhost:8080|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_212c6b63ac5e4ddd9eaf3867a696982b|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxi8CKplX3teBQsDYBR4OP6IZTcLeGySJbVxmU03LokPnxv6vLj0MJucPAXwzN7//T2s/sf1v0enQT8BELWdn8TRUraddhBJ3Ef1U/AltZ2kQebcLtTUaNVw==|_33f9922df1b1e67e6e65bef967748eeb|
2022-09-26 19:31:59,949 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-09-26 19:31:59,949 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-09-26 19:31:59,949 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-09-26 19:31:59,949 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost:8080/saml/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-c3cace2b7630b76e04a980935ce9037a5b8365b9"
    IssueInstant="2022-09-26T19:31:59.537Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8080</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-09-26 19:31:59,957 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://localhost:8080' from origin source
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-09-26 19:31:59,957 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-09-26 19:31:59,957 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://localhost:8080
2022-09-26 19:31:59,958 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:59,958 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-09-26 19:31:59,958 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:31:59,958 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-09-26 19:31:59,958 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-09-26 19:31:59,958 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-c3cace2b7630b76e04a980935ce9037a5b8365b9', issue instant '2022-09-26T19:31:59.537Z', entityID 'http://localhost:8080'
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=nJJBj9MwEIX%2FiuV7am9C2sbaRCpbISotbNUUDtwcZ5aO5NjBMwH236Omi1Qk1MNe7XnfvGe%2Fe7KDH81m4lM4wI8JiMXvwQcy54taTimYaAnJBDsAGXam3Xx6NPlCG0sEiTEGeSUZb2vGFDm66KXYbWuJfeYKZx3k3WpZ6G61BP3OVmtdFaWDShcrW3brYll2lRRfIRHGUMt8oaXYEU2wC8Q2cC1zneeZrrJ8ebyrTHFnympRFqtvUmyBGIPlWXliHskodTbKQLzAXmE%2FqjHFZ%2FSgzjZzdYAeEzhWbfskxeZvyocYaBogtZB%2BooMvh8cL0Cjlo7P%2BFInNWq%2F1jFfWkRT717jvMfQYvt9%2Bm%2B4yRObj8bjP9k%2FtUTbz%2F5g5bBIfYhos34acT7DPnudRA4GRX2TzX5%2F36grevDbhsx1gt91Hj%2B7lDQs52UAIgaXYeB9%2FPSSwDLXkNIFUzWXlv31r%2FgQAAP%2F%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=BWRiLCahSwjEfkxFQxdg51fvIlFGdzSikFfiS9sYgihGdRVd9ZlJXq6h4xD%2BoA%2B2wG%2BedDUtvKLOsxLWwrcmlIU%2Fp85VLFrtnRwEUfn0yPmJ7Za9bKtqz3ZKgeVLVPlY9FY5%2B91cbfPpR0csF8zFcB1ZK1vMywhm6VM0g9jGJrMEUYdbqANv%2BAWTohIn%2FIYdoXJ2hrY%2BhNevU39n3tEOgUJMTWZY0D0WZLrw%2Bhkamgs%2Fqap0w9VkfE5fqYldsEbAsieUpUGUw8ezzVQagrloTFjNP9RpkRGVRWcZQjgfACHofNv9O0STh2aQY19jYcZaL7XBfsRRzH2Iyp8RJSBLWLLb1dQ%2By5fjLOKkoY6oyfTjU9zWzg9m%2BHXxw2LhVhZbgc4Cn88aTwd%2B1YEAQi5UiwK80JafOOLhMtpkw5j%2FVZiybD7JDyymXwhkHozniZx3q5HM%2B78VUixhRZyHuVHNCNhWWjR%2BBYVGtAX2%2BJ4rU5wMTwzipjWWTuKB0GhFAoQ5FmgD2extNCHPmoGCyslNTQ5b1t8PjhtniCyNtW7K69yxB1s0ydC2V%2BUrM00Ad85z2JXOCrlXHzQV0ZCrWiTjDpafjzzNjFesNQIfn99nyy%2BfG%2BWTe66sVLSqf%2FY%2BPFcZEcxsAlDHiTN8SGG2tPRWrbTTLKtRlqVTBJbtZUC0qMQ%3D
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=nJJBj9MwEIX%2FiuV7am9C2sbaRCpbISotbNUUDtwcZ5aO5NjBMwH236Omi1Qk1MNe7XnfvGe%2Fe7KDH81m4lM4wI8JiMXvwQcy54taTimYaAnJBDsAGXam3Xx6NPlCG0sEiTEGeSUZb2vGFDm66KXYbWuJfeYKZx3k3WpZ6G61BP3OVmtdFaWDShcrW3brYll2lRRfIRHGUMt8oaXYEU2wC8Q2cC1zneeZrrJ8ebyrTHFnympRFqtvUmyBGIPlWXliHskodTbKQLzAXmE%2FqjHFZ%2FSgzjZzdYAeEzhWbfskxeZvyocYaBogtZB%2BooMvh8cL0Cjlo7P%2BFInNWq%2F1jFfWkRT717jvMfQYvt9%2Bm%2B4yRObj8bjP9k%2FtUTbz%2F5g5bBIfYhos34acT7DPnudRA4GRX2TzX5%2F36grevDbhsx1gt91Hj%2B7lDQs52UAIgaXYeB9%2FPSSwDLXkNIFUzWXlv31r%2FgQAAP%2F%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://localhost:8080
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://localhost:8080, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://localhost:8080' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-09-26 19:31:59,959 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://localhost:8080
2022-09-26 19:31:59,960 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-09-26 19:31:59,960 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-09-26 19:31:59,960 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost:8080/saml/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-09-26 19:31:59,960 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-09-26 19:31:59,960 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:31:59,961 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-09-26 19:31:59,961 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-09-26 19:31:59,961 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-09-26 19:31:59,961 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-09-26 19:31:59,961 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-09-26 19:31:59,961 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://localhost:8080
2022-09-26 19:31:59,961 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-09-26 19:31:59,961 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes128-cbc
2022-09-26 19:31:59,961 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
2022-09-26 19:31:59,961 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-09-26 19:31:59,966 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-09-26 19:31:59,966 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-09-26T19:31:59.966Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-09-26 19:31:59,966 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-09-26 19:31:59,967 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-09-26 19:31:59,967 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,967 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Updating expiration of master record for session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92 to 2022-09-26T20:31:59.967Z
2022-09-26 19:31:59,967 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading AuthenticationResult for flow authn/Password in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,967 - DEBUG [net.shibboleth.idp.session.impl.ExtractActiveAuthenticationResults:?] - Profile Action ExtractActiveAuthenticationResults: Authentication result authn/Password is active, copying from session
2022-09-26 19:31:59,968 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-09-26 19:31:59,968 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-09-26 19:31:59,968 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:59,968 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-09-26 19:31:59,968 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Reusing active result authn/Password
2022-09-26 19:31:59,974 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name established from session as 'rick'
2022-09-26 19:31:59,974 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-09-26 19:31:59,974 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Updating activity time on reused AuthenticationResult for flow authn/Password in existing session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,975 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-09-26 19:31:59,976 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-09-26 19:31:59,977 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@3606c95d'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:http://localhost:8080'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@f76ae01' with context 'intercept/attribute-release' and key 'rick:http://localhost:8080'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:http://localhost:8080' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1695756250757' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-09-26 19:31:59,978 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-09-26 19:31:59,979 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-09-26 19:31:59,979 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@3606c95d'
2022-09-26 19:31:59,979 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-09-26 19:31:59,979 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-09-26 19:31:59,980 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-09-26 19:31:59,981 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-09-26 19:31:59,981 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _dbe5415eb9d4da51788e4677c4134daf
2022-09-26 19:31:59,981 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _dbe5415eb9d4da51788e4677c4134daf to Response _1456065c785485a21142ae7c4c30adfa
2022-09-26 19:31:59,981 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _dbe5415eb9d4da51788e4677c4134daf
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-09-26 19:31:59,982 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQx6MGU/F4EjMDVReeGkrQl+75DkxAbEtDkJfDq04ftLgxwVHnDNrKMkeATux4NtDvDXAF6R6WstbxYwUqWfgqs9u1lw5ztjaonqJTwdGIA1uzoZekyEfNNew== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 136.49.216.210
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-c3cace2b7630b76e04a980935ce9037a5b8365b9
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://localhost:8080/saml/acs
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _dbe5415eb9d4da51788e4677c4134daf
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _dbe5415eb9d4da51788e4677c4134daf did not already contain Conditions, one was added
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-09-26T19:36:59.979Z, to Assertion _dbe5415eb9d4da51788e4677c4134daf
2022-09-26 19:31:59,983 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _dbe5415eb9d4da51788e4677c4134daf already contained Conditions, nothing was done
2022-09-26 19:31:59,984 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-09-26 19:31:59,984 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _dbe5415eb9d4da51788e4677c4134daf already contained Conditions, nothing was done
2022-09-26 19:31:59,984 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-09-26 19:31:59,984 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding http://localhost:8080 as an Audience of the AudienceRestriction
2022-09-26 19:31:59,984 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _dbe5415eb9d4da51788e4677c4134daf
2022-09-26 19:31:59,985 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party http://localhost:8080 to existing session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,985 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service http://localhost:8080 in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,985 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service http://localhost:8080 in session 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.AbstractIdPSession:?] - IdPSession 6b405388c6379affc8aef07d7bf9ac536abf2de89a8c89f1ee28e7ecb5af3d92: replaced old SPSession for service http://localhost:8080
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Removing secondary index for service ID http://localhost:8080 and key AAdzZWNyZXQxi8CKplX3teBQsDYBR4OP6IZTcLeGySJbVxmU03LokPnxv6vLj0MJucPAXwzN7//T2s/sf1v0enQT8BELWdn8TRUraddhBJ3Ef1U/AltZ2kQebcLtTUaNVw==
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID http://localhost:8080 and key AAdzZWNyZXQx6MGU/F4EjMDVReeGkrQl+75DkxAbEtDkJfDq04ftLgxwVHnDNrKMkeATux4NtDvDXAF6R6WstbxYwUqWfgqs9u1lw5ztjaonqJTwdGIA1uzoZekyEfNNew==
2022-09-26 19:31:59,986 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Older SPSession for relying party http://localhost:8080 was replaced
2022-09-26 19:31:59,986 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-09-26 19:31:59,986 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-09-26 19:31:59,987 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_dbe5415eb9d4da51788e4677c4134daf"
2022-09-26 19:31:59,987 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _dbe5415eb9d4da51788e4677c4134daf and Element was [saml2:Assertion: null]
2022-09-26 19:31:59,987 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_dbe5415eb9d4da51788e4677c4134daf"
2022-09-26 19:31:59,987 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _dbe5415eb9d4da51788e4677c4134daf and Element was [saml2:Assertion: null]
2022-09-26 19:31:59,989 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_1456065c785485a21142ae7c4c30adfa"
    InResponseTo="id-c3cace2b7630b76e04a980935ce9037a5b8365b9"
    IssueInstant="2022-09-26T19:31:59.979Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_dbe5415eb9d4da51788e4677c4134daf"
        IssueInstant="2022-09-26T19:31:59.979Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_dbe5415eb9d4da51788e4677c4134daf">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>jVr29IqnR9P8K+ZGYacmE8fNpTCvhoBFdDwe/7ccy3s=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>cNzE4Mjzw/MTJbnFIciIECsGwyvWlFTZyGinIu/R9jO6y2rRf1kQ0JRSH6JjOg2uBOT94nKHCHOaLvXODTsm21ZY0OJguY+bW4RNbpVrT47idU5kW0PQDOo68R1lljMgLeX0kc5Cc3ZZuQY05PHyPEgyzJtvSFohTWTtPj4AbHGGLEnoLpK7fWrBFUZp+zH5Ff+685O5aAafUY3bbEAAQuO8S4ZW5ROfga43d1yOxrV0WNnblxV72Ngr2mmmIBpr4sFs+xni6YyV/84zteEyyRUaTxEHRqyRvYCXl/c3NGxhUSQAOnuX/lTplL4oFEfKX4hyysgc+aqPD6VhwX2k4Q==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="http://localhost:8080" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQx6MGU/F4EjMDVReeGkrQl+75DkxAbEtDkJfDq04ftLgxwVHnDNrKMkeATux4NtDvDXAF6R6WstbxYwUqWfgqs9u1lw5ztjaonqJTwdGIA1uzoZekyEfNNew==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="136.49.216.210"
                    InResponseTo="id-c3cace2b7630b76e04a980935ce9037a5b8365b9"
                    NotOnOrAfter="2022-09-26T19:36:59.983Z" Recipient="http://localhost:8080/saml/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-09-26T19:31:59.979Z" NotOnOrAfter="2022-09-26T19:36:59.979Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>http://localhost:8080</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-09-26T19:24:06.731Z" SessionIndex="_4802472b886807aa7bca380af4cb8bb1">
            <saml2:SubjectLocality Address="136.49.216.210"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-09-26 19:31:59,991 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDes