2022-12-04 09:02:52,450 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: SSOT_1867036839
2022-12-04 09:02:52,450 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:02:52,451 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:02:52,452 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<urn:AuthnRequest
    AssertionConsumerServiceURL="https://journals.sagepub.com/action/saml2post"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_5114238572886124239" IssueInstant="2022-12-04T09:02:50.619Z"
    Version="2.0" xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol">
    <urn1:Issuer xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion">https://journals.sagepub.com/shibboleth</urn1:Issuer>
    <urn:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</urn:AuthnRequest>

2022-12-04 09:02:52,467 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://journals.sagepub.com/shibboleth' from origin source
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:02:52,467 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:02:52,468 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://journals.sagepub.com/shibboleth
2022-12-04 09:02:52,468 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_5114238572886124239', issue instant '2022-12-04T09:02:50.619Z', entityID 'https://journals.sagepub.com/shibboleth'
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://journals.sagepub.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:02:52,469 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:02:52,470 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:02:52,470 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:02:52,470 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:02:52,470 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:02:52,470 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:02:52,470 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:02:52,471 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:02:52,471 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post' not permitted by input criteria
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://journals.sagepub.com/action/saml2post using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:02:52,471 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:02:52,471 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:02:52,472 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:02:52,472 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:02:52,472 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:02:52,472 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:02:52,472 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:02:52,472 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://journals.sagepub.com/shibboleth
2022-12-04 09:02:52,472 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:02:52,472 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:02:52,472 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:02:52,472 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:02:52,482 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:02:52,484 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:02:52.484Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:02:52,484 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:02:52,485 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:02:52,485 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:02:52,486 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:02:52,824 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from UIInfo 'SAGE Publishing'
2022-12-04 09:02:52,824 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:03:18,342 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: SSOT_1867036839
2022-12-04 09:03:18,342 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:03:18,343 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:03:18,343 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<urn:AuthnRequest
    AssertionConsumerServiceURL="https://journals.sagepub.com/action/saml2post"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_5114238572886124239" IssueInstant="2022-12-04T09:02:50.619Z"
    Version="2.0" xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol">
    <urn1:Issuer xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion">https://journals.sagepub.com/shibboleth</urn1:Issuer>
    <urn:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</urn:AuthnRequest>

2022-12-04 09:03:18,356 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://journals.sagepub.com/shibboleth' from origin source
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:03:18,356 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:03:18,357 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://journals.sagepub.com/shibboleth
2022-12-04 09:03:18,359 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:03:18,359 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:03:18,360 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:03:18,360 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:03:18,360 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:03:18,360 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_5114238572886124239', issue instant '2022-12-04T09:02:50.619Z', entityID 'https://journals.sagepub.com/shibboleth'
2022-12-04 09:03:18,360 - WARN [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Replay detected of message '_5114238572886124239' from issuer 'https://journals.sagepub.com/shibboleth'
2022-12-04 09:03:18,363 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: MessageReplay
2022-12-04 09:03:18,364 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-12-04 09:03:30,032 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: SSOT_1125546774
2022-12-04 09:03:30,032 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:03:30,032 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:03:30,034 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<urn:AuthnRequest
    AssertionConsumerServiceURL="https://journals.sagepub.com/action/saml2post"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_-6832348264589463397" IssueInstant="2022-12-04T09:03:29.204Z"
    Version="2.0" xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol">
    <urn1:Issuer xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion">https://journals.sagepub.com/shibboleth</urn1:Issuer>
    <urn:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</urn:AuthnRequest>

2022-12-04 09:03:30,044 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:03:30,044 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:03:30,044 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:03:30,044 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:03:30,044 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:03:30,045 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:03:30,045 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:03:30,045 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://journals.sagepub.com/shibboleth
2022-12-04 09:03:30,046 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_-6832348264589463397', issue instant '2022-12-04T09:03:29.204Z', entityID 'https://journals.sagepub.com/shibboleth'
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://journals.sagepub.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:03:30,046 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:03:30,047 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:03:30,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:03:30,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:03:30,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:03:30,047 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post' not permitted by input criteria
2022-12-04 09:03:30,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://journals.sagepub.com/action/saml2post using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:03:30,048 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:03:30,048 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:03:30,048 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:03:30,048 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:03:30,048 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:03:30,048 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:03:30,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:03:30,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:03:30,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:03:30,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:03:30,049 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://journals.sagepub.com/shibboleth
2022-12-04 09:03:30,049 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:03:30,049 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:03:30,049 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:03:30,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:03:30,054 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:03:30,055 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:03:30.055Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:03:30,055 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:03:30,056 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:03:30,057 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:03:30,279 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from UIInfo 'SAGE Publishing'
2022-12-04 09:03:30,279 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:03:38,225 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: /
2022-12-04 09:03:38,225 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:03:38,226 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:03:38,226 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://samltest.democenter.es/saml2/origami/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="ONELOGIN_49b5657dd42e716c21d1848d325a76cb4b730c76"
    IssueInstant="2022-12-04T09:03:37Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="Overlap" Version="2.0"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
        xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://samltest.democenter.es/saml2/origami/metadata</saml:Issuer>
    <samlp:NameIDPolicy
        AllowCreate="true"
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
    <samlp:RequestedAuthnContext Comparison="exact">
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
    </samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

2022-12-04 09:03:38,227 - WARN [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Metadata with ID 'https://samltest.democenter.es/saml2/origami/metadata' currently live is expired or otherwise invalid
2022-12-04 09:03:38,246 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://samltest.democenter.es/saml2/origami/metadata' from origin source
2022-12-04 09:03:38,246 - DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver:?] - Metadata Resolver FilesystemMetadataResolver SAMLtest: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=https://samltest.democenter.es/saml2/origami/metadata]
2022-12-04 09:03:38,246 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved no EntityDescriptors via underlying MetadataResolver, returning empty collection
2022-12-04 09:03:38,246 - INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  No metadata returned for https://samltest.democenter.es/saml2/origami/metadata in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol
2022-12-04 09:03:38,247 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No metadata context found, nothing to do
2022-12-04 09:03:38,247 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://samltest.democenter.es/saml2/origami/metadata
2022-12-04 09:03:38,247 - WARN [net.shibboleth.idp.profile.impl.SelectProfileConfiguration:?] - Profile Action SelectProfileConfiguration: Profile http://shibboleth.net/ns/profiles/saml2/sso/browser is not available for RP configuration shibboleth.UnverifiedRelyingParty (RPID https://samltest.democenter.es/saml2/origami/metadata)
2022-12-04 09:03:38,247 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: InvalidProfileConfiguration
2022-12-04 09:03:38,248 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-12-04 09:04:09,733 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: {"type":"pdl"}
2022-12-04 09:04:09,733 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:04:09,733 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:04:09,733 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ForceAuthn="true" ID="_d78a0aa6-c946-4077-91e5-e8c92ae2b47a"
    IssueInstant="2022-12-04T09:04:09.194Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
</samlp:AuthnRequest>

2022-12-04 09:04:09,739 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml' from origin source
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:04:09,740 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:04:09,740 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml
2022-12-04 09:04:09,740 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_d78a0aa6-c946-4077-91e5-e8c92ae2b47a', issue instant '2022-12-04T09:04:09.194Z', entityID 'https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml'
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml' does not require AuthnRequests to be signed
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:04:09,741 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:04:09,742 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:04:09,742 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:04:09,742 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:04:09,743 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:04:09,743 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml
2022-12-04 09:04:09,743 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-12-04 09:04:09,743 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-12-04 09:04:09,746 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:04:09,747 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:04:09.747Z, isPassive=false, forceAuthn=true, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:04:09,747 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:04:09,747 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:04:09,747 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Retaining flow authn/Password, it supports forced authentication
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Forced authentication requested, selecting an inactive flow
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:04:09,748 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:04:09,833 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'api.dev.simcapture-dev.com'
2022-12-04 09:04:09,833 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:04:09,833 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:04:14,496 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-12-04 09:04:14,496 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:04:14,496 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@88685085::identifier=rick, context=org.apache.velocity.VelocityContext@33ba30de]
2022-12-04 09:04:14,505 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@88685085::identifier=rick, context=org.apache.velocity.VelocityContext@33ba30de]
2022-12-04 09:04:14,506 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:04:14,506 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:04:14,506 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:04:14,506 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 5d4345250b77e2bdc76646d2054694c60b08de494be892bc4bd46765acb95289 for principal rick
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 5d4345250b77e2bdc76646d2054694c60b08de494be892bc4bd46765acb95289
2022-12-04 09:04:14,507 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:04:14,508 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@978569d'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick:https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick:https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:04:14,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-12-04 09:04:14,510 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090414Z|https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml|ClearAttributeReleaseConsent|rick|||
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:04:14,510 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'api.dev.simcapture-dev.com'
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:04:14,702 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:04:15,401 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:04:15,402 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:04:15,402 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090415Z|https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:04:15,402 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@978569d'
2022-12-04 09:04:15,402 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:15,402 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:04:15,403 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:04:15,405 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:04:15,405 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _9e3aceb29750ac25751b04de262ebf8a
2022-12-04 09:04:15,405 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _9e3aceb29750ac25751b04de262ebf8a to Response _196d2e4708be617988cea87113e0c986
2022-12-04 09:04:15,405 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _9e3aceb29750ac25751b04de262ebf8a
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:04:15,406 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Checking for source attribute mail
2022-12-04 09:04:15,407 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Generating NameID from String-valued attribute mail
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID rsanchez@samltest.id with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 20.242.29.222
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _d78a0aa6-c946-4077-91e5-e8c92ae2b47a
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _9e3aceb29750ac25751b04de262ebf8a
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _9e3aceb29750ac25751b04de262ebf8a did not already contain Conditions, one was added
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:09:15.402Z, to Assertion _9e3aceb29750ac25751b04de262ebf8a
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _9e3aceb29750ac25751b04de262ebf8a already contained Conditions, nothing was done
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _9e3aceb29750ac25751b04de262ebf8a already contained Conditions, nothing was done
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml as an Audience of the AudienceRestriction
2022-12-04 09:04:15,407 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _9e3aceb29750ac25751b04de262ebf8a
2022-12-04 09:04:15,408 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml to existing session 5d4345250b77e2bdc76646d2054694c60b08de494be892bc4bd46765acb95289
2022-12-04 09:04:15,408 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml in session 5d4345250b77e2bdc76646d2054694c60b08de494be892bc4bd46765acb95289
2022-12-04 09:04:15,408 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:04:15,408 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml and key rsanchez@samltest.id
2022-12-04 09:04:15,409 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:04:15,409 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:04:15,409 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-12-04 09:04:15,409 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-12-04 09:04:15,410 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback
2022-12-04 09:04:15,410 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback
2022-12-04 09:04:15,410 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_196d2e4708be617988cea87113e0c986"
2022-12-04 09:04:15,410 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _196d2e4708be617988cea87113e0c986 and Element was [saml2p:Response: null]
2022-12-04 09:04:15,410 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_196d2e4708be617988cea87113e0c986"
2022-12-04 09:04:15,410 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _196d2e4708be617988cea87113e0c986 and Element was [saml2p:Response: null]
2022-12-04 09:04:15,412 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:04:15,412 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback' with encoded value 'https&#x3a;&#x2f;&#x2f;api.dev.simcapture-dev.com&#x2f;auth&#x2f;sso&#x2f;5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2&#x2f;callback'
2022-12-04 09:04:15,412 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:04:15,413 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: '{"type":"pdl"}', encoded as '&#x7b;&quot;type&quot;&#x3a;&quot;pdl&quot;&#x7d;'
2022-12-04 09:04:15,421 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback"
    ID="_196d2e4708be617988cea87113e0c986"
    InResponseTo="_d78a0aa6-c946-4077-91e5-e8c92ae2b47a"
    IssueInstant="2022-12-04T09:04:15.402Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_196d2e4708be617988cea87113e0c986">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>ymFl4m78H0LeWihOidjseX3Dkr+vdxJwHr7ipZ0sY4Q=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>jxfdvfJgbBQmvR4jzVC1vMyN3SL8MMAwFS+lrpxs+CW3G4IDJedeozlNW6hLB9vJGDJBhOcw9sFe3PFp9dgNvrrbrQQRxa56+h7fBbAiPSnu3Yn7LwC40ES9oIRqrmY+11ZbRHQXhjppD/cdPhbPBnx0G1+xeDikwzZyHlLz8/ZNcHOAUPF7zdThuLrsoz1L5nN3Lt3C8QsHI2Y+nsmSN4I1VRY4/vSBQ2ircGi1GDZuLB2BQ9ToKARi5on/IoZanPzmtyyAbDNH+IOhY+WZ0qwlzDBMslQCR+ANK3jXZCkZ3WTkZ58jfDI8erts0JLM0KD2gIhrTM9TChXi0PgLlQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_9e3aceb29750ac25751b04de262ebf8a"
        IssueInstant="2022-12-04T09:04:15.402Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">rsanchez@samltest.id</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="20.242.29.222"
                    InResponseTo="_d78a0aa6-c946-4077-91e5-e8c92ae2b47a"
                    NotOnOrAfter="2022-12-04T09:09:15.407Z" Recipient="https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/callback"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:04:15.402Z" NotOnOrAfter="2022-12-04T09:09:15.402Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:04:14.506Z" SessionIndex="_e6b324f3b3f9071d0bae127a499d9007">
            <saml2:SubjectLocality Address="20.242.29.222"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:04:15,421 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:04:15,421 - INFO [Shibboleth-Audit.SSO:?] - 20221204T090415Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_d78a0aa6-c946-4077-91e5-e8c92ae2b47a|https://api.dev.simcapture-dev.com/auth/sso/5c8f6db1-80aa-471b-a247-d7fa3b7ebaa2/metadata.xml|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_196d2e4708be617988cea87113e0c986|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|rsanchez@samltest.id|_9e3aceb29750ac25751b04de262ebf8a|
2022-12-04 09:04:51,484 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-12-04 09:04:51,485 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:04:51,485 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:04:51,485 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<ns0:AuthnRequest
    AssertionConsumerServiceURL="http://samltestid-test.zoominsoftware.io/saml/sso"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-vuY62jvbXmuhuflAW" IssueInstant="2022-12-04T09:04:51Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">
    <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://samltestid-test.zoominsoftware.io/metadata/</ns1:Issuer>
</ns0:AuthnRequest>

2022-12-04 09:04:51,493 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://samltestid-test.zoominsoftware.io/metadata/' from origin source
2022-12-04 09:04:51,493 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:04:51,493 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:04:51,493 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:04:51,493 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:04:51,493 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:04:51,494 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:04:51,494 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:04:51,494 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:04:51,494 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-vuY62jvbXmuhuflAW', issue instant '2022-12-04T09:04:51.000Z', entityID 'http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=jZJLb8IwEIT%2FiuV7cIhopVoQKS2qikRVRNLnzSSb4iq2qXdNH7%2B%2BJvR5QT3ueMb7jeWxxVQWgdZ2Cc8BkNir6SzKKE948FY6hTqOygBKqmVZXM5lNkjlxjtytev4d2B4OKAQwZN2lrPZdMJ1k2zD%2FXH2tF3dmbAObVfccnYDHqNlwmMi%2BhADzCySshSlNMuSYZakoyo9kelIHg0fOJtGZm0V9ak10QalEKhMR%2FFgoBuhm42IsK3uQOxgMrGERnuoSZTlFWeLzyKn2jbaPh4usdqbUF5U1SJZXJUVZ8VXsTNnMRjwJfitruF6Od8T%2FQKKrXuud%2BeMtuhaelEeBtr1DoHoeD6OTyn76p6dO28UHWbaKfHetrdKsKTpjef%2FXmyAVKNIibH4WZzvhr8fI%2F8A&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=hU3TgutimXzoAwsDPZmU10iI293zKYLbw5qkfMpgntb4biSiHFHnTm2VzLc%2FPUVRoAOupX1oEOHF8PI6EO2ktSAlFuL4jXwVBQmTlVzS7c8NcYBmINNk%2FGnbxJJAE9eUPEwxJWrGm6%2FhHotTWbVCNzOBV2%2Fg5MVXE5c%2F08G2XuAxRlCSuvogHdHykGUoIqHb0Fdnj%2FCpWYRfe8z%2Bb0Pgzcyk9Ua%2FwRQWT1iDE1ZxYMXqQ0LdcjLnQzpd4YKAbNRqyevUdJPQg%2FRVuyTsV9zh%2FETpfuQ33I4wEcFelmlNxxhlpIaAitLir8QMILvtl7dW7fWctS3dloc%2FbIDTkc%2FxPkFVr9TMqT56yR6LRaejrGlmc3aVU%2FhDEdPSVZgnBHFDr18BwPlmqdndhgrKBSADN77VbauYw2iyeGWhIgSwumh6OpoVG1Jcd2up5Tmo92YUz7qLtVQOoUBgy8Et7e%2Fl%2BVuKVIwb0b70e9ZIXf8J68TI4CE%2B6U8FLcOoE3V%2B3Dr53gUMNiGP0Y7OkNIOayOLUx%2B2WzuUiaV0w5gMMkt3HK2WFLlGkp0U6pDphUJkhWmtBT4VABVJY2PJybhaKv7ATAv2Bg7x7iVpdGD4%2Bp%2Bj5bNCPjV3Ir9qxpIuLf3ukb%2BJG8XjbpLpuOD6eEY4q1eeJlG%2FqBNZjNqW%2B9cuMNfTsbw%3D
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=jZJLb8IwEIT%2FiuV7cIhopVoQKS2qikRVRNLnzSSb4iq2qXdNH7%2B%2BJvR5QT3ueMb7jeWxxVQWgdZ2Cc8BkNir6SzKKE948FY6hTqOygBKqmVZXM5lNkjlxjtytev4d2B4OKAQwZN2lrPZdMJ1k2zD%2FXH2tF3dmbAObVfccnYDHqNlwmMi%2BhADzCySshSlNMuSYZakoyo9kelIHg0fOJtGZm0V9ak10QalEKhMR%2FFgoBuhm42IsK3uQOxgMrGERnuoSZTlFWeLzyKn2jbaPh4usdqbUF5U1SJZXJUVZ8VXsTNnMRjwJfitruF6Od8T%2FQKKrXuud%2BeMtuhaelEeBtr1DoHoeD6OTyn76p6dO28UHWbaKfHetrdKsKTpjef%2FXmyAVKNIibH4WZzvhr8fI%2F8A&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://samltestid-test.zoominsoftware.io/metadata/, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:04:51,495 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://samltestid-test.zoominsoftware.io/metadata/' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:04:51,496 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:04:51,497 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:04:51,497 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:04:51,497 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:04:51,497 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:04:51,497 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:04:51,497 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Neither candidate endpoint location 'http://samltestid-test.zoominsoftware.io/bad_callback' nor response location 'null' matched 'http://samltestid-test.zoominsoftware.io/saml/sso' 
2022-12-04 09:04:51,497 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: No candidate endpoints met criteria
2022-12-04 09:04:51,497 - WARN [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Unable to resolve outbound message endpoint for relying party 'http://samltestid-test.zoominsoftware.io/metadata/': EndpointCriterion [type={urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService, Binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, Location=http://samltestid-test.zoominsoftware.io/saml/sso, trusted=false]
2022-12-04 09:04:51,498 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: EndpointResolutionFailed
2022-12-04 09:04:51,498 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-12-04 09:05:06,119 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-12-04 09:05:06,119 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:05:06,120 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:05:06,120 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<ns0:AuthnRequest
    AssertionConsumerServiceURL="http://samltestid-test.zoominsoftware.io/saml/sso"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-aNiCVBZ0CImOBnsgn" IssueInstant="2022-12-04T09:05:06Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">
    <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://samltestid-test.zoominsoftware.io/metadata/</ns1:Issuer>
</ns0:AuthnRequest>

2022-12-04 09:05:06,132 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:05:06,134 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:05:06,134 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:05:06,134 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:05:06,134 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:05:06,135 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:05:06,135 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:05:06,135 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:06,136 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-aNiCVBZ0CImOBnsgn', issue instant '2022-12-04T09:05:06.000Z', entityID 'http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:05:06,138 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:05:06,140 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=jZJbb8IwDIX%2FSpX3klBtkxZBJS6ahsQGoh0PvGWtAUtNwmJ3t1%2B%2FUHZ9QXu0fU78HSsDR0qPWt67FTy1QJy82saRju2haIPT3hDG0lggzZUuRndznfWUPgTPvvKN%2BDb0zxsMEQRG70Qymw4F1qm5x8l6vFGTmV2MHe3iZA2BomQooiPqiFqYOWLjOLZUlqX9LFUXpbrW6lKrq41IppEZneHOtWc%2BkJaSjG04DnpYS6wPMsJusQF5hMnkCmoMULEsioVIlp9BxuhqdLvzIR5PItK3ZblMl4uiFMnoK9jEO2othALCM1bwsJqfiH4BxdQd17v3Fh35Lb%2BYAD30nUISeZEP4il1Fz0kNz5Yw%2BeZjp347raTanCM%2FCbyfy%2B2wKY2bORA%2FizOj8Xfj5F%2FAA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=ngWLGwnN2P0FMT6%2BrYLMChwxNvV5ztLpgu8H0dtPodjX5vfJQoKz2Ht6BwIOg%2F8gi2S7ngSoUZyid9RXU9nJp6K4noBO8VtGe%2FDRVU3HXFkfMztv%2BgoRj1hKiqswuyNuWOB%2BubUYNnVLipyKHubV0M61G2SnNX6UErMCG6%2FeAItHcgISKjAQbr9w8bmrwKiztNFZIz0qghfmn2EThFtkqr%2BLCMdSpEBVkntGhH8aosU9aDBZ4OhJod98d5ha6S7EXoUgYj9e2cbhvKVYlhQvaswB7NsP%2B5og1iHQP3VyhBCeW910fMtkTM%2F49qrglYGN6pftmlq%2F1Zt7GaHYsLxiEVi5%2FDjl3McnohXnwmbtGy9FMxO%2BdUEYnoPUjdCrTG9nlmLp%2BY4CPfPBMfTQJ0MOUk2R%2BtX%2BnJroE%2B8Nwfg6TLIFUFQ7jt6lsNG2Bu6HUjmNQBxUhFvZcAiU0b1KJJyEh08UofROAeeYr%2B1E4%2BdF%2Fj%2FHpj1wbWmS5jSsT39aT3cO4U8d%2Fh%2BqF14tXQIIgefaGfCK5tO%2B%2Bu1hpDSEkQmnqC%2BLbSFF6GvXg6wahEnBoYTKuQ%2B7tiWVzJP7F4ETPNaEBEDb27LAhtG%2BEo%2BwFr3NPZCdQsuceZTeRNCcuZq0mHXq7T7GBPREpWsiVqvZs%2FgK7QSggCttQyUPfMEMUl4breI%3D
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=jZJbb8IwDIX%2FSpX3klBtkxZBJS6ahsQGoh0PvGWtAUtNwmJ3t1%2B%2FUHZ9QXu0fU78HSsDR0qPWt67FTy1QJy82saRju2haIPT3hDG0lggzZUuRndznfWUPgTPvvKN%2BDb0zxsMEQRG70Qymw4F1qm5x8l6vFGTmV2MHe3iZA2BomQooiPqiFqYOWLjOLZUlqX9LFUXpbrW6lKrq41IppEZneHOtWc%2BkJaSjG04DnpYS6wPMsJusQF5hMnkCmoMULEsioVIlp9BxuhqdLvzIR5PItK3ZblMl4uiFMnoK9jEO2othALCM1bwsJqfiH4BxdQd17v3Fh35Lb%2BYAD30nUISeZEP4il1Fz0kNz5Yw%2BeZjp347raTanCM%2FCbyfy%2B2wKY2bORA%2FizOj8Xfj5F%2FAA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://samltestid-test.zoominsoftware.io/metadata/, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://samltestid-test.zoominsoftware.io/metadata/' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:05:06,141 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-12-04 09:05:06,142 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-12-04 09:05:06,142 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-12-04 09:05:06,142 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:06,147 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:05:06,147 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:05:06,147 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:06,147 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:05:06,147 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:05:06,147 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:05:06,147 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:05:06,147 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Neither candidate endpoint location 'http://samltestid-test.zoominsoftware.io/bad_callback' nor response location 'null' matched 'http://samltestid-test.zoominsoftware.io/saml/sso' 
2022-12-04 09:05:06,147 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: No candidate endpoints met criteria
2022-12-04 09:05:06,147 - WARN [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Unable to resolve outbound message endpoint for relying party 'http://samltestid-test.zoominsoftware.io/metadata/': EndpointCriterion [type={urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService, Binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, Location=http://samltestid-test.zoominsoftware.io/saml/sso, trusted=false]
2022-12-04 09:05:06,148 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: EndpointResolutionFailed
2022-12-04 09:05:06,148 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-12-04 09:05:20,620 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-12-04 09:05:20,620 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:05:20,620 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:05:20,620 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<ns0:AuthnRequest
    AssertionConsumerServiceURL="http://samltestid-test.zoominsoftware.io/saml/sso"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-ZiBtYeFuurF0Lb7VJ" IssueInstant="2022-12-04T09:05:20Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">
    <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://samltestid-test.zoominsoftware.io/metadata/</ns1:Issuer>
</ns0:AuthnRequest>

2022-12-04 09:05:20,627 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://samltestid-test.zoominsoftware.io/metadata/' from origin source
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:05:20,627 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:05:20,627 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:20,628 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-ZiBtYeFuurF0Lb7VJ', issue instant '2022-12-04T09:05:20.000Z', entityID 'http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=jZJLb8IwEIT%2FSuR7sBu1qmpBJChCpaICkRSp3EyylJUSm3rXff36mtDnBfW44xnvN5b7lpQeBt7ZJTwFIE5e28aSjvJABG%2B1M4RxNC2Q5koXw7uZznpK771jV7lGfAfOTgcMEXhGZ0UyHQ8E1ukaR%2FwAkxD8RM02l6tbkazAU7QMRExEH1GAqSU2lqOksiw9y1J1XqorrS50ptYiGUdmtIa71I55T1pKMm3D8aCHtcR6LyPsFhuQB5hMLqFGDxXLopiLZPFZZIS2Rvt4usTmaCJ9U5aLdDEvSpEMv4pdO0uhBV%2BAf8YK7pezI9EvoNi643p3rkVLbssvxkMPXeeQRE7k%2FfiUuqvuk4nzreHTTAcl3rvtrBosI7%2BJ%2FN%2BLW2BTGzayL38W54fh78fIPwA%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=aZj9C2be2%2FOlu7YWmnKX%2B8CULAA%2FGlvoxOlFZQAJzSQYM7qg%2FS4UXchAvRLvHfUh4gzEY9ncMHZ1QoMr4RrH4S09fYP5jxQdwztJW52raQ0s%2F%2F956jwwBiQF7CaYXeJvMPmIrfRcgIf63wX4TU65%2FsIiSR%2B0ooRImAivvzio%2Fg%2FpCfWXu4AwsG8N1zlgyylYCwLnDwjwWtRGUZbxt3PzLYef98Y2VHwwzW1C%2BTaBsV1bUhJ8u%2FgscXFb4EngX0jFkSbBz%2Bpi5BSHYwf8DtOubysM8EG3IqCAtGIghqd%2BaSZ%2BNm7BQgzLDLG%2F6ez2fH%2FH6MWC1wdPZyeEHzuwfoyZt3ztV37%2BanlBtJogBiqz0x3Gz16xSYHaYCsh01RrrefTaPk8asDKV33Q7q0e7NfEYovDTDeIH0DmR775326m6VNc5ydRAhdk1e1P%2FXjLY9StC7ap3S%2BghUxNnUEKAOUp5DKDobxYa%2FPFsVrXGTA%2BTURjY8jvHTlLvvyYf4DMDVKBNrz3hMdXszkx%2Bz6veceTTUSK2ssM0pu9rbvrcLJzVTaE3bzaa9e09UzVkUAH0iwgvnyZjeMG48eUSqCmWgr7Dy5MwODe0xSgC1XsrFw6bPmWmA8JT21nm4cAmZJLALDeRoVtGSbyeOuSS4BSicUPSOF4p6tv4WkuVL%2FWCCdRmWk%3D
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=jZJLb8IwEIT%2FSuR7sBu1qmpBJChCpaICkRSp3EyylJUSm3rXff36mtDnBfW44xnvN5b7lpQeBt7ZJTwFIE5e28aSjvJABG%2B1M4RxNC2Q5koXw7uZznpK771jV7lGfAfOTgcMEXhGZ0UyHQ8E1ukaR%2FwAkxD8RM02l6tbkazAU7QMRExEH1GAqSU2lqOksiw9y1J1XqorrS50ptYiGUdmtIa71I55T1pKMm3D8aCHtcR6LyPsFhuQB5hMLqFGDxXLopiLZPFZZIS2Rvt4usTmaCJ9U5aLdDEvSpEMv4pdO0uhBV%2BAf8YK7pezI9EvoNi643p3rkVLbssvxkMPXeeQRE7k%2FfiUuqvuk4nzreHTTAcl3rvtrBosI7%2BJ%2FN%2BLW2BTGzayL38W54fh78fIPwA%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://samltestid-test.zoominsoftware.io/metadata/, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://samltestid-test.zoominsoftware.io/metadata/' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:05:20,629 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:05:20,630 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://samltestid-test.zoominsoftware.io/saml/sso using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:05:20,630 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:05:20,631 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:05:20,631 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:05:20,631 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:05:20,631 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://samltestid-test.zoominsoftware.io/metadata/
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:05:20,631 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:05:20,631 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:05:20,635 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:05:20,636 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:05:20.636Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:05:20,636 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:05:20,636 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:05:20,637 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:05:20,689 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'samltestid-test.zoominsoftware.io'
2022-12-04 09:05:20,689 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:05:20,689 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:05:22,570 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-12-04 09:05:22,570 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:05:22,570 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1632714497::identifier=rick, context=org.apache.velocity.VelocityContext@409e7d20]
2022-12-04 09:05:22,571 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1632714497::identifier=rick, context=org.apache.velocity.VelocityContext@409e7d20]
2022-12-04 09:05:22,573 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:05:22,573 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:05:22,573 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:05:22,573 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:05:22,574 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:05:22,574 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:05:22,574 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:05:22,574 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session d8b13c998f6537735c3dedd1c5a0585745e8467eef091e035bae474b5798ad73 for principal rick
2022-12-04 09:05:22,574 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session d8b13c998f6537735c3dedd1c5a0585745e8467eef091e035bae474b5798ad73
2022-12-04 09:05:22,575 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:05:22,575 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:05:22,576 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1c3575ef'
2022-12-04 09:05:22,584 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:05:22,584 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:05:22,584 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:05:22,584 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:http://samltestid-test.zoominsoftware.io/metadata/'
2022-12-04 09:05:22,585 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:05:22,585 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:05:22,585 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:05:22,585 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:05:22,585 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:05:22,637 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'samltestid-test.zoominsoftware.io'
2022-12-04 09:05:22,638 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:05:22,638 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:05:22,638 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:05:22,638 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:05:22,638 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:05:22,842 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:05:22,842 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:05:22,843 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090522Z|http://samltestid-test.zoominsoftware.io/metadata/|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:05:22,843 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1c3575ef'
2022-12-04 09:05:22,843 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:05:22,843 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:05:22,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:05:22,844 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:05:22,844 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _7a2528f60f09f2da4a96113ab0d65251
2022-12-04 09:05:22,844 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _7a2528f60f09f2da4a96113ab0d65251 to Response _55ec721dcb9180f40005638c65ef7f51
2022-12-04 09:05:22,844 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _7a2528f60f09f2da4a96113ab0d65251
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:05:22,846 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:05:22,847 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:05:22,847 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-12-04 09:05:22,847 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-12-04 09:05:22,848 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-12-04 09:05:22,848 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxPrEPgS8OcV5GEbxq/rcItC/J6+n4bg2rtIqFscFVgAF0+caJPmNaBUBdNHIlvVJRiIYFYL80/x0atAIpl34vom4s0I70+UGKnOhHywPTt1Z/T79kNQlPpc8WUlnClyZvRgqtjFoyoKQZonYaBph1qNH5/A== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.122.255.107
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-ZiBtYeFuurF0Lb7VJ
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://samltestid-test.zoominsoftware.io/saml/sso
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _7a2528f60f09f2da4a96113ab0d65251
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _7a2528f60f09f2da4a96113ab0d65251 did not already contain Conditions, one was added
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:10:22.843Z, to Assertion _7a2528f60f09f2da4a96113ab0d65251
2022-12-04 09:05:22,848 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _7a2528f60f09f2da4a96113ab0d65251 already contained Conditions, nothing was done
2022-12-04 09:05:22,849 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:05:22,849 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _7a2528f60f09f2da4a96113ab0d65251 already contained Conditions, nothing was done
2022-12-04 09:05:22,849 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:05:22,849 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding http://samltestid-test.zoominsoftware.io/metadata/ as an Audience of the AudienceRestriction
2022-12-04 09:05:22,849 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _7a2528f60f09f2da4a96113ab0d65251
2022-12-04 09:05:22,850 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party http://samltestid-test.zoominsoftware.io/metadata/ to existing session d8b13c998f6537735c3dedd1c5a0585745e8467eef091e035bae474b5798ad73
2022-12-04 09:05:22,850 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service http://samltestid-test.zoominsoftware.io/metadata/ in session d8b13c998f6537735c3dedd1c5a0585745e8467eef091e035bae474b5798ad73
2022-12-04 09:05:22,850 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:05:22,850 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID http://samltestid-test.zoominsoftware.io/metadata/ and key AAdzZWNyZXQxPrEPgS8OcV5GEbxq/rcItC/J6+n4bg2rtIqFscFVgAF0+caJPmNaBUBdNHIlvVJRiIYFYL80/x0atAIpl34vom4s0I70+UGKnOhHywPTt1Z/T79kNQlPpc8WUlnClyZvRgqtjFoyoKQZonYaBph1qNH5/A==
2022-12-04 09:05:22,850 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:05:22,850 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:05:22,850 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7a2528f60f09f2da4a96113ab0d65251"
2022-12-04 09:05:22,850 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7a2528f60f09f2da4a96113ab0d65251 and Element was [saml2:Assertion: null]
2022-12-04 09:05:22,850 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7a2528f60f09f2da4a96113ab0d65251"
2022-12-04 09:05:22,850 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7a2528f60f09f2da4a96113ab0d65251 and Element was [saml2:Assertion: null]
2022-12-04 09:05:22,853 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_55ec721dcb9180f40005638c65ef7f51"
    InResponseTo="id-ZiBtYeFuurF0Lb7VJ"
    IssueInstant="2022-12-04T09:05:22.843Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_7a2528f60f09f2da4a96113ab0d65251"
        IssueInstant="2022-12-04T09:05:22.843Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_7a2528f60f09f2da4a96113ab0d65251">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>eT8HKNrnvL1xww1Yh32/fBOTzhKeMXf5XJL/whIztxA=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>WZ38fzjJNHSWodCGSddPXaWXfRmHYX5zKpigMBWDKYvWMDqo9PMYZVoxcBp6nVLqWa/objIzd4MlRnHwMxRIqBY/HLr3JJCs9vQ2+ab+6IGlQICkldsVF37oNZ00xR/1Ediih6SrHdlsiRB5c8+IPsKb1q3LC9llB8IilKxUq1NdgCWG5LOgIspuGT/4pD5sFmPy/DqyVQGLY34J6/X7jtlTUCtVbRdHNW6yOxze7WD7bsIxIMSQ7GVfRkbk7OHRcALFGHmqvHnBAms97lIL5h+6T4u/elvnfmPr2nxBol3ld/DxOF5/JcrGaRMc7uHAn+neAjaWkPrUqW6QW6YDaw==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="http://samltestid-test.zoominsoftware.io/metadata/" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxPrEPgS8OcV5GEbxq/rcItC/J6+n4bg2rtIqFscFVgAF0+caJPmNaBUBdNHIlvVJRiIYFYL80/x0atAIpl34vom4s0I70+UGKnOhHywPTt1Z/T79kNQlPpc8WUlnClyZvRgqtjFoyoKQZonYaBph1qNH5/A==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.122.255.107"
                    InResponseTo="id-ZiBtYeFuurF0Lb7VJ"
                    NotOnOrAfter="2022-12-04T09:10:22.848Z" Recipient="http://samltestid-test.zoominsoftware.io/saml/sso"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:05:22.843Z" NotOnOrAfter="2022-12-04T09:10:22.843Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>http://samltestid-test.zoominsoftware.io/metadata/</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:05:22.573Z" SessionIndex="_f23a39620b02a496215678fafb542024">
            <saml2:SubjectLocality Address="40.122.255.107"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:05:22,855 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://samltestid-test.zoominsoftware.io/saml/sso
2022-12-04 09:05:22,855 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://samltestid-test.zoominsoftware.io/saml/sso
2022-12-04 09:05:22,855 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_55ec721dcb9180f40005638c65ef7f51"
2022-12-04 09:05:22,855 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _55ec721dcb9180f40005638c65ef7f51 and Element was [saml2p:Response: null]
2022-12-04 09:05:22,855 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_55ec721dcb9180f40005638c65ef7f51"
2022-12-04 09:05:22,855 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _55ec721dcb9180f40005638c65ef7f51 and Element was [saml2p:Response: null]
2022-12-04 09:05:22,857 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:05:22,857 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://samltestid-test.zoominsoftware.io/saml/sso' with encoded value 'http&#x3a;&#x2f;&#x2f;samltestid-test.zoominsoftware.io&#x2f;saml&#x2f;sso'
2022-12-04 09:05:22,857 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:05:22,859 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="http://samltestid-test.zoominsoftware.io/saml/sso"
    ID="_55ec721dcb9180f40005638c65ef7f51"
    InResponseTo="id-ZiBtYeFuurF0Lb7VJ"
    IssueInstant="2022-12-04T09:05:22.843Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_55ec721dcb9180f40005638c65ef7f51">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>Zm71x+p1KvtTwE0KafQjuN0ONPVFvLpKi6cGkp37Mbo=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>FfdHHzcIeNsvbP4swuroty5kW2yB9SkA8JlEpE7ALcsdNWNxBoSiHDK4nxWDKZAQ63V/QbC5PC8ZKY4vtARQopf+Yy46dIIEMgiIEsNp5xnHgfeRUIK6851P43qe8LHWRWyHyQcc1pj7tOtnro4wHOxW1nyL8x/21raZU2KUK3pjOy+tyMn5ycrfLbpGV1fiPNdXZxIkkDdH7h9aGw7h2NzqYSWNyQOcp5eqACBaspxCYUQdUpHrTHqLvFbBzKieq2rsSSK2a74+8s3xk5yS29pMhQsxDA5HKlS6zT5afLRtIDHVW7XYWPZ3ze8zgqZYp7wdl4cvA/Mq2711Ck+Tqw==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_6aeafb88e76719a3dcf7df9e6a9e4833"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_814a20ac90a9959b9c139fcb4398472b"
                    Recipient="http://samltestid-test.zoominsoftware.io/metadata/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIEyDCCArACCQDUEJYOAgvyszANBgkqhkiG9w0BAQsFADAmMQswCQYDVQQGEwJJTDEXMBUGA1UE
CgwOWm9vbWluU29mdHdhcmUwHhcNMjEwODEwMDk1MzI5WhcNMjQwMTI3MDk1MzI5WjAmMQswCQYD
VQQGEwJJTDEXMBUGA1UECgwOWm9vbWluU29mdHdhcmUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDCNSuNsLFHFO4SRTGxGMu/xQVuRCd6YEbagiSggwP2zg51QXFBEvNDT9QlflEQMKFw
6p4sRymXm9ZrJvTFbQioUHgeBrN446QheTJH3nzO5gndCqPDUR07Lfw18r4hB9MEsIjJuAOZfZL1
yrv1YcKyUDTOgmRfiDODUN5ORldR+2HAY34zgxCQMDX9K5Tk/nluN88crgTCM1rvsBwh2hWqL83a
IVUrnP4GVll/k20FcthIpSRC/nrjAf2GJ+z+j9TJwywOlXYQPgDcloJ74HHQ8K5SKVUlcsI0r48i
fHpqsNfquiww9irTmMMJSyyW0zIVwrM3ArUgAmO7kT+NOlh/udsmZRjiTdLgH5bHuL1qWuOgRqxt
cRflXMody4wkueLQwedfSZ0ax6yCMPjp4zv0L8ZYUp9tqxp/c1EE2L6zYoik5Y8aj3GVJuB8jpmn
MlZl3QcG4/w0HdtQ3scU9sOBjuVMAYlxoB0Kp4t5TLiYRlu9LsKmmEl/VN/t84IXucoehuixNXK7
Z4RVMYxBC8Vb8cdBnQehS/thJUYjfmtmfl2vntss3K/FgFWXK0FXdfM44rZ5Sow9PMHSYOiDW5ud
MabIO09n4XpIgmQiUeCzuFFsL89bauUB8snNk16Bq9awcMr804z92hpL+0Iujp3H1OZsTxVm0I9m
K1dXis4p0wIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBr8QcVwViFEoXwty0yCMJyyxbJe02Nam7X
0GEtB3Gm9iNNc+LW3wlDbnRebKhFGQvjxlVer+65Vhlezd8pmw3l5jE/qIOmxglZTg363M5RrS0b
xKwF+rWLvxyhqVmMbz3TGN+bWcXa6ozup5K5uOgFwFxXWfbW/3V/vHnPiEAbZnZwc1cPUpmMAqBW
ryc3UUSIe1+xh9j3m3Xe5lYmNWLyc93L14A8XCzAr1HiBOe5sZD+cyFr1YHBHsRlQM/Ks/iR0Mny
4nj3bTOViT33aqVWTvqp1xr0A4nYumN9SfbePM2k4k9w3Wko23nXfjk4Qok4sWtURRVn3IdY1esW
0CwgKMdSB8FvPtsB+THUtImhBtX61y5j/C7FQ0/VwE/KIrgKe+KADTKJm0PNGMoOi3p+j3G9k7pT
dBJoUSCMWBi59I12LcWJKYiSve8bpJWYTOFGH41cf9/oBMhW0fIyQMo8Va/wVnCfTqYV4E8XRFn3
V5L8YIEn6jidKLMzJLnzQ8/dT9k0NKcggQ+DZrfcgtY2jxPvIMgfVr6Y8Q9ISCe/HeOJTJBZyJ/1
jz9AgzTJxEWGfk8DHlCRpA3EnzsB7nLi5GWcAx62YfCLa4R2ivVB2vMZ+lpoxtMsQnffRBOidNw9
E/DsiFcqCrFDFbqbLv76nvTha0UjqrNle1TKtGKGbQ==</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>XZXWdJGBkIh4VKp8f4o4jcafcOXCxaAlCalq2cEq5rl6Urn8eexP5AxP+Mlmu2hW0WEGGuh06hezioL8AZeaJN0WGSM04jz6AQfFk+ZxULCTJf0fqY1WptxeL11pJxPp9WZ87OTTNGZUK08qwiJ5cS0ialwCP4Lf9sute7hJyvKS1DYBIbc6O4C9l7IJQuGAo8KsdFu149b/5U+DunqTwLsEJt/5RLZa2FE+Q5jTGHNO5EjSnemYupPEuvU2QSn2v4PgKFj9grzr2b1uQuEeEV5TgOPMq55S0lDwOywYS4ujGntCKklO5ZtqABYh0Vb2waxvcOdu8Uo653hoMcHNCAQNCvJGFiyURLJkIfUg1bRU4L7qs6dPFt8nvcfCmlqn8eUKk3+FS7Vz8F7jEnsdEnafVjD5Q5N8NDiKmkGpOuH6zofACeY/VELkXzGyTnnlR9JDr5DB60l17pjVW6VWEThntDGrX+0tA7cNg806G/gmfN3vkaHbKJzam+Fefd7K4AloTnh0ZFOztHg1tj9xzmNQxwpzlGPOSJXlB/CKhF6CSc5XuPObNL1KQGWropcLaIuKNdD+8gqzaATkOWOlm0AMrKcaqH/uHhnfvwv7eChnm6bKV3stHrWS47+rGdkwLhScGSayFak29QhQl8b8Jrk8eKTqzj6v1+KE/wLhmF4=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>XAZFE8QBs/f27Qv/wMvs94d4lhQMODoYXM6xWQahqcQDuji/U/grk44oacY94hpzgAZ5KJp6BgLOaxhofIB+1I9lEFW+rtbg0UkdxJcC0dgzZl00WpQVpxF49jcZFA6fH0B3r3V6tE/ypAkeANxXoANNN2f7cKcCm+fatSqjLtI8Vl92GXGD7IUlCFavszEu99wqUAUSZUqfOaSLVfZbhEvGJZbivMOzP68DC76+2yfRRFHOvx9MLnigIIg1elleadqMy7jQ+hkPqlaZfp6AcKTthR5mm4SIKffU4L7VgLJrP4cuk9iMjsqE/xAgwVVAwT5SDEMctPHBkroyAzWw5dSSCONNB0HArDZEZCS657qempiIPFzt4wCZlzKaA5Jnn6NPgbz3IzNZ1/bSNYYI11EeruXB5OIc480hkRWLXLOoHAQXc7HeT4xQBlHtZemHEh0uD4+49bMCXvoIjq1fHsPgyWKIM60m2iJcdZ/zgba2Q7RsqQ6yuxg6zpx5Ob3sViRSn6FKp4buY6PBp/r08yeJFzCRKLueHcaGb8tWEEjbXU5LCFbvHrY6WHJEAoB0IscJYLPuiJAsF7udRFU+/m0Ayj3Ig0gqOaK4UE29POnC4z9r8+g9ydMlbDeLh0dRtKy243cAPZgb+gLfEyrADOIj4COSGrOh9WAtPuYBH5hHRmoJ6WzPhFe1apTe8Hy8EdcvC/dDTxctiHxQHGlswgxAZEQLejSNnBVJbOf0A2JwTNchVA4B0qvFd0WVkSn6i/4bXkTUjjXUULCmXBXVSN/8V4ZwKpnLUSOqs4KdAyVZ5ozaaL1QrlgJDjzFHeuAq49jo+0yYg3Wh1XQmkFwfci1PRRL5LnVbyuCJaRNeKVE0Lsd/OzjPFCwa/xoWkGo9ADTZFcXbTvEX04ab879KcRVx2zJW+ZmOye/3uTrL68KfaFeBieH5HQnD7ydgM5oOZd0LvPW2zNjRlEmddCqpZeEU8ccWJACmHdUQhbN+zC0E/hcqyiyl4MofoLhc56Fd5q7H5CkYU2/NbBGP4AKIaOdytBQMi0WDOWSaSJtru2Rz+Upu95F9D+FZFRerRzuZ6Pcxif2PG/sNKoLURQ5eEymrX/O8E9RTeSo59yMpriPAJ2FMypNT3BzrCDpjMC8nmlAfsCIOWWo9LfSeKEM4ICL5EkIdpZ4jwangRXcZb8vLyg72vwk3UaZ3qUTWTjW0YdLMjCDYsSDduc6KDnDs/rqZBrHoSMscbvHOXQIzi6pKHLZLUMXiMRhdUDPmFF32GivDuwYJea8LOSwk0i9GeQahfwiQdwWWtMxtsb1RqwdlgwWcjt6I2lGNnreu6RHGbbgx66tnGFIBG3IZfNigPvJHvOkB9WfYcF+btz79jt+NOKDMcIo6+0nQ58wZNxR7AAeorhDuP9ojuiWoEg1A3uLdSHuajRZn5Ljr2HFPVbpg0QXXIG2nJptkmYQzGW3K1wsB5TsafBkUQSxrTz7WQDOQqDD5GhDjQrU6ZHo8DRIdI4x3uGoqmUapeNwu8mgz6N/WLSbcj37ayekCr+KdmS89mF0dDsIQTotyz3wEVEVohrJboI5whaVRApcLtkL0D26f0yoGs8Gv4QukeMFCAZ8HqsIXhV2tJzFlL/3Ady4xVsWa/BuioNrrxF3qmCwkoU9xz+OnTG/tt2dafV3zSPzr7cqcJR5OlgskTBk0v+Kav7wWmPJMVBJWGU7M0wFAy20ZX9t7PZWv2mBRyATc8jNQjJ2V/aqaovMtIklQ3MGegR6CnyttBbIVMLeE8sb3JYDXH3mczsf8bMk0+aWDmZLFBbYPrrVv3Z+2jaDYingS3oRAIJAcMGY9GGOrnUEFWkLQ+m5dOiAktt9dDMDfi8N+UaHeraG3WkJX6yUguW3MPjkameEgx+laSSvnE5PEuNlDZm/qYmqSrtWxEqsXVdO6FgqVohzpcftmHdiU8rzcwOJHPTa9hfi4pah0KLlYLMypCOlK16ZZDA6J+qcqCvDMI+1Le/TQKzRHxJIkMyBNG26kLn7ygF5zSlZTyXogDqekoorsixEdDxWRjnm5xaOYHPxcgbBdID2wf7GrcjqjrhCKBZZM7C2OM3dHLft61733PXo0ohvce2PQ1a/HXHv7k9t0z1tMQxdZJogXOn7ub2sUJJKsXJ2uNg5fMdlgqrO8N97SviU4u50SDNDkRd77UBF4asLD9AX2CdRP8giqdHwneeE+Ri1iSj6cKXREL4PfA3Fr6ngf9nozdUqpjCgjoW+qXDq7MPZ0SevDn91fAJtDwWR4GaypgJ8XEjZ3qLMOj324pkKachnFZs2qGb6OmY7lyFljBw2wBe1BaZA5w0WtzcSDrCHA6wNtJHvmIaRA6hR0S7RDg+i88Z9R2yg70mAt/IiwWxiy1UYQRK5DiHRqmAA4Qmw8WTZIc9RJErAid49QSFSgk6dHOeY2gx1piYXNXzDaK5BwR1wp5P4jnROY5DT8RQFoXm9Ljm0Yz9fBnQq3ejVjdBm6KNEGq0fBzKiG/nYXQdhxPlVFEzbfbAO9mhC53CTWEGkHLp0SQZT791RC7APZtxNG5MQI4jlIs21foD+flZRoPuWGFT38+Nm88mlviUS71nc7xupwMwz94YFMyn+SbEGm63zTkt/95Ql0j5jtQWFyQsqeVMhaYh7ajRd3YRFZNJsfvd3bVYzB21WBSvPHoymVPr5EezKueDx8CJzlNNWJ2oaCA9wA6toQCJRdPRonCj8wbc4DtcTO1BF4dWtoEuYKVCDf4Ost1Nr+M19sd5yfpvdLUD7y3PzRUCdGhfS8DHv9ElvYWTga5Bpam2ddWRNfFaSzFiePGv+tU8GGXHvfRczehv7SwLF6LwnkZLvxj2eMv1LblZoqWqq1WN4I9jCfrr6mi5o1W+2MppoppLzc+5IDFekJ1iB6EOSlqSIeY9k/1HKatHPO2eXxvQMgcrtfy53wc3FjkGGoQUiXiVICOmCqye7wKFhp2TH6I2wDlLenyWq54Fectb38HOFN1Kpa4JB46UmkW3Cwr6zIqsjiaONpkGZgUUdrA4sZCuEIAAg/vPRszdrk0BILdeBm2j76IOITDOxH6GmGwJYRLMzGJRmXr48t3GnpGOX8H9AxMuaekotSnu6R6C6Hq4zaAK6QHnURkkz8AKXnvaC0t3UeJxtiIIie+CeP3dnUnVbE+0pk4BR6NRUbSrjVLMBA9NrGZnI1XQXrBCJLwpJiPWcQYuxci8pRQqJ4Xfku8qmVvd6KQQZ4le3R4GBspIjbKtWoBHuujpu2EWGgidJL1IPq4yOKpg5AAotp33WpOvw9VF7kbY+oR2+lzZEhuvzDwvOjHZfcico6ZdkZqke6bYA0dDX5mSZmQ9dfHMmZTb+OqJjUtmtiFOIXPWJswT1LL6VoyfooZjNtqL5tqUr0SX8rXP8tUg3+W4FVUlU4/5mX76xTQMfCVl9wRF6+QzlRLalZvfFMFPupkr407mN7HCQyv9+c+bxqr2btR+LLamvCtqo3MzRcbLPwe0vZ6RsyrKPEffV8FkdKTq/hjd3y0HdrdBmxf1pXOuYsDz96hSP5g7mYLzaimM5bf89H1ijmU6LpvZsgwlOAxP9YI/mWO/j6dUabMwgjfqgtspta+agI+ZDvZ40UkIHibhcY9WfTjVdiUI5b/CbbYyKEqeIhVEJk7pD3bfqn/KhbKKpvrdjVF1FexFHQ2dBeNc9RkqgfxrZCh5oF5ikbEF1OTmB26/zv71T2xlkauE0Aeo0mqh9rd+qBrPIplXHFzOcujbdGQrP6xo3nd0wHPnnQEipEDAP/yB+GbaxWITpqMx1Z0H+KHHKLrvwlUele4lxx5pKx+Adri967UHkAx6+XsZoWkYp/V4fxi4P3wG1CqjiRYPyHDTlh0gKTL1AM6BlJiD2bvRcJrbW6tHCKFjBhuQnKA1m5MLmeOjMpswdE1/6+vu+rhr7Fz+2DB+tWJFClRMItMHEd2R7iXiFFFlzT+/gAE2SHbAsuV6cRh84zGQF2FTEEy09kVYLKKdcvKd5/GUycg48jAF5Qh3uldNrC6HRfyLsSwgRSSG22PNHdHdmB39xleKsnh7Mtx9j/iQ/gOxxyNk3gjDPF5qUL1iY+XdRWUd0gWuWQKy3SfyS38BvAI9tKvS8NBLDQwHrsaR+TT7zoNDmNz6/4iUzXQH0WM4ZZhej0tZbOnp1wL6jPCHy1LqjH69DOmopf80PhNgmqduDnNOKz/8a7zoTuynfr4zywYPSCd4bCxz+upkl5uKzX3VxOwrcgkcIqjOWfwvEp75iBnnK2eAn/RQYfpZuRgeKycXHK44p2vBuHBM1dyt9WKaWgP/3AZiIxlU2PkWycpKrRVOVzA0grwqzX4ytGbx9l/UhB8sVjp3OwjR+exM/DVsZcgFH+Btz1nPjxv+OLnQuw5+hhrRypgvSnYBWQj6CMKwQdjrfnA2iLkVdIG2RdI2O+1xZHTCNZSOrALKEimJVtqLgdHrzc3br3eWNA0K+2xJ/nlos0B2B8egJSPQMEgt8n4GkAFPaOZL8de349hPiVmdJETTbMQ5/re646+LqDhnSgr3G8XSJPJGiNzFIPRKQm4o0KnoZmg0/QEbtf7oWVhT8/6FPDsvEuwbCsIrzEI19X3jZXgsi4TKaQaYXVkLyWavrBcv3rU8iHO2pRjS+FsIrjRCGaBC+B0q4ZbsxR2BaCEvzx0Wj8lQg7P889nzL//QNkhmDbQNyj2JX1HAAq5x/GC0H8h5445iptodm+Dvxc+LgTKYjnb5WiJcsPHKYQAfQoQCusRtvzNsqMBClpvvrULGS3G+VjIBgZjmdFnbteZ5y3jyspxCv5jYM7b8ZW7CSV6ccj5IXBFbtvfL9DL8mthRQVL+2srU7gSm2yIMj1STbtX2Mu1kcfZQwiBEMY9O332ualo4dCTHhJAke/GEyaBGuv3182/PjKdgf/PSneXVqZWjK8yszJytASeLCJW7/7lh/AC+vjd/GN+7zBWqeopHU2YdduCMEvECMY9wQsjkdAiynDL6lZZGNy7FV54sZp8q/8lE+S9H3mJU5nuNqX0B3kFb1Qn4VKr5kPDtiQrHsUGMXjlCg1PKw7Brf/9pnPkFU/7a614NUAExQgdq9A7dx8MAXEKsRS8vn80ksARAQQ7pyBQsInJSQZvF6ukyWhtMsENop0m/xqIoT54m4UYkJ6fdhcgQnSBVRGemRx3SUWRhfsoNoe0cmHxpqx63fkdJWW7Hn7dIf3/tJfb68h0BslisAU2Rif895HT1iu+Lzsqj2pfVbSN1T9VY6hfzd/atY8qdKpFJAqfr7DXYwOBtRf2O4rLBVaqhbHDSAMf8qQTfWbKMECg3Zz28APQ9nIksao3ji4odzxZ+hW/j0XDKuQCHKmBaO30C9vN3MsjqttmrNc4cRHdgCv7AQAlgty/ysm7BeVx1BpuAi18juXfifzY87ze9XCX+gHBECWwct92ETfdTM/4Za8cEwJ+uKgyVX/R3UyDZu/5fUp3YfnKttMNDW26l5Vvl86WZetjEyH3anJHMYqbd6POoOThvaVbC+es/noQjRDX5APFQRLSQ3mok103m+LsqXG8eew83A6C8D45gEfBtYwtuKpdF1s6ZjAcRUlGs4qZRPbOA1Jsr6DjzMEpHAVac2gWVvjMrL7OcUduImV6pP0yn4Xd1AnFv16R6WG4E8Qf34QC6IjCaK32e0a0n7NTg7q+ih1WjI1ZxakiBpdO36Wpccso5e1Z80OMzqnUO7fVMgx903sKEhX5a2J4pwvwZrJU/kjArHv+vr8xrC+o6ha1VD2GXavTcyZFpXs2BhW+NqB0NzG0vKSE8Jb8OnWXkG3qfsT0YbJkkZUgcqvmmR4S+xjq2Hl+cO6SowOM76n8D9InMnctDQ7nFgIhZIlSy0lp26B4c8QPO4JF0vAxotR7v1VcXx4ZDsqeawtgY48fcesFbU3fn1YGoWOCdPheRxGl3OBkQsJ0faWITPBNbrS2kKvT10LwmbpoW7ZjMQlMvx9vBYNE5W7oDL5btqFPdyrvwrV/vbbulOPQKKCHFmzzVmIZvfQeAwdZy7rUpeJcLxX/ovA9iFEz3sXE5hpNm3occhenw5nxKuySM4VFvGX1om8L0fCXOtngZShhKnMuiNfK91Gq4UovcVdIoaMy8KOtXXdorE000gEtqL4j3EGkfpJhbwT+A0YDGejM0/h1Q56/gtDgtr6KL300mLcnloSLoqUELGaeczRZq9iDnB1JAyB8e6OQ1WOt5koOYlh/QQZT1WEHsK5rzDN0/C1t1dJfCbogehoCRsf/+QvhFMA74865piaV7RIghr/T0o4ZPveQCICoim1Zt/GRhIcRUTbK2tB6cel9kklLt8M4SXAGASqMaZAl3fNEVdUA0r2U2xo11dpljwWKXVFGF4HtMBCUyjhhb7/26wrIfyGnkFVJPt7MaGZW1NYIumb6xyVX7NENQT/f3M7dugRUWITFoEmP7Zw7A4NkzZeYhAyoAybsecjSVim2CNi0Ww1llxGY33DtnWmT3oA+08kzdY1Av75n45mKfhZrSJwhkxlBmN1BftQ7EL7SANuVfI7t7DQt3uaahOk12tMzhdqxSLmg0fXJj7noRb+sIWwuxtWLDyxl3NR/mK1b5GAnUOdii2FQpjp9Ex7D6muHuL2/8XpU8x5kfeIMnsT0dO6of2SVujCJ0UJl4bSTU73I/oTzfP0ef5370BpubSUHDjLHRRsDToBLJlQdQX1cKpFC9DTJPKRb9m+bpOYy7eSmlMDfvC4QFjNG1BkadZI71nuHJZfZq2GcQne0vUiEf3QvDgnRh1/vYm6Onhvg27/wOG9xUgSYDRtEbVjJKRTcotzzsva1FE5YALSii3AyTNhMsScdfoO4eGeXm3IZU2nFID6TwIS2aG7nbdplt8hdxA6AZzrnIL+fQUG3dCzAVeMt11n3DOYC3v84NlyykQjzlfbNwpnxQopsM0ZqF4G4w5RdrFzrKZ5X1tWztV+QqyFZrTeDXT7G6LTr2yHxkLHo8AuHEBTNQgLdt4RDs7W+A4uLp6GPOa6CHZvWTj+62rBASj55j7kC804cohEVAo7pl2o0I72cnfl6AboRrE8jmv+CbfJfTVqE8BIlr7W/Z8JgmRSBegAcq6tjec1EunaZJyC4Cv5nQ8oODcYmUD1pEEPKE7uvyAIrMhLVhlONAhjJvjqn8zRth+LbpXLyEkwXx8HhCjFxDXoi0lJOYZzWETx61d31tlCUm7G/EXnpabas26Ioj2iRQ1vB8bz7+kSrVZkShon+slnnHJ9c+YL9SP25eegyPZ0SJoGcxSHxQxa6a49cVg+J9O85bWatL8B2uh0qNImdZRC5MVmb9fMUklbpu1FuilvbmjHSXNv2Q2po4Gtd0FEaUIznBUCEs3X/TqFq7OZC6a09WCASwk0RG2gCc5IRAkut/JyIyEmJNk9x2BwqfUTDqIXhO40k9Vr7vw5xid0B3zmC87uocqX1gSYd8Fe1mSTAz80Df4FSPluiCkBn0x1cuFUUKVT5LefQYOFsrGmuhuAHEBnFgIhULFIlIvQgm/Scocfarpe1m4+MwjbTFdnDzqwTSw/rqACDP+fTl4IKkyKMW++qWZOHZBITivrnT2zQ0q3SLivXVEC4zDvDKbVZDyzAZVdGNXfMA7D8MbHdRUk6MMaYy1YqzQAjQ/vKtBiUlby9MEN66fzKpR+qgbY5mfC+oj2SFyKo92T2iqDckvJPyUHCK91cfag6a/2tU9hGEyPu61xti9nZPFQ2JTQEwQpTOOXClt1HiRLzU5+mgkbvfQIiYSceZhmP9JcXNnxiBi1Fs2UquOM7VlV2HxO8/Fm3bZJ6qkynYgaCTTbc/cdoGxiTPbesJngB6fQzaQVWImi8J9KubgFkoLbYY7PIcrX8zcZs6nlrHHDxHrqe7AOLgfP/UHj/tTul2kGoCDtx9kkIvx79kNaJcXq1BW+T3J/lOJ/VEn86CO2e2qiDkWRPxaqCLs/PfDsKy/I0nKHTF+0zFnQSVW0lxW0IHex6Nxlyb41qCJGf7ODUmafh9zDirYdUjHW1yjmAqq89O/i2BiTzfWyMuMANbbwjz5LHkSJENKMIQ+T6CDnNJFNiWBI4uX8VFV8NSM1GLcnfRGgkgULHqnDpOMVcUi8by0FMFHU89CD+ZLrz3sfVD3isa1T6gAGdDqMWnNcwGFwfEcqoS2G/wSmA6pWi+1yhvzjfheIxI5flfyBFJ4y4oZPdfzYq6paP96gTnhXfT7I9YnMLZ+50+QJ1kG258MbjeG9oBT68cdF8Ba6hL2nPqIOPm+0CjCKsO09r2b3fYwVf69ekRxzkxCstk=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-12-04 09:05:22,859 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:05:22,859 - INFO [Shibboleth-Audit.SSO:?] - 20221204T090522Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|id-ZiBtYeFuurF0Lb7VJ|http://samltestid-test.zoominsoftware.io/metadata/|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_55ec721dcb9180f40005638c65ef7f51|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxPrEPgS8OcV5GEbxq/rcItC/J6+n4bg2rtIqFscFVgAF0+caJPmNaBUBdNHIlvVJRiIYFYL80/x0atAIpl34vom4s0I70+UGKnOhHywPTt1Z/T79kNQlPpc8WUlnClyZvRgqtjFoyoKQZonYaBph1qNH5/A==|_7a2528f60f09f2da4a96113ab0d65251|
2022-12-04 09:06:42,724 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPSOAP11Decoder:?] - Decoded SOAP messaged which included SAML message of type {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:06:42,725 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/">
    <soap11:Body>
        <saml2p:AuthnRequest
            AssertionConsumerServiceURL="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            Destination="https://samltest.id/idp/profile/SAML2/SOAP/ECP"
            ForceAuthn="false"
            ID="_04c71j1dle5c0btgnxby44dg053s7xk95gph" IsPassive="false"
            IssueInstant="2022-12-04T09:06:41.899Z"
            ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
            Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
            <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://iam.eu-nl.otc.t-systems.com</saml2:Issuer>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="#_04c71j1dle5c0btgnxby44dg053s7xk95gph">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>hAjOCt9xBm5lymosVV8R8LbNj3Q=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>JGCQXeZp80kFHLvoL+lCcuXS6Id07p1ZBkY9YD7KMWGnhYimT3V+CYF/zz3F4xS2b7bmqoHb1spwsLXNFYjfVwq3vIrf8tJE+WTMs6Hy69lIZMN+cA1WgvHBrwfv6dQ0E2AXpgAgi+hEZjEsNyZh0WK8ewX9/CM3gB6F81ub+iDIYVrAxN8ImehBjsFb5gKJd9vGdtPN5Kh1h5f+9Pb8E7ZT941L0Hde4lEAUnNnecVCLjnvcCTtsVmH0tBpaUzlSdWzS5THiLLIV066SmyzsOLpO416HO2KzOddTkZXU5VWf+6qzQyaC+cLQdNWNVKvOoPbFSikUu2CInm5XM5aiLMEDYmSlwCddEO5OOKoUA+Un1dnpDLYuxtu3kTRzO5ykxH9hPSPgNYhUhhOPtLckvv/FtzNS9lpG7EchsGFjOXyuZiKdVNn4WVbKuGYvjTja3WnHGfpNJn9AKjinueUxO7xw2gXKJ/GML+TQgSqsbPyZrzsaB3X7sJZ13nfdaAHcY3zIzRGA/wddcr+L+yxRFMDtPV52cwSpCKT3MN3cTJu3k93gJlxaN6OcVBjhiFdOuz/CQ38lfzRSxIaMS/LFrwGGYkwrNLWkCSHWZwwo8CWedEM5l63dyzxR2K95UIi02T0QN4cTkKxta/rVoeuTvQ4LdUN1x/k3VgnI7O0iTc=</ds:SignatureValue>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </ds:Signature>
            <saml2p:NameIDPolicy AllowCreate="true"
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"/>
        </saml2p:AuthnRequest>
    </soap11:Body>
</soap11:Envelope>

2022-12-04 09:06:42,732 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://iam.eu-nl.otc.t-systems.com' from origin source
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:06:42,732 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:06:42,732 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://iam.eu-nl.otc.t-systems.com
2022-12-04 09:06:42,733 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow 'intercept/security-policy/saml2-ecp', it supports non-browser authentication
2022-12-04 09:06:42,733 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Available interceptor flows after filtering: '{intercept/security-policy/saml2-ecp=ProfileInterceptorFlowDescriptor{flowId=intercept/security-policy/saml2-ecp, nonBrowserSupported=true}}'
2022-12-04 09:06:42,733 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:06:42,733 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/SOAP/ECP
2022-12-04 09:06:42,733 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/SOAP/ECP
2022-12-04 09:06:42,733 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_04c71j1dle5c0btgnxby44dg053s7xk95gph', issue instant '2022-12-04T09:06:41.899Z', entityID 'https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://iam.eu-nl.otc.t-systems.com' does not require AuthnRequests to be signed
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://iam.eu-nl.otc.t-systems.com, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://iam.eu-nl.otc.t-systems.com' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:06:42,734 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:06:42,734 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2000/09/xmldsig#rsa-sha1
2022-12-04 09:06:42,734 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA1withRSA
2022-12-04 09:06:42,734 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-12-04 09:06:42,734 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 4096 bits
  params: null
  modulus: 780833212372818775479203473584756908157478511960940665833104329026798488708412096463957730986031560699536971604685793755631469735164638528103712796586941283248391093334537473433816881621841433643551509545784341528479466257077570253340730459394524144439470561825531880309380078893306187350760119973863502110938239690056732532237576015713410817092640951029480915162489671542971932145619144868209527314440670224923750462549444079548603408012564298657143697912591193544433644075598026106926646468811820504111621425556553238066495807276626045802944049622045278146600209515759289448446049845276793009470678806630505639155872685517611976298041379760153258369441443706608834473698951737339296605180924342991774924896400530064019217902076139971478880191800808152349664734915206316567268459208984314092535956712275165633295073845619623808442937959337568063845846898994885404695455333181998103624287019468478172845183368957698818849454389451360233262379190615859514122412619488103951846508060862137625955242500382805764622949031613773424268222131209239375233669763979843957564204575307568428090973147896709908167025351124368088974604728720021626763128224355694102358346473759582198635778329138017968133082524864864810444234076758890334162214979
  public exponent: 65537
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_04c71j1dle5c0btgnxby44dg053s7xk95gph"
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _04c71j1dle5c0btgnxby44dg053s7xk95gph and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_04c71j1dle5c0btgnxby44dg053s7xk95gph"
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _04c71j1dle5c0btgnxby44dg053s7xk95gph and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_04c71j1dle5c0btgnxby44dg053s7xk95gph"
2022-12-04 09:06:42,735 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://iam.eu-nl.otc.t-systems.com
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.ExtractChannelBindingsHeadersHandler:?] - Message Handler:  No ChannelBindings header blocks found
2022-12-04 09:06:42,735 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.ExtractChannelBindingsExtensionsHandler:?] - Message Handler:  Message did not contain any ChannelBindings extensions
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow 'intercept/security-policy/saml2-ecp', it supports non-browser authentication
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Available interceptor flows after filtering: '{intercept/security-policy/saml2-ecp=ProfileInterceptorFlowDescriptor{flowId=intercept/security-policy/saml2-ecp, nonBrowserSupported=true}}'
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:06:42,736 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:06:42,736 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' not permitted by input criteria
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP using binding urn:oasis:names:tc:SAML:2.0:bindings:PAOS
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:06:42,736 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:06:42,736 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:06:42,737 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:06:42,737 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:06:42,737 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:06:42,737 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:06:42,737 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:06:42,737 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://iam.eu-nl.otc.t-systems.com
2022-12-04 09:06:42,737 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:06:42,737 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:06:42,737 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:06:42,737 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:06:42,747 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:06:42,748 - DEBUG [org.opensaml.saml.saml2.profile.impl.PopulateECPContext:?] - Profile Action PopulateECPContext: RequestAuthenticated: true
2022-12-04 09:06:42,748 - DEBUG [org.opensaml.saml.saml2.profile.impl.PopulateECPContext:?] - Profile Action PopulateECPContext: Generating session key for use by ECP peers
2022-12-04 09:06:42,748 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:06:42.748Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:06:42,748 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow authn/Password, it supports non-browser authentication
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:06:42,749 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: Trimming whitespace of input string 'rick'
2022-12-04 09:06:42,750 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:06:42,750 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1523456075::identifier=rick, context=org.apache.velocity.VelocityContext@61ff872]
2022-12-04 09:06:42,751 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1523456075::identifier=rick, context=org.apache.velocity.VelocityContext@61ff872]
2022-12-04 09:06:42,752 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:06:42,752 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:06:42,752 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:06:42,752 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:06:42,753 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:06:42,753 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:06:42,753 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:06:42,753 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 31555f73c0235a4daa9147e5af495316ccaa05717df8de6aa867cc7e2db8b6ba for principal rick
2022-12-04 09:06:42,753 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 31555f73c0235a4daa9147e5af495316ccaa05717df8de6aa867cc7e2db8b6ba
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:06:42,754 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:06:42,755 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:06:42,756 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:06:42,757 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:06:42,757 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _7fb06e22a44005b72fce401a68c83109
2022-12-04 09:06:42,757 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _7fb06e22a44005b72fce401a68c83109 to Response _c14da5f92b0da66b94a8b21be182dc75
2022-12-04 09:06:42,757 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _7fb06e22a44005b72fce401a68c83109
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:06:42,758 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQx1o4PeZ5xGBkRn7dEwxUZXunBAMN2k4in6ZBp5tQ+GoT97eAgrC1nAfZQOODnCQZxh2aqZRZ2IhkTSmp8+Ytt9D4T3cXpigMzhWFLhJ0j9F1C6pTtovbmgFZcq6MMZVRu+tZCd1Wu with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 80.158.3.50
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _04c71j1dle5c0btgnxby44dg053s7xk95gph
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:06:42,759 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _7fb06e22a44005b72fce401a68c83109
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _7fb06e22a44005b72fce401a68c83109 did not already contain Conditions, one was added
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:11:42.755Z, to Assertion _7fb06e22a44005b72fce401a68c83109
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _7fb06e22a44005b72fce401a68c83109 already contained Conditions, nothing was done
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _7fb06e22a44005b72fce401a68c83109 already contained Conditions, nothing was done
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://iam.eu-nl.otc.t-systems.com as an Audience of the AudienceRestriction
2022-12-04 09:06:42,760 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _7fb06e22a44005b72fce401a68c83109
2022-12-04 09:06:42,761 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddGeneratedKeyToAssertions: Assertion _7fb06e22a44005b72fce401a68c83109 did not already contain Advice, one was added
2022-12-04 09:06:42,762 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://iam.eu-nl.otc.t-systems.com to existing session 31555f73c0235a4daa9147e5af495316ccaa05717df8de6aa867cc7e2db8b6ba
2022-12-04 09:06:42,762 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://iam.eu-nl.otc.t-systems.com in session 31555f73c0235a4daa9147e5af495316ccaa05717df8de6aa867cc7e2db8b6ba
2022-12-04 09:06:42,762 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:06:42,762 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://iam.eu-nl.otc.t-systems.com and key AAdzZWNyZXQx1o4PeZ5xGBkRn7dEwxUZXunBAMN2k4in6ZBp5tQ+GoT97eAgrC1nAfZQOODnCQZxh2aqZRZ2IhkTSmp8+Ytt9D4T3cXpigMzhWFLhJ0j9F1C6pTtovbmgFZcq6MMZVRu+tZCd1Wu
2022-12-04 09:06:42,762 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:06:42,763 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:06:42,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7fb06e22a44005b72fce401a68c83109"
2022-12-04 09:06:42,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7fb06e22a44005b72fce401a68c83109 and Element was [saml2:Assertion: null]
2022-12-04 09:06:42,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_7fb06e22a44005b72fce401a68c83109"
2022-12-04 09:06:42,763 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _7fb06e22a44005b72fce401a68c83109 and Element was [saml2:Assertion: null]
2022-12-04 09:06:42,765 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_c14da5f92b0da66b94a8b21be182dc75"
    InResponseTo="_04c71j1dle5c0btgnxby44dg053s7xk95gph"
    IssueInstant="2022-12-04T09:06:42.755Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_7fb06e22a44005b72fce401a68c83109"
        IssueInstant="2022-12-04T09:06:42.755Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_7fb06e22a44005b72fce401a68c83109">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>jVJeTotu8boiHD2ziBsuurpTQn359zcwlH/0HyGRfS0=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>PHb404QJ3twKtbfUuk+kvbcFkSNXjfAnYoOUuVDP3sY1tBYqqxCOVyf5VjEuIP0BvH9GLiGBibtaskwxTTNvIOW1ZHE+xYEMMGdrxn4MsfT6Ke98KsUZY2Lwmnf6N6P6jQilyMxOnrInxWvXKsEdG9Y4+Y8ziTGPHr1ejhUggLsbXxFh4Sbb6IcOB72tGPyGUR5VgOY1LZWdYcc/jU+fTrHC9Q5OixOhQiEMCXm0CcUhwBJ/Ewy/6qJRYOIUYfU8+Q6RZ0h7XGH4h9V3/x1H7f9HBAVIno2HijijKX/UzwQrjWQpbGxW/gR+RziyyDkNGSMSX4ZiGx/rZkWJ1rqTwQ==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQx1o4PeZ5xGBkRn7dEwxUZXunBAMN2k4in6ZBp5tQ+GoT97eAgrC1nAfZQOODnCQZxh2aqZRZ2IhkTSmp8+Ytt9D4T3cXpigMzhWFLhJ0j9F1C6pTtovbmgFZcq6MMZVRu+tZCd1Wu</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="80.158.3.50"
                    InResponseTo="_04c71j1dle5c0btgnxby44dg053s7xk95gph"
                    NotOnOrAfter="2022-12-04T09:11:42.759Z" Recipient="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:06:42.755Z" NotOnOrAfter="2022-12-04T09:11:42.755Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://iam.eu-nl.otc.t-systems.com</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:Advice>
            <samlec:GeneratedKey xmlns:samlec="urn:ietf:params:xml:ns:samlec">YKlFI5MW6BaXDvzOYZFmO0XlRObUIow01Hq/rkF1kW8=</samlec:GeneratedKey>
        </saml2:Advice>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:06:42.752Z" SessionIndex="_bbb1a77eed58392ec4b49613e89f7023">
            <saml2:SubjectLocality Address="80.158.3.50"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:06:42,767 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-12-04 09:06:42,767 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP
2022-12-04 09:06:42,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_c14da5f92b0da66b94a8b21be182dc75"
2022-12-04 09:06:42,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _c14da5f92b0da66b94a8b21be182dc75 and Element was [saml2p:Response: null]
2022-12-04 09:06:42,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_c14da5f92b0da66b94a8b21be182dc75"
2022-12-04 09:06:42,768 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _c14da5f92b0da66b94a8b21be182dc75 and Element was [saml2p:Response: null]
2022-12-04 09:06:42,770 - DEBUG [org.opensaml.saml.common.binding.impl.AddChannelBindingsHeaderHandler:?] - Message Handler:  No ChannelBindings to add, nothing to do
2022-12-04 09:06:42,771 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/">
    <soap11:Header>
        <ecp:Response
            AssertionConsumerServiceURL="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next"
            soap11:mustUnderstand="1" xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"/>
        <ecp:RequestAuthenticated
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"/>
        <samlec:GeneratedKey
            soap11:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:samlec="urn:ietf:params:xml:ns:samlec">YKlFI5MW6BaXDvzOYZFmO0XlRObUIow01Hq/rkF1kW8=</samlec:GeneratedKey>
    </soap11:Header>
    <soap11:Body>
        <saml2p:Response
            Destination="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/ECP"
            ID="_c14da5f92b0da66b94a8b21be182dc75"
            InResponseTo="_04c71j1dle5c0btgnxby44dg053s7xk95gph"
            IssueInstant="2022-12-04T09:06:42.755Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
            <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                    <ds:Reference URI="#_c14da5f92b0da66b94a8b21be182dc75">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <ds:DigestValue>HiV1X7YNdzVGa2mfD65p0RfFKeinySIkZOOd7ITZWWQ=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>JuZn30eO9p1JSd44Bwiabn8gfv8prmPO5KAPIJ7KwWgHTM6dG49IRey9D0iJR9h43QEnp57j3P2NPrgUqsC/NfYcfToPC96KVzIHWHulCYjbAB3VOW7uPbSagEIBtK1PoHwXZvlJyuNRkflgalkdVXJavCv75agyXWRowIbEdNN2JtdZHcSUL7GyPhQu9yxsDwzmXraKyCTYeajCDjQE4n2+QSnF0vZTQV/lPp0/UFzqwx5ylae62MWONnjq5/BhDfCtQr2RUVCbqFaewd1/Vj+TDqbOFVnZeLu+MAhWATIOgKSneGa6+e/gM3uopks6LSwQ5+NqtVMHTT18XnLRCg==</ds:SignatureValue>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </ds:Signature>
            <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
                <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
            </saml2p:Status>
            <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <xenc:EncryptedData
                    Id="_67b56a8e6e995d7d99dbcf64b98bbe06"
                    Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
                    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                        <xenc:EncryptedKey
                            Id="_2946cea6d8bd56e56b0460b5505164b6"
                            Recipient="https://iam.eu-nl.otc.t-systems.com" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                            <xenc:EncryptionMethod
                                Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                                <ds:DigestMethod
                                    Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                            </xenc:EncryptionMethod>
                            <ds:KeyInfo>
                                <ds:X509Data>
                                    <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                                </ds:X509Data>
                            </ds:KeyInfo>
                            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                                <xenc:CipherValue>E5jmaqbKSUicpu32Wh8wPhN16aU6TFfsthCw0ydDvpBdm0LQZLKXc/vUwGMZWjAXHxxLROcFaUodAmn5qn+FhWepPVN0uKFaJeWnGTY3BNImIEKLHg2iO3yT0/dw5RxW3rUVvJgm+zBzZOyMscLqfQQ63YHfk4hCxhZBNtYKgFsub8tWwe+5q6WhVINlM+G5gMZv2kvT+wRMTk2qxf3a1b45p69SDJi8wQ62ejKIxrAfJewPyQhB3/m45WtTzxA11pGjA7oVuDRrz23mY7U6/Kp3Un7H39oJEfdgMlt3lg4Mhp9DuYNJhffm8gPwNctXIBwgzm5NKl3SH3ZJfkN8GZgaFHYxXylAz5oW2OxoQsgTqmT+zymuEznY7QY5isxmqOcfTOcDU1bsPKz/vDAaiZSKpiptxcpjRcKrhSK4VhqO5SHSUFq3oZht2yds09Rp7Aug5fCEIi5sw8yPG0MaGDBiNWLxHNOakY7iMEY3opFfdG8cc0QnwDvmv3CZvh00VWDLFBXZafTKzKNdn0JPiZQZGXd+7Ie8bRrbO2yQBAcQ/nam9db5jK5T56kRBc4GNdFh7FVLfQuIB5hhGf+AQUoF54N6O36UWdWJTGoZuPMDOi7dT62fFAPZ0AYkO8FZB+jq5y8d17lImj6/9wx6IHT3/NCk00oqico//wjEk4M=</xenc:CipherValue>
                            </xenc:CipherData>
                        </xenc:EncryptedKey>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>xS0u1oqQiH3ji7lLhMxVz/8SStH4Pj/sF1ZCJdK+QBdYCw0+7MlfrC/WTdIQNVPbtjvToPw6nMaiGO2TpuJgJGnOxL13+iCNjr+eIgiSkyYC6KJtTa10c+cSBAIcJS7xMn2RNEdl3lrsCpL1m2OOYiVRV+kyQ/wrr7fNAijzasZj//ckbV2TdxQ56QsgzQGzOFi8lT3srIL8mGXGxLwaKsVHtykNxkEBW8RP7V3DabS92HKYwqd0anDHzgUQCAkPpPgs/Zgi3XNf69KICHGMhqUlZglx3q3XUHj3h29mJoSTXHQIyWamiY8vZw92iYOirj9F/OS3Evw7WfT/J9o33PkbTmdgvG79CogWo+h3nVcGMQZBvUMj0hR0gshs6eKxXpgUaKFXFUK9UI8fX7Gza5sKi8IQk1B6xJifaZRJPSd4PzSInToO7+x7G0pNA5Kpjhg8JzkqEr7TrRUy2aJ85x7C1w5InHdzRrH9gFbwbS0KSAa+V+2ZEGgJP/1zoM7soo5GhwxbcEK9lFWb7l+5pAi2PwiBWbw2li/VgbU6/I3RmTfrMiXFme+3Le2nNOtF148IP1P3zR0jm1PzrT8JZ3Im6lE2ttxjI67C9uAfjCv/jyA4DDlDpUP83IO450nXqYThBCeVWjNGvnklwe+1baLGVAbSo6duUdKzH/uo2mg1IrZI0Qa8fbAQd7t+twFWH46CiiyQMwNbYvBjbOnyzEVKQ1prBPssStb0S5/uBE/k9GsbvkiABu97qkegmtc05nEpLOseuMaMjHQ9qD3QObZsQMt0x1MXTzHIQzsumSxxgvgyGWI1FrzDc6hjhbj+FRFWjnVl+dWQx/A/xFkJemh3ZHAMcgOIZGhJVUzRM9T7sGcmJPFPTIcqdEVe1mQNkgHiHgCIPsqyJFc6zqCoxi3xtvXO77graDCz+ca5SPF4NCOQQ+w4llS+QhST/eVj66hyUSqMpP3AHbhVW4n/gHZSYxxGU8rexjI4moDENOzSfRG9+m05pV+Trj0/JX5VV1FSIfm9UGtYbdFueihWTor5e0PxU8eU+LXyKF4jGAJ8DLJSErfic/nRebkmqfG1YseYlWjGHAhL5Xih8oDtK480oxSQEZqEwgZmQs/MgFertk1yFkW9Crj2IT6F8YbHunUJmRLLQrub2pLvNm9EL9rejAs4Hr4NF/zjnX7q3bsp2D1BYBB6Jk9C0yrseMiz92N+ds93aWpLm738jxdLP77cYLEgp88qJNSgNdPlCQNiArTYgMVTP5IN/HclCyRW1PA2N7AVaCQyffhm9l/r86nGS0rdl/cr74e1l+C5I8S3hoEhh5rD2E1oLTm85hTehcnICow8+cOHK+N/45CQ3D+UVIt/lp5Rw6tD4dYRKXvTyVE5Y/CwVK+C8iYaQlV60P+ieN0VXoko7PB2r2SYcRQTWcKBvwHyneMYpR+sLMhvc9W2W8GplpIQzbzven4drmykv2/lCutiLBMrCl1+XKmm5ErFsQ9nTZkE3lbNVeToc9yrN151Zgm5eBaW/pl6PEq0ioyMq+7fOnS5HdQTUErc0yLB7kQv3jTMEHNQ2l2159XdTfX8N9Jf0iWfH0azMZcn8EVRWIudgD+LqlpU1i2AUmvemjWmKOcR0v8O0ARVYI24iYgHE/QU94mHeOj4bX8uL3ZhKQSyZ9tGcaNq3O1NwSj75URTSSrDPtNah2tShPKZv6iPnalynBlUwJ4srUTDDcGH8Id+Jhke+BllE8OQzEu+ATXhTKqS2HVH/lwMOeNAuGJbhwFlxjNnIECkEQYDJ9cgYhG7jAyxKYl1QQAb9BdVtzkmk6qUgLihNn6X6WJs8V+D5VFvmVx1wF8rexNYxs0MzOjcPxQx4TogPoNRlr5gMVwki0lhP/R7h7Ylrpmvgyk6FwezBulxLt+KD6LStKPAnRc6F6TFxFsfi0x9gnAF2GZMrmrt1loetzceDQWsun0KhMH2h/KMwiWhpX6v04snsaUUBfG0xQB3yKddAQwfRUCeQRZlFcGRaHopJZLqpLX+yYJyIFTfoVXR/jSo/cujg2t43uUqAUsRXF3++kOOV9Bmalo5y04II42bJNG1RRmLBmtH/z06+9qljdelcEynkssZtR8we3yIiuY92OCzbvHQge0BduMW2uOPkLpn542QJZxxVVlA2NUuS4AK6Hwxrat2GWLD1aA1AA4yd9wNWrjwmtt/KcxsGWenK9FFtZTbnaSduEq600yeJZB9q2mszkyzFpxetAt6XA1gC8aOUQbRZy6tRYL5WbKgVN90ytgigG86apLSvaTNYaGRjY5Gmv8Sqo4lI6ZhC0Ew4ugqULsWdwyfvfVFyWiMleiuvp2YEKB0nGRTYKYe0P8bqVCnqrfFw3Tbj82Titedcm16wAfCxcJXp34NS7LyPBnHQAf05MzRJflmPwb2L/8ewOBxoSbndVwrMKPWdF2MA3XeTmBrs36UI3pbbPt9LSTU0nNjxdS/RzsWDPX4Sksze/DqPfPenihVIehHhK093lp5yQ/CyxOFbf+dPvsf1udjGvRiXgSwIMX+p1ue5sBiK1iVTecosSN8wnfWLaF7qk72Ie0hJMstoXSZea7HKieMdcG69pNc6VLKOakTx4MASor0ycV0NATUueWIqnDhDvzmMdI/fTCb6tWCA3TQ/eJrF4QojflUU895JCZ4JpbtrD5s5M7ao4NUswzuCW6SkT9s0SM9PrZLMdP4D/JHMLRBms3Rnr2o7FPvijZJg+VvQ6uCVSsMlX1RSlN4SpXuNeFpkADAvlsfspiCiuIMhj8vJA6jabCx/FOjaYZxoloeThJKQuFdZHnVJ10lFo5K4dqHS+anQOpoEUq18vF+jadWBAQ9EP1EJuivkgpGo4aKaA+1zAXZY6AgKxso8UKxEHcA0Z2aTITSN0xMgAuaI5BpEJ+W8I8xyHAQCpjgL8f9HQzIPibfZGOTE4c5lU8eVMzIO1VnuItqsY6d4LuPSb8IrV2hSoTLzu1WG8G3xbOf125UfjVVtvrQwdkmbxDCU4MRKiNliuvgE02e4LVUU3oRWT3GtY4kjA3ZQuP/ppGQaO+EmItSODNpycdpVKIvzBkoUtT27Z6QXfeCdAPs7wRnwYk7dvpDq2q0NS7L0RE9P7vsq/5wrDlJ0kAnI8oGtfnhWTwv5dOcUWYCiwMfrKy9sHuG7N5Cc3w7Ia6DytBrbcHy06TrwRt0/kU3qprNfHytud2XEvTs9+zUufhKCkpQMsZ0+63Es1dQIEt7rsGNvbjF0XpIfCIdT+J67oMMtY0z7q04x3aqh0U0zH6T6ep0pRNoL463u4hMDAdsccOPtJoEWZuRLQfsrfxqxpjxrYOWi+TQJ2p1eXFsB8eJKlIr+Bsk9g9FYhupnNdWIy/xy0/tkrQ+/Q/GB2bjcTyq06dS1UOsFDJI0OrCyiwbh3qyKpGZc+qpTyfi4Bbl8JHw4mpB7GzOV8zhHXXSJ04rl1hRjKj6jVOD3Mj3jdG1HK/3kcn/ZwebVZy1uRozCYN5r41ED1HKvxpVHic5Zxoe7wRVheswAHfUUDJRDblI1DTDxz0sk96Y/N39kw4fGUHxvXQNT83BRRFCxE0k8AVIp5+INITRr8X2R3En4U17PN3+kQkV+pxoTdgRePUgnM+D/MqnLmoPXpSTNSa96zX2MDXffbzTEtZOS5hfLsPfxlKrrBpPTFoacck/YD0fZpOcnBye7wx2Dox90s/+KU9pe79Y5ocA8POpV1AiFrNcZaH/2KzsclYLzpCcVXDpNIX58MLX1V8ulb4YIoDMFXv+yrl654vbZHEdXChtYv2DsqTV5aKZ+2vlI25c75ok0+8x3Nlt9uuf5z6qyaM26y7DFNYwpePFOkHUcmHeLNRk+z5B4hJ1I0FjQYR5r/pv7hHsVOaqWLwpuBVXQZJJOeqeiCx6OUP9DgyXsztonPZPU8mdqDODuGeXIadmuCiXbTRSCK0K+KEThuZB0ezVKrbJYcKJ2veEuzA50eCFB3MH/G/KCwuNh2MMOtgcabBUVl0cs7Ay5xp9U1sxnGIPfZ8ZzjkmSSbN1O78VtTpUmP7wXQJbEpChbTBu5tFBQfhrWad/7rqEefqoGymSr1gKXfXbjhSaFfOPppJ0beDc+tqCVeKSNemTjNEPd6NhXiLKonuCsiWtaGx6fTYKnk3tcJIGxAz7rzkcXMrOt5ZtFhQ/Xg/6Zk4/w3VsQ9xY/XnSz+d6GKsTPX4m2potLnH3JL8/WOdsBLAdTfiTfNouNTv6jwK5QtQ3ll+Gq2qaF+2k5/184JGsjq/KZN80fFEkeJVHajFlGk2bB1F2tvKkdK4N6FvdgjFp3YrxwYjm00glmCKjBxF2+lPh+XPnUY9wE5hT6IROSmcq9qg6oJ1WGuEcum7vk97+iIJ+6TTQwH8qr5vO6ERNJSfFiFWKN69iUP9Z2cXR+UjD9ZfI10Tr6dmh+kg82DQ/f6U0ovefa9RfaWsJzdsWsIrtpql1E5QZ8fz1+h0Lm5E+OiwX+S2vip20RWALdjmRAR8TJxKNabiew44/uwVb7bqhzKcwnw3p7dtu181pvpbgk3uqEd9QIRxFRzFpovMdFV3/J21AR/uO+eGhwWBGVigQbqd4c4OnjnKzQ1wOs7GVqR1R+JM94ld3YExbkzt7wManx1EiVsnctQCzel5j+CccfOLvfHBX2eMzLY+JeGR7dBTnI6mBQAaM44WluvZxpOH1HackehM1bovvyEy5seTFpkIbbSLU0Ye9Jm4FofEaLMeMQLV0Zvu1vA9GvmKBcqjqS7TvK4M7AZm9CcPqCBkUr4IaWg0e4YzZlrIYojCbEVm1FdSooz7PDwCficCzBavLkHM2/025WX2R6kchhkn8nk92ouVE1BBB7nkXu4MxafOJZ6aJ+ioQEZy2zy947l1dyMAB/zObfGWnENkcvf3POROux2he3cxGBgGVcDFzWpLWadH8ceXxYBhONfZyu8/yLF5YBxJVxari9leZR3J6wK+CXExUhXdK96fgIO+1nmCS+bucTaj2BoFS07Fr1YH/+x+i4345AA9agL78xZEpirqUp/5cv8Jj+hR9G7ycvnv3cPKzWse5iAXDLp0HaGT7Gu11DHyYWXgj9fzMRnQ4B81vnwcDpURGUUASy5PIzYwuf8aZEIRoE7Wc1PbZW5rz+xNQqRgPEJc9PClgHnmOkaXTZa7CAlVCXR77Rq0WW/j54TCNcJe4s5biuAFGUXrl8NvWYqHFMFrWX4yBT3wOH/nx7Y2CRI3uHibUuBHGsPCDzOp0g25MK81VHByWNvcMEUNF2D5UEeEe9LtpOEePBxUKVcVrIGQXxOoyZdbyhzOvO0El3OFsd4EcTLYnn5N86oJejNTqrOoxTP0FpAmLnYx1un9iYLZ+vq6NtA3XkfG1t+CJv28R5Q2kevgH3w4lQwytzEl4k3+3YRciRd1aoyjb/7kzketZezqHpVe9/l48+1bO15MYcjklL+mubtcNmbkDVeTIzlbe0udNRZ0aX5sGAG6+s4iJt+pCNEUYJU6GdGqkKmJe4esAD+jBhTxi7KV0EEtAcldvk+N97NKx1ZOMXwkuYUgXeN5kTFG/NUWgqMNeqf4fytOop8E/WWYAvBxBmSaJryeH9lrFuP0AkwzldP0msHKsGY0cqix38EtmTJBs1y4UAkDyFQeo8bF+omP5J+L2QwjspwYWd1KVoeNyp42M/sA2+FDgM7h6wcmIikVV2JcYgYfWPv8QTQ8g6xlP+zTd7VnXaC1OjfjBjL4O6ZDIcCsuJWjsSeCfVecryL22jkAKA6MNTbeCrBl0H6xt7aXujlWLiza1JuiMQAwh0zRZ2p/qsyQkO9nieTcCJce70+gK7agAGv5D+dgFTH01FbGJ/ZPn/9mcMps+duHX0YlJui2pzQK8/nA3KjY4S9xaARZvJXAVaX0g8weJyimzFPMPCJORMU77ipSYaZ/UZNXn9/N+UyQQdMtftEESz6mDOyzAtF5UwDQ3FC8QgQSaK6bbqGKYo7z9FQpwxgCKa31zna0NsnqUQwu4b18PLXacOeRU6Vb9Iv0jJp3N1EHvx8xbPHbXnsMK/34HZ1xqngUNYAOVSWa+QOce4pRfMGRa4Awc/0HkOevPsXpepJuUATJYjS/yoAexIRB3o69F3e6Zazphmncu4hHQ9uJ1t9xZxC05b6aaClBQqgwXNUfiHbQTlbYgqVLYxiQReJctL9j8yho95D/496T9uhW3sjFObVCFMJVE1VHjZhGuBYjP+LFvspnNdyIaGYuGWc1G9nx2aSefthQW3a4mieSsHykqBS/cLDXYt4EUmk0tZXEpHJXIbKvPdQDtpPJachKKbTCvZ/0an+8KiULoO/zy4xwl/3AUf73cYY7lq1ZUcZ7we8GOXHtMU0a29DtjywW61ILKLvPKlvogv+FCmVnRccSa4IWV2JAuYRNd9qEPOVhcFEW5maSHAvxvPmIbvh8wx9YgxESx9ugNLX36qjUcTHKaM9rdBwqTnFf/SEgEzyceiyHcB9y664KqTbgG0YoFJO7LszSEbFbNCLk0YdGmrH66U/6sRb5nV812zsUm2JvOG5ZaWKqBfyBfKGt8h6vzjuh+AO1wHTKI9AwUK/1HnPqp6KnfHL4gFe0F38u1LQXV6gxRFNKVIwUgTbluyI7l66IswnC+DIV4YCDLCCxIFIGoZCWkjAgZeOFLatmKtrtPenLpa6WaV/OqOeLUKdRoe+KlKuLO29Ifaz3KI+EnOppiC8mszaNfRhRC2tdjkSHNO4oIKpV5j79hNwqXthrdDYJEa7hGH7vo4QsPsEl+ir3DIxLSfJ3GnVGuO++WBtRWBgBr/a2pJj+2T6YTzcQiW5kaKZrYrbyJ1fIKjzRixt71PnDddgm3wu1NtYSiGuwaK6t7hImZoUUiW1jDpVmV+KLHGa7D29h/oNJ2q09Ng6Lc9sMWM2z9/XqwN0ZHhKltXs0BxXH+cvbXfrZETsWCiDyDocvI4ATc27jlHTgDQDlzBLGchZWCB6buHHr3ioAMx2EbLEzxTNEKOePTQXqb1xn8YosXHp15z9acBRhn5ToBcNqi43/D1MgghZGJmIiIh6Vd+SE8g3llCjiPO6/uMgusnYvsCXl4oYxkQaG7H5kw1HGAH4P0ynnk1xAJdtcHNDr7mornXMbzKqX5d3Z8+JpjgH65sd9nD/JmNBDxYaKJnzSZqpjktpsBWuUmMIrebnCC+laAMHEt/Yq61VfViSxelq+rlhcqYaqX4fLVxSvj8+/kYdnBHCw+XKV2oAvltYGpCziiwlWuQ6xW+RCtXqVjdiVXp1rENvekPRFfyerioaT3hsl4+vtFqaO0rYKL8HcasA3aPUgIAJarhNLDqUtpm3dc5I0Il+kFOOSR0smaVpO3ei+wXLdXciUd1ZwwOcVdai959fWCesL/99xKfYJrRaBu797zq9KkUZwl9BsCCyZCfLK29sGP4J4AGFu+VHC0OvFB0A31vBwi81W8ALJkXBmr3qE3FGpjsyqM2TVQycvO68R8oam81qHLes2ESIlkUkG1cTODA3L8Z5nCG8qA3rnKTp1aXvH7cg4erPdqsJbqPHceXjiVkGkP9vMQiPS6hLvHnra/qulZEOKTe40xghkUqBJETMRZN+mJrThhV/L7Ube8wXEqcoE8XEvkmm4vqPC71xSd7pQVXaqXdkaI9ptvVcnmIUJbkzQNOJqTp8vnZvEO5NMsnrcvfdX4UwIqKDNTIRelQitQe3jpwfYHMeYF7Ly409TlBgZLRsLrY+s1Dgb4Cay9P1s9+EdQ4d4SeTmgo3oXf7c0R2CO/lfuuztwf/CZ77ZeWzQBkh9Xy8HTtmBN02uxNXu847wxvygSGHGuh5+acdHzDZkiUEWJu4PX3Rx3mFPEoLL4w1zYx8s2z7U0T1yXoNmB10qfA6WhDIPPKKJs/mTLA5nutiKFJDUF6UTuMvzirPlC4wqJUSNcem9VeZc31Ojdu+BmTfl22LODG4h0YT1f4vEhxHPHvgrLC+xMSlkh8p6KDpRBCuxY5pXel/d5gZ6tMsu/GjtLaOmT0amJM+2mz36LoCqitjiJVGyJA5gHES9HMcZAjnLg8R8rrhWOVeZhDYP8I4trtdBLbNP+cDVGgdfmtp7RztHorH/m8AhgWeh4iddvdTI/xykIjyTzKJc+GcMI9+8YsHv7VlHVZBVuRroEAmOZEcADYokpRzb2ZDaR9b7ncEUmXAkoq4OS9ckknWGJPpY2k6QuVw5NjQWlA604ikKVnedDhKOeNcrdBKOyievlY7WsVQ4q9KggUIpunuW025sDO5L5k46oJyXwQT1j+cLsU6+YieGMGtGBIijeCRCwH5XMt+eLKuGHuXYs6vaLiJWQmtLAECqdkvRrxjmMqOb5E98Kat5MSfk8NWrWQFMLSPsI1eHBbEpqv7uDuVkDnGOfMKYWH7OFWvEtMFhgnHc56oZN9P/+ovx6h4+iuwlhV/ZxdtWLsNuddIPbe3VxRleajFAjUWO+nCjooU7VZnJoBvozB4ZtvIumUlCg1ne5Ss=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedData>
            </saml2:EncryptedAssertion>
        </saml2p:Response>
    </soap11:Body>
</soap11:Envelope>

2022-12-04 09:06:42,771 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:06:42,771 - INFO [Shibboleth-Audit.SSO:?] - 20221204T090642Z|urn:oasis:names:tc:SAML:2.0:bindings:SOAP|_04c71j1dle5c0btgnxby44dg053s7xk95gph|https://iam.eu-nl.otc.t-systems.com|http://shibboleth.net/ns/profiles/saml2/sso/ecp|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:PAOS|_c14da5f92b0da66b94a8b21be182dc75|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQx1o4PeZ5xGBkRn7dEwxUZXunBAMN2k4in6ZBp5tQ+GoT97eAgrC1nAfZQOODnCQZxh2aqZRZ2IhkTSmp8+Ytt9D4T3cXpigMzhWFLhJ0j9F1C6pTtovbmgFZcq6MMZVRu+tZCd1Wu|_7fb06e22a44005b72fce401a68c83109|
2022-12-04 09:06:44,719 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Beginning to decode message from HttpServletRequest
2022-12-04 09:06:44,719 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.IdPInitiatedSSORequestMessageDecoder:?] - Decoded SAML RelayState of: null
2022-12-04 09:06:44,720 - DEBUG [PROTOCOL_MESSAGE:?] - 
SAML 2 IdP-initiated request was: IdPInitiatedSSORequest{entityId=https://iam.eu-nl.otc.t-systems.com, acsURL=null, relayState=null, time=2022-12-04T09:06:44.719Z}
Synthetically constructed SAML 2 AuthnRequest was: 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest ID="_e878836e-f95e-4add-9b3c-4189bce4c61d"
    IssueInstant="2022-12-04T09:06:44.719Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://iam.eu-nl.otc.t-systems.com</saml2:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true"/>
</saml2p:AuthnRequest>

2022-12-04 09:06:44,720 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Successfully decoded message from HttpServletRequest.
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:06:44,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:06:44,720 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://iam.eu-nl.otc.t-systems.com
2022-12-04 09:06:44,721 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:06:44,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:06:44,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-12-04 09:06:44,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_e878836e-f95e-4add-9b3c-4189bce4c61d', issue instant '2022-12-04T09:06:44.719Z', entityID 'https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:44,721 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://iam.eu-nl.otc.t-systems.com' does not require AuthnRequests to be signed
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:06:44,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:06:44,722 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:06:44,723 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:06:44,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:06:44,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:06:44,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:06:44,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:06:44,723 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://iam.eu-nl.otc.t-systems.com
2022-12-04 09:06:44,723 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-12-04 09:06:44,723 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:06:44,723 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:06:44,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:06:44,724 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:06:44,724 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:06:44.724Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:06:44,724 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:06:44,725 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:06:44,910 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:44,910 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:06:44,910 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:06:45,278 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-12-04 09:06:45,279 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromFormRequest:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Recording do-not-cache instruction in authentication context
2022-12-04 09:06:45,279 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:06:45,279 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1808941994::identifier=rick, context=org.apache.velocity.VelocityContext@12418158]
2022-12-04 09:06:45,285 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1808941994::identifier=rick, context=org.apache.velocity.VelocityContext@12418158]
2022-12-04 09:06:45,289 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:06:45,289 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:06:45,289 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:06:45,289 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:06:45,292 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:06:45,292 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:06:45,292 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:06:45,292 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 2e492ecb4bba5d34d8512cd51f23d7d7c5be1053bf3184d9b11d37d387737048 for principal rick
2022-12-04 09:06:45,295 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:06:45,296 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:06:45,311 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:06:45,311 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:06:45,311 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@571589d7'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-12-04 09:06:45,312 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090645Z|https://iam.eu-nl.otc.t-systems.com|ClearAttributeReleaseConsent|rick|||
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: Attempting to delete consent storage record with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.RevokeConsent:?] - Profile Action RevokeConsent: No consent storage record found with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action RevokeConsent: No storage record exists with context 'intercept/attribute-release' and key 'rick:_key_idx', nothing to do
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:06:45,312 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:06:45,497 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:06:45,685 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:06:45,685 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:06:45,686 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090645Z|https://iam.eu-nl.otc.t-systems.com|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://iam.eu-nl.otc.t-systems.com, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1701680805686}'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://iam.eu-nl.otc.t-systems.com'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://iam.eu-nl.otc.t-systems.com]' as '["rick:https://iam.eu-nl.otc.t-systems.com"]'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@571589d7'
2022-12-04 09:06:45,686 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:06:45,686 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:06:45,687 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:06:45,687 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Inbound binding urn:mace:shibboleth:2.0:profiles:AuthnRequest is suppressed, ignoring request ID
2022-12-04 09:06:45,687 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: No request ID, nothing to do
2022-12-04 09:06:45,688 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:06:45,688 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _270f1f0c4b3c852ced77b28df2e4a299
2022-12-04 09:06:45,688 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _270f1f0c4b3c852ced77b28df2e4a299 to Response _46297c36d314af5dce39a86615848d8b
2022-12-04 09:06:45,688 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _270f1f0c4b3c852ced77b28df2e4a299
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:06:45,689 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-12-04 09:06:45,690 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-12-04 09:06:45,690 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:45,690 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxyeWQYaoFWGuAToc1sF+hYSrblF22RLozX4KzUzyZr8hftmLqnLNf2MMDZkrppFVRzVMeSJqTFmmwYj4ysZ4h5CdeS1PmeN9qFmVjeebr2gudCoYNaRn60qT0KcHaQ1RFZUflLRIv with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 80.158.3.50
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to (none)
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _270f1f0c4b3c852ced77b28df2e4a299
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _270f1f0c4b3c852ced77b28df2e4a299 did not already contain Conditions, one was added
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:11:45.686Z, to Assertion _270f1f0c4b3c852ced77b28df2e4a299
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _270f1f0c4b3c852ced77b28df2e4a299 already contained Conditions, nothing was done
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _270f1f0c4b3c852ced77b28df2e4a299 already contained Conditions, nothing was done
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://iam.eu-nl.otc.t-systems.com as an Audience of the AudienceRestriction
2022-12-04 09:06:45,691 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _270f1f0c4b3c852ced77b28df2e4a299
2022-12-04 09:06:45,692 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://iam.eu-nl.otc.t-systems.com to existing session 2e492ecb4bba5d34d8512cd51f23d7d7c5be1053bf3184d9b11d37d387737048
2022-12-04 09:06:45,692 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://iam.eu-nl.otc.t-systems.com in session 2e492ecb4bba5d34d8512cd51f23d7d7c5be1053bf3184d9b11d37d387737048
2022-12-04 09:06:45,692 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:06:45,692 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://iam.eu-nl.otc.t-systems.com and key AAdzZWNyZXQxyeWQYaoFWGuAToc1sF+hYSrblF22RLozX4KzUzyZr8hftmLqnLNf2MMDZkrppFVRzVMeSJqTFmmwYj4ysZ4h5CdeS1PmeN9qFmVjeebr2gudCoYNaRn60qT0KcHaQ1RFZUflLRIv
2022-12-04 09:06:45,692 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:06:45,693 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:06:45,693 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_270f1f0c4b3c852ced77b28df2e4a299"
2022-12-04 09:06:45,693 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _270f1f0c4b3c852ced77b28df2e4a299 and Element was [saml2:Assertion: null]
2022-12-04 09:06:45,693 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_270f1f0c4b3c852ced77b28df2e4a299"
2022-12-04 09:06:45,693 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _270f1f0c4b3c852ced77b28df2e4a299 and Element was [saml2:Assertion: null]
2022-12-04 09:06:45,696 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_46297c36d314af5dce39a86615848d8b"
    IssueInstant="2022-12-04T09:06:45.686Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_270f1f0c4b3c852ced77b28df2e4a299"
        IssueInstant="2022-12-04T09:06:45.686Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_270f1f0c4b3c852ced77b28df2e4a299">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>HvVTgElqjaBBcD+/M0SX2Lcl6CcR5S/LmE8bCM6+6k4=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>PsC0Zy8xoKkR4MaT9mp8aTU5d/X8/fXl4K89D1sGzGR/wBm69CkwHYpNuCVzwV6mayoAistllAGEk4y6Nha9fYq83o+nCEJyejAZAICrRQaO42FIuFIoqdJIaWKRWS8rAWcPzdhRM/JXiA+9giAEnyEYK4JIBVZMNC++fpDcMdIkhqR+f8zPhIA4Qc8EjOAiDoltQLLxV7EAY3h1Vv7MrM0hGAA3uTiIMDoJlcOxpU8ynX4m1IEjp1aD5qZFYyB6Pz4QTfkWkno1yMF6ePjagVhhwyjD9QbGIdVoUUwgOT0DH8BE2DP7zZ084UKkkhhR0i8tIm2WrpDfqR59HzYXdg==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://iam.eu-nl.otc.t-systems.com" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxyeWQYaoFWGuAToc1sF+hYSrblF22RLozX4KzUzyZr8hftmLqnLNf2MMDZkrppFVRzVMeSJqTFmmwYj4ysZ4h5CdeS1PmeN9qFmVjeebr2gudCoYNaRn60qT0KcHaQ1RFZUflLRIv</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="80.158.3.50"
                    NotOnOrAfter="2022-12-04T09:11:45.691Z" Recipient="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:06:45.686Z" NotOnOrAfter="2022-12-04T09:11:45.686Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://iam.eu-nl.otc.t-systems.com</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:06:45.289Z" SessionIndex="_996545e47002d4b0d98307fcea2ee334">
            <saml2:SubjectLocality Address="80.158.3.50"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:06:45,698 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-12-04 09:06:45,698 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST
2022-12-04 09:06:45,699 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_46297c36d314af5dce39a86615848d8b"
2022-12-04 09:06:45,699 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _46297c36d314af5dce39a86615848d8b and Element was [saml2p:Response: null]
2022-12-04 09:06:45,699 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_46297c36d314af5dce39a86615848d8b"
2022-12-04 09:06:45,699 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _46297c36d314af5dce39a86615848d8b and Element was [saml2p:Response: null]
2022-12-04 09:06:45,701 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:06:45,701 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;iam.eu-nl.otc.t-systems.com&#x2f;v3-ext&#x2f;auth&#x2f;OS-FEDERATION&#x2f;SSO&#x2f;SAML2&#x2f;POST'
2022-12-04 09:06:45,701 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:06:45,703 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://iam.eu-nl.otc.t-systems.com/v3-ext/auth/OS-FEDERATION/SSO/SAML2/POST"
    ID="_46297c36d314af5dce39a86615848d8b"
    IssueInstant="2022-12-04T09:06:45.686Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_46297c36d314af5dce39a86615848d8b">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>6BJQG63XkbQeGQpO140BzCU4OSuh4CpsAyXSDxd9vCY=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>bTaq2PFPGEWX/ThOPmUR6m3/2cj45Bp14CF3vpvyZouVsB3S94yFk0M9q1+mciK4NPofZ8I835nOnvVlRzWKz5zt2wWO0FmdP2iLV1SHqpKgokPRc8Omc1UQzEAsiPvSYIPEsHGvYUz71C5i+uVXlflJCuLL0s5AwjaabHSAXMr2BTOXVhtpnizA+CTpKOdLY9sh87FW3SsH7shIVfp5wjnFeF7AgWxCYp/l4TlSP9Wdy1jRrv7XJvwStwZqz9p96tg8r1g/1MM/i0B6ZN0Cp/1FTMoqrEm385HbiE4wZueMIbcBsWtyUBiZZcwMnkoRtxAb6uQS1AHhiOk9XgxT1g==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_28b5c485a502dbe8f0aae17995c65fb1"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_cd901eeb008bd89b2a02bdfb60e0073b"
                    Recipient="https://iam.eu-nl.otc.t-systems.com" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIHeDCCBWCgAwIBAgIJAPRelfvZJrG9MA0GCSqGSIb3DQEBCwUAMIHXMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGSGVzc2VuMRowGAYDVQQHExFGcmFua2Z1cnQgYW0gTWFpbjElMCMGA1UEChMcVC1T
eXN0ZW1zIEludGVybmF0aW9uYWwgR21iSDEUMBIGA1UECxMLSVQgRGl2aXNpb24xJDAiBgNVBAMT
G2lhbS5ldS1kZS5vdGMudC1zeXN0ZW1zLmNvbTE4MDYGCSqGSIb3DQEJARYpRk1CLlRTLUlUU0gt
Q1NTLURQUy1PVEMtT1BTQHQtc3lzdGVtcy5jb20wHhcNMTgwMzI4MTUxNDA4WhcNMjgwMzI1MTUx
NDA4WjCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0
IGFtIE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsT
C0lUIERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2Bgkq
hkiG9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv2W7Hr/Ro63zmZVclhlMvakO1nYWAe6CFDg2hYOH
IxkC/DG8LsKbnqy3Rv8AoH5CgRwmT/HYKeJu+KxrpECJXGIjXirUzHrL5w0Hys0O6SJYzztRGoQA
eFfl3x1NNUxVGkWbuK3/o9vm3idoMqVY4HFU24h/6VbSVBru1lsfubmIGdkf+9R844JbZx1R1OuX
xQ60ZhTAmR6R5d1E6tprM8rAqBOC2l1o4azQyDtmxM8NEBjKcZebNleHOB3iVPiiG0ens6z39y7e
SyiXwWcsw8TlwcQiumYPnFT2lzrJAC93hEjNGd6sj6QVvPCJRu/Ya+AWfcm6JtBZRK9ZfBz81wjv
BnHH2u8j1GyZMdE5dvN4PC8bgX0HxvnbhnAU0DASzziyS9Ni/gMgWvJsmnmNVLyYMxRmL8L0JtWk
rz7aNSskufk92Cv/R4KtWsfdkYtNG5/lV1BNzraBgnnXX1gH7ddrL/Ng2aNRFd+LtsI/BjUBpg7r
Ebym+pJuri2PBj8hhjLKbhPuurybQLVtmYxCcJUo6ZG4X3cpxl/e8v+vviapn1OY9zaFLAc+fccX
1GFrLYv9aQKGDQFRMl2uV9nP7UpakBCgZ/r7ljvfhlnsGkLPZBokM9Iz3iUFMGj2gPD1m+C7QaiS
OwJnkTk3cnhZV6It0XdFIaFgIi9V4XMnYEMCAwEAAaOCAUMwggE/MB0GA1UdDgQWBBSg4Skug1x8
SOG2QdBaHAN2DDs7zDCCAQ4GA1UdIwSCAQUwggEBgBSg4Skug1x8SOG2QdBaHAN2DDs7zKGB3aSB
2jCB1zELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEaMBgGA1UEBxMRRnJhbmtmdXJ0IGFt
IE1haW4xJTAjBgNVBAoTHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxFDASBgNVBAsTC0lU
IERpdmlzaW9uMSQwIgYDVQQDExtpYW0uZXUtZGUub3RjLnQtc3lzdGVtcy5jb20xODA2BgkqhkiG
9w0BCQEWKUZNQi5UUy1JVFNILUNTUy1EUFMtT1RDLU9QU0B0LXN5c3RlbXMuY29tggkA9F6V+9km
sb0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFEH+TQEgwXkOp1dymChsQzX3mm32
nBbQwIuTKi3jy08EjRQktZCOhjpmuVc/QQUCQdgAZgWVboAwTspfgwQwVcuIpCkwuyc7tt+ZzRSk
ybvOccw4ivz1suevGZZfYt+B7UIB3drlMKLoJWMTiBZnL6c4iaqubep56BZBOH6IP2KaMRd4EqIo
kXLHgaIyhqz51WQmTJArhYvAvWlktbAW6GXev3mW5gxW7LAGygQNCo2JkXSegGPk2jLO48JXNuCB
lGGf2O5TkhD+Qw/buIRrcKWnolBCs0ITalkNFt0RftLYmyR0JMotaBRHHmtdqSWOwMT1j7SvyzhH
yszzRU4xwTUFveODkWYS3Uh9PZs+3yDcfqC1x1yRbhKe7onZt5nXh/wY2762Pv6NkBQfQaFaE8CI
OwRu6WjaFfRntVXHpvV+7tO6Dr3pfRNEZzJM5+m/Edh+JrUdhyy7SxuYiCpt5xiPvM9rMt5AkXCn
P8AQVxq3O/1Gsdr9iblHAkJrg7Lbd8bPyzE9nRW3zqp++BxYilxIIVP9xnaaj/jjyuAPfeet30wm
zeOe/MGqxEwP/JSwJ9rZI//FaG3gAX0UHO6Eo+R0/Yv3JcyAo6j/RN/6YcSTQD1MrPGZiNTz/Muo
nczuEbZF255Cs5PfVJJhTPW730xQmhZnlbta0nyBO9LA3Fs=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>QuEzrh1sevGgJsoNBIE+Mo5J/AwFE5i6K0Mmf0AzUGisRJZMwNu/o/G1ml5go/Gw9yWWZhphPH7Cy3UrCm4fBRJeMrzvv5AKKHoSil38cpPkD/l7WyH3XoJKrGjgek81WVvUJvXGVSGImjSefr/OeKTbvYSgMJsBhlXx0HR3tONTSgVZQCHm6LaWPvv9QeZeTPRNYdnAiYtSHrjbW4blzjBHmkzD8yWUCNeEA/VT4FiejPmmzEQZAS+zw8PLPFYBY6gprJmv5KTMGDamM6BDcrdrXTdnPbXD3rqTDgyONkG/AIK/9SgYyQjJPu9ROyO338snvnwa3Tw1nnZuF0o8jeZnHrO0cAWNq4y9EJCSuVjm053czBImVhB/jXwwwCGQHXDCaxnye8e2v0vlQ9EaIDwmea+XusrirYOOZsjke5x6nMbeErK8R9/zAZGsU75mX23oPF422i0PH2dKTOz3+FmMRDnXIGcGrExE3Y0+0BeN3SHF8xdue3MRXBpZkdkt08DemwvZfOEZRlTl8v2QzxGMd/0MHhC7wmN99G1wCEOnKST7AyPqjjosa4/6saWGridqRZpowa9j2v5lssd02ZPofjiLn17qt+XFEBP9mbbJtAd+5gAOIKVNnfyhcuQUAJNBxS/B1HZld5ADJa3hY6CQ5UHS1gf9ZfMH/TFJC7g=</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>mWqMDPdcnuEHVMJXPHuQ91vvEnfxwqoGnw27e+u44XUdbNiYwbocQl/jlVIll8dhO1okUrDM+jjE/N+LUiNx4nof3cDEMK0k/3lcCvyUOWRTNKSIVXDQBFSTLEIZinfYg0nsawgDS1VxzJk4F1Gs4VzaO4S+KMvve7SgGuu1uVNns1ThiSDgejoRoOqjbT0GI/xG32JJ/X1d26ogCpr4Tz7s6SNJJz0Q7fx7Zp30laJ6VF0IBBSMChEudpgM0cQvjcCQ29je0endjfWeaoApVd8pa6Sy+R8+batSgBKGa8iRtkK5NHwzaCTmgTc9qL8joFlzzkLVjeumIZuLCpgchYwPd0S8O25lo3zdgvK/1QdCOYZfcwTXeAM9QKUaV9Uo3bsddCG0r6CJRNK5umkTrmwm3PqG+6JTQvNIvpF+rGKK1DSG+oWzfMDRLNtOf/KhrCOPQODBJI2BJeZ3fp8cbst4MUGBjX/wLGHJ/YqE2m1tgTgw5sc9mkRV9dSNFsOjlyMjSxe2yvXnGVvhnpDjJobG59rxqufzcYsHhBiS/wB3fTtyhnSjhLedr0z6//tMCYeoJAVq222OyaME1LY6WDMGeRW/Dxkv9waUYqGd/HYnNm1iUBdH8eC6ku4t46FSWeX3KYiW7Y5uMhHWXAYx8Zg8aW3LAC5aiNVY35/bCYx4iieF5G1U4gZfbPJ0sUedHRUyfCOMcjDjqORLwJ3A5BYEnXcZRNsFtKnXolvQqCnLLi0/DMcWOUTALx6z3O1lGFTqk8NyYM0get7HktIvyIBkbYaSQha0EZpQUQkw1yI+UeJ6KvPJF/mHrkTV+a0XlXOrNyeT8tivQLk1ZrzFn+LL42A5ENl0Lp2SbJTvow2b5Zp0r+NfZdDquuJ8VypaAc4IqyeHo25NU1E0sEiRGN3eui5hsY4egH7xEbuc2McJ4TsuK95ijGxEl/fRT7DEx4ox/a1+hKYff+HoiMhtwXV7EZS5Y+oZ2XH0OaG++LK/yUYaVyqRVVKJKJ4WGJth2CXJr1KBVmRaQZla2AqrX4L1m5raew/dQcBTxF4yuKsbF4ZEuGBgqbTE77rtF4oxfEBJpDdyZjlN0aEVU3w+nUrDp60SdkFXJ80jm1p3yQKElR7f5pfSUVv9d1mh+rSDoS0JvVczoMwP+z9Bq4+1UQuq1r5hG4AG1dUckXiJ/k/vyBGMMFYWKGpvN4kA/gzeIo/7juIz6L2vfJplCh7fufzABik1Ld+ppLNJJRCcDUiuUr0ONvue69Z1CNl9T1aqv2DykHxMC5Mr862ohy/xuQieIhJ1S9wtVjEcpIBa+OMYfbkRnFhk38f/ZD5GD+KsUBdEmHtLleYd10N6OGZYQ0YLC7wweXrXscM26v7my1o7C3Kfi+JrVXUgKQ3Puief9/ReVYoLdi9RS3xbXY/fi8k62gOrHYW0Xn0Kf88XuccvAU/oSuqXr1WwMkG3Mws/+N+cz+jIOupUepyVXIGg5ezhHLno/pcwAp0hPrVR5kaAy1hsOF/JS47+GQTIRxfBUXC2o1Rv+nfeJmWAjkhnkBJpQoI41+Kcrj64aqrRG6dSA/G2MBaMHOgADSxW1EbyKJo+TeBSdh4hsYoy9n71gxC6P+ERSMV3pFvvpfMbj1hBtsLs53jCCYx2iu/Rf1OkRlt+ZlesNF44BU03EVEn8V5G+IEWqkugmnUcxgA0bqLMtynTwN/uXrLtgx/3wUU8nbU/zUVbw9wQOVFSrULi2njhXu3yLar3SydcRlZyPMtHoLVlE1M1esEl4HFwOYDiqVUgbBnwk0t0duGyJU8L8BxgpSiWkDVqZovWx9cjfXbM1NCm2BgLqbRh+kN66EVs7n7ZrkpsA4z9cOjwDZbD8e4xRfjzveFYJoHKzhCEqQEdH1cNGRnbGcQ4MnYeHYJaRH+1Rq8kEKjZsDVlWK6vH7NaviOe9f+iAng3DML15OvfLf4wSx55zJds2iLlZm5cZztgaqxW01EtGhsnjumfzy4iKvIUZC5ve9fBoUbPzXwkh4F9MsIKvpDPbkb9BQXS0ZUqms4WybMNBxMCKI1aPL/rqocudbZWbSs2ZeV1ksNnF7Zfuw9xhtTCwQ8YnFX6M1+Dy1UvZ9JWFYzU5Nes8qmZDwZ1GD5J8HWVfDLvWxm5xpwe6rPVNY2MFxMZABgI69DUhGZ+xvi3r9UOeH2qHGYl2aqZiuyaOGNspM1YCpc6DPLfzoExUtbAJFSt7j6O9S39VPJ7GsUfpEZ7R0hMKAKgMhk/MyJqveXZvi6oMnOPwKSTQeBHL186RGn0s5fz35jihqw4nGSRCiQoiftB+PmhBwutn2Xk6/a7iTtlCUTbCDui+YJ/K83UYa6m580VizlYVHZOLK1t2HIaYxRDtrAno+iYbU4Fb2nhkmrGsVc9q+W6jY+9/1XUJlFuOe2CtZs7mh96b2Co/7rtQEhPpkq0liKPix+qT3toBvX2dQf534lbmS7dEzpRaJGhR2xT7DySr29MzLd2N7dr9b1587pRS4dgEDM7mDJZ+UwVxtz06Ggxm6kyrVrMYoSeas2NlfIdDTlAn1yg3KzfexlpEM1WbOn6m1bvmf7sRR0cbrJWGPjccgxEFwoIe/vzcqgtQmHcmZsVQALrFpZ6/a2O5FTYv8iLmsbZtJmnPSR2xbZ48cnEVAYlZvOiYmClBl2TsKtdbyU+MaDPILhMtAGfpU49fXePZO8gEwb6sldaytPaq6Pf8S5zq1IRmoTacQGL34rktx9kZJvUTL22SizIXmwgGlwUTviuiosJIRs8foIqZnRwT7L0bW/N/1VCfz2fzX/cMGg6xrq704rpyaiboSDYUkGwZjF4V/ox3JGpshJaYRIHA23IKYpQ1rjDWaWbzQFkNxh77VdY/kOlSSctNpk0tAjLrq//8JeCz6RUdlo8OzeQzbpqC+dn9/zNU84Afm/BwyNIc5uK3nYYLfyeL1g32h8IwJ0YwHX33d7eaeeK7DeGBrjos8af7VwZEVNSogEyZbB0+JIQhXJWPxsQ9IKPkiJcCewmShlTKNLvzhPoosK9be4Wg1doFO8iTPtag/aOfVbV84/MF/cprZPyhIPvIzxjDQ6Mgc8TvIiM4bKjFQ4DENXN8eQeraidSudt895yOwee1bbHg01BXinf67FevQZiJmP7JoSixAoz+tZ5K/emJe2YxLHcJLZbsXjW1jOLWDgFfvZ58BuP3ICvjn5xzJnCY0oREnpBgZHRoXJ0dyrEAMLR7EXe599/yEF/5mRO60JSHfYmkQu8H++mWUj25sI77+nQOUpNXvZjfry8C9wS2DttNFype5TlaF9E2e+8rahoJgXmQncFlZHeZqfRZg+4h9pnPf7J53f/flnQK3w/VhKmT+HulFifvHpF0bL08c2xPbzCid0zwiAw/PSmyu36wymnvl1HNpZmwAtsBXRe0Ta1RJawDbJh9cSpxq+eKvsKqFvCstcBuJ3JFPQ56lRiNgRTszKgKY0IQR0twyLTneeVGF35dmx8K1sQSXqnumEMBcwsEXEH2+f5N0sQnRuc3O+uyrBd3wFg3YvmRPaPg6Namdkt/wyhuT9FSOSt/u6R78RwCZzp8CsG4+H6qh2TScxapT1iQtVy+L9Gidu8wAXLk0lNvZBllHcfj1kDld8rneh8k6V1yKdK5FWb2BbnqtGToPavCdqHRyA8wTQ6EBNPN5MAgNY6k6z6uxQcNviafDWufnRrBSgd1EO2sep/Z4aGruGARX1SmMpbaS1D/4E57Rasi5AO00muFX8UDEPXGfcwwDBxXZA4H0J4W6Q0iHCZ/ZaHDfZ7Wx1ycSqd1OZA4r2qtYvDxWqdPR8IXgrsBRbbHhnAMhmCsap+7h8XOvnULGIVMFvPtNiBJ4l9xUAH/uBSunSKr6IqqU2r1pk977Z9B34UGXriugpm+P9GQ9lBPmRgFnJcs0DJK24ltfxH6HVftQ8h12fdK/0IIhIuGftmOB3NnECTex+kTXakyKBEkKhICPiywO3KmqaKiEQpS95V/WtPqQ4sDku4oN3nOq7RkP7HtG5eVsenxgczdyxSNH6cB3OlCaloQcklVJA11FtYXQ8BW0TOUnD1LPq5XbrDTG/2Qc7Gj28e3tb6M8yEi8KGoDgC2jBBaIR1DqDtrAfYTe7/3SEzSwkCo0Kn6Vs84LlD5o0wHiU4A/H8wL8IPIoLS4wiB02jprSgrKVbNgd5Cs37baBn0/t4GZa74ChT9689p6AYeheeila6ER2b4s55axKLqRSdLWgQFCW9e4UcRkl/zYGG2z8eea3Y65Of+azVzg9we1Pbxhc2SeWpCTBxB2D6RfxDKa0NO2aK7sWI/rBlDQ4CdN+4p2ppLbXa8xv9i+g6VIjVCcB7BSUxaO1oYHds/EZdPfe6cb4uWGCoayqySu4YYEOmaW2aMEN0oExYLOJOXjf/WK2EY/WjL8RXPhZzaWxBW8/ctMjqzL3YErqI4gyW1Tl8T6+3k/rRJVj8olzXBj2/xAcUA1LE6Hyh9imtx4LyNCgndrTwDIzj5oIHwFcCAYYUYqGj2L0aq0Zjw85xpkwmuvyCpqt+FQdCAB456d0W+PuTSUjXTlWheZTfLet6ibYnWr1HDavtCxoJoOhdPu/5PAFmBAXnK8+DyJCNJJs3iGVAxSIxB4fY0D8/fqViuCRwT33+nTfMNy+RUs6nFp1k3svjwcWZMOLRUUMKpYPeE5vxF3hIcmUgdAbPZEqmIkKsr4/5OSPwJkYUwbC7bI9EvGz4FKclNtHpIwjOYrY5V63MiNn2HHFvquW5NKUHrPBqYi5wwsyO9jWsADW+sDlZ2Ba5/mz0OHpRj1l7O9+5X7Lz5bA6wDG12pPG+IiEjc1xXi1s55euhmuvVbNLaqqBrn/CaxkEUmA5IVlSKgh+O5BE1aoMsBD5vD7cnYhZB7CM77ACAv3aMyKCXpJx/yv7WgCljcRdnoqn+obsVg+Xrk3VqyZPHcAlqUoQPMthBwJKjM8Wdc89+3d5SDS3UsZaC6p3Tn4Q4s0/PvYJlwiOmjVkqhoJZnubDOKV3YU9Dh7pV0/rCEET7Qn+TjZmKMSHbc9a1FVQPArVC37wMALZXzui7SRsPFmmANBloGT+UhQzwM3K8qM346DeInyXQdG5bkrwWXqkGU8YOKHAMqGjDZanzY2fuBkZd0ThmHkfPyA9Y1J3VSZHins8yci5dDAafxTZzKu7FUKLxTaP9H6IQkdSvLgBYBLQNPf94VmajCT0YeRm28st0YudkA5z7ZsUx9X7rB7fDHPHLSfnMKB+KlVQ9xmaCZtFvgRTZydAe84bV9Sq8/hccvhT67C4SY6mo6whh6dnYLCmvE1B8cACp4QXlr/bGab/3JAfrhyNGHQHSorcipwDqz+anUNqU1tviM8DK2Tpx8GXAPknRrlAM69hWzldWc1UVy6WwrzGO2KngdhOTwQz3Xdu8A2HtQFDV5OmfNuqIbX6hiE4Afb0g5tLj11QOcAWBlu4bsWgcp2sf4w0hlhrsaopMlmvYwSy+6jpgEVfQ0+hkDHdU05ICvXNXUqLs0/fK4DmzxGMAYp+9xLW8RX3mFM9RqRyHxxelvBEvqHCO7VjMlSiHyxOJQDcElVz0qbrnLBl/6ucmUQCHRnRlAx+RqYGuoMbfA0tcdTw8UCRfaWNoeY9ICI7c7SabEBwewmqo5hBH8w0+23ToPqjLCJYQYylG/sLh6YP2UDlG9zoPuPGa3RUjDJVNQoT3TFEauBKO+oKN3ohHrw/PAMWgi9bGqQuFx0f7StV0JEC4c0ILZi8COgykC9+eotKFUNDEJcZBS96ohact3wnDoSJV3fJgUQhtF/7KQ9BppI1FPXuLqDR07QyNcMeYdrAteImy2MffHCmlNTVwgi0xPq0bs1/CApdkWOdondftF/WUCJXzX76jJ6v8VF3cz6N5+PhhtOtuIT7hfrOAMXqCnFizJZsBzBO1yyIgUd7VBgtAVYgLwgjoYCYJjolLsC/OmZ5rDaC7JOtwJg4UgAL9Fji1qiZ4pXsKwFIoLvCT8NefTLvvCoMtwT/w+g2vaz/B2kkzMnfvH8xBC+xUzBlVdesi1vBVQc31JYdVwJOkbJABE/0zuhubFD46xnUCc0Mz8gzkLyN8STM1lsw5c7vn9i8ES/kc5IoU6qTpJNVIiDyTh+m6EmH7S7f744XClhgy6FrqVbphKnjFWZYmCTs54SyuxzBgLJtVx0zSmn6djiJng2nwZSUuO+guSWZMdkjnV373jNRhgZP+UMLn4Xih6ZOT8KrFyhV318xM5xI9n4WvRrYcfC+l+G6qXKRYAYB+4zx3akTNKgjEOmDlO+sJd3uQCESk5413fJt/KDON+3usNIBuoKY5olXjfyQ1oXnr4ll+Cm8IFFhBQNe4axFQsiZ+OLLC6dCDI5lRUJjcCqkkFYj5HkoNCqGiM/RINYJ2cpZK8eK0UDU1WrbnPhtRFaBoiA2TVWgw1HwFP8CFpyYMFyIRU+sHHsB78aC/oG1yWJZDGzuO1bSPesXydoObgqYRaG5w7onfE4FhKvAFbQ3NrAtksIiGmfIJTr34KgUthfFyqOTgM85OysVohwtuxFykbfUi8Np89DlLQrdggjXLpKQR2TezLGqxMBHYwDkmN/q5JCXTaUNFaRZzKDxlYPAAX4T87q/nq/kOe/0/j7dmfmJXHysruyIfU1pntG7I5t9N/hM8awm/HyZIsfM2VpvfcmBeFo5e4N8pfPJCD3wR861r3RuGD7Ov8VZTbm4/QxW19eJQFnkraocNZZPx/Y3RoLqK/BgU/n3ORtMOmfW3OpiQr5jdYDEXMc0aLBwx040lWV8sXb1fgUmgT0j4n8ZgEXxyOyz4hVkquyy7+1kf7JVLbEPMsUVY1mr/vhBNjvS3wPTO2lYMjaI/gF0bLKnpzwlzXcVq+mhs3rOQRKicGZpRBulxmul9cuYyvrJMLiZtD2HyHvbbsT1aGjSyTGvVcM2NAgExs89HS2bxfjKtd6RS6nYZW8eN2RYax8t6NtL2RB2GA47Yac55sVZ2ULfILJE1UMRfz6udOVQxQTA+XfVYrsOCWgEpixirA1pHT5sHNfclCuBZ505TgE8Dq2+WJx7aGbsD7xrx8kuNQYsPePc+ybJmLzd5B//F51gNzdYLZOvqAqdvPC5GPuNbn+g821ALkxYg2ZaauIYc41GspwR619tq9pleUm2cpYnI/Vpo9BOzNd4OYOVjLHygactuT4MGT7jC1HY8dK1NBl5ys9vPBbS/CaU+jT17AH7G+4TGaPtl2gsJXaQnneA/qtUtAG3JwuaNaKSJVyLyly2oHgWIWUG5CijWP2EuKX9dvlLCgIkXXifg/1+lLlTw+VGTBKizYzHhPTrligj1P/cNn0kPcByMFdPUk0oykzhp6J1LJpNizEc+4XgQFQ25uaTBcwqNhItXtpr2ahiTdL9FFQNxCFU5OsltF3k0haRFvshYYh1nBzpE5I6Qmu+czizlRX2JUzIRgpNM5tB0/NyypCAIbj2VAQbjfw6Fy+QdySx16Lf0Fn5Zy6jI/Vb5N6JkO/AY4tgDiAx1Il4aUzCb2/FOfWrOc84rfbp5cFNON10a8kV3BfcIw4dI9OBm7r4h/+tunw5a7Qj4l6jXOyTYLxETh/cQcHIFPoBnHSb3LAEczgXHGcf/H7Vjoidc+roE6P/kBqie56Xp5HjAqlQZFG3+Woxi71/U5yCs+yfkPMDLt/T2JZqdLjNjRGcjCB4zI2c+tTBcXFHxZlbkTVUaWt3ANxdVyzKAncyTtvL3dBvbyddXqaPnVUHtX2tGFZrURL1m+n9/Tl6cSP7mXBAq/kIhX7DmIDNgTBVzCgLj2R7Le887qa41SCJ5UceGeTdVsDLK/D2/t7UlCDxI7O1nZMxKtenTXNfUdTOGqUfVHeeouVYFdEKbM86CgIWVvoWDHkm8F2O2g5GBKOFcBxCBQkAZ6s1Uz6JUHy+4BKJK4M4GaCT2bPKYd6IoT7rOOAqEBvVxZx+hYsfu52K2DnBcfz85vfeT1vIEsTovv2EV4yFxCpzamNR2H2w2ppi7w26lg2CMgOtD86tari1O8LwI0YqvHObHZ2R4TcVX8nAVbGrtz8xHL/kX2UFVvVNVsDBovrt4Z0o45ZG3n/9yyA7mf/DMjYfG77dbK6ui5wnz9JM7/AixQs/YNmX7rho5g3FgZUJO9yquaLASaG8s8Y3XwqsjfzcAVJOBFDOEzDn0nTZPW0Af4Fn3eWJN8T4H7ha6j/RZwtaZwvDQg==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-12-04 09:06:45,703 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:06:45,704 - INFO [Shibboleth-Audit.SSO:?] - 20221204T090645Z|urn:mace:shibboleth:2.0:profiles:AuthnRequest|_e878836e-f95e-4add-9b3c-4189bce4c61d|https://iam.eu-nl.otc.t-systems.com|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_46297c36d314af5dce39a86615848d8b|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxyeWQYaoFWGuAToc1sF+hYSrblF22RLozX4KzUzyZr8hftmLqnLNf2MMDZkrppFVRzVMeSJqTFmmwYj4ysZ4h5CdeS1PmeN9qFmVjeebr2gudCoYNaRn60qT0KcHaQ1RFZUflLRIv|_270f1f0c4b3c852ced77b28df2e4a299|
2022-12-04 09:08:42,765 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-37586-yOQ1UI5aFgD1hGWAx2S1BolqG-5c2-NB
2022-12-04 09:08:42,765 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:08:42,765 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:08:42,765 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
    IsPassive="false" IssueInstant="2022-12-04T09:08:41.856Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>Hjdo5gq76jy872HkHXvinpqXGTuTzZWYfNUtWeANxc8=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>If+Qw4nvsgOjYpi+Yq0VzXI1INILtcp6S1L7rd5yvZ7DQs4Avq6VRQyJZ4WphRxyiRRe5ADaRGZ1OQCRzXgl75Fn27XUCmypukGV1OZEGNxBrvXqExHNmp7nVlD2RcBqkH21L1BDqb2Zc+XModJTtWLyVOi07TIkTcsEh6SPcTxj0F5D3nEkQlXY//N7qG7tPCEXrVFPd+rFvdMVzv3WXmLdybqKXzEAOCBbD2P46fsobwfVaaT5ntFL+N74ySCDVFIqmjpaHdHlwTUYextOTRWAOUkHyCr8Hzxln5p/nL0OgP+N2n6J9Sqbmaf5x/VDWzgwYIx4Ray7C4m+AXp6xw==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-12-04 09:08:42,775 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:08:42,775 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:08:42,775 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:08:42,777 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:08:42,777 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:08:42,777 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:08:42,777 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:08:42,777 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:08:42,778 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe', issue instant '2022-12-04T09:08:41.856Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:08:42,779 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:08:42,783 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-12-04 09:08:42,783 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-12-04 09:08:42,783 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-12-04 09:08:42,783 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
2022-12-04 09:08:42,784 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-12-04 09:08:42,784 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:08:42,784 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:08:42,796 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:08:42,796 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:08:42,797 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:08:42,797 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:08:42,797 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:08:42,797 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:08:42,797 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:08:42,797 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:08:42,797 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:08:42,797 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:08:42,798 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:08:42,798 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:08:42,798 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:08:42,798 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:08:42,798 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:08:42,798 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-12-04 09:08:42,798 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-12-04 09:08:42,799 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:08:42,799 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:08:42,799 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:08:42,799 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:08:42,799 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:08:42,799 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:08:42,799 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:08:42,799 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:08:42,799 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:08:42,799 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:08:42,804 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:08:42,805 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:08:42.805Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:08:42,805 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:08:42,805 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:08:42,805 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:08:42,806 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:08:42,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-12-04 09:08:42,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:08:42,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:08:45,215 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-12-04 09:08:45,215 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:08:45,215 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@9588691::identifier=rick, context=org.apache.velocity.VelocityContext@74c5882b]
2022-12-04 09:08:45,216 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@9588691::identifier=rick, context=org.apache.velocity.VelocityContext@74c5882b]
2022-12-04 09:08:45,217 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:08:45,217 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:08:45,217 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:08:45,217 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:08:45,218 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:08:45,218 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:08:45,218 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:08:45,218 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session aed325f0ca0afedcf4001e5a1f4deda15431d65df1f7a10132670eb879e3760a for principal rick
2022-12-04 09:08:45,218 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session aed325f0ca0afedcf4001e5a1f4deda15431d65df1f7a10132670eb879e3760a
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:08:45,219 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1c2c2b50'
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:45,220 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:45,221 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:08:45,221 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:08:45,221 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:08:45,221 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:08:45,221 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:08:45,307 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:08:45,720 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:08:45,720 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:08:45,721 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T090845Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1701680925721}'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1c2c2b50'
2022-12-04 09:08:45,721 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:08:45,721 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:08:45,722 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:08:45,723 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:08:45,723 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _d5bea50cb3a262e68c6231da35e60bd4
2022-12-04 09:08:45,723 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _d5bea50cb3a262e68c6231da35e60bd4 to Response _087a60cea5398cdcbac83472e84db659
2022-12-04 09:08:45,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _d5bea50cb3a262e68c6231da35e60bd4
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:08:45,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:08:45,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:08:45,725 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-12-04 09:08:45,725 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-12-04 09:08:45,725 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-12-04 09:08:45,725 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-12-04 09:08:45,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-12-04 09:08:45,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:08:45,725 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxqzaoD/hPj83oXKszQ4X/Mg9uMDSK3UhfH+9ivf6I6eiwel7RXQ+9braz75wqaVzGAyXR3pqJ/NTfvxXyYyKtI5WEnIP8B7g6EJGXSLaeEpBX/UnfHwQFgDuLFnXNVukiRCBniPOoJ9aYF7n+ITwdZD5x0CfO09I= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 38.104.3.42
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _d5bea50cb3a262e68c6231da35e60bd4
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _d5bea50cb3a262e68c6231da35e60bd4 did not already contain Conditions, one was added
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:13:45.721Z, to Assertion _d5bea50cb3a262e68c6231da35e60bd4
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _d5bea50cb3a262e68c6231da35e60bd4 already contained Conditions, nothing was done
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _d5bea50cb3a262e68c6231da35e60bd4 already contained Conditions, nothing was done
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-12-04 09:08:45,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _d5bea50cb3a262e68c6231da35e60bd4
2022-12-04 09:08:45,727 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session aed325f0ca0afedcf4001e5a1f4deda15431d65df1f7a10132670eb879e3760a
2022-12-04 09:08:45,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session aed325f0ca0afedcf4001e5a1f4deda15431d65df1f7a10132670eb879e3760a
2022-12-04 09:08:45,727 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:08:45,728 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxqzaoD/hPj83oXKszQ4X/Mg9uMDSK3UhfH+9ivf6I6eiwel7RXQ+9braz75wqaVzGAyXR3pqJ/NTfvxXyYyKtI5WEnIP8B7g6EJGXSLaeEpBX/UnfHwQFgDuLFnXNVukiRCBniPOoJ9aYF7n+ITwdZD5x0CfO09I=
2022-12-04 09:08:45,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:08:45,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:08:45,728 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-12-04 09:08:45,729 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_087a60cea5398cdcbac83472e84db659"
    InResponseTo="_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
    IssueInstant="2022-12-04T09:08:45.721Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_d5bea50cb3a262e68c6231da35e60bd4"
        IssueInstant="2022-12-04T09:08:45.721Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxqzaoD/hPj83oXKszQ4X/Mg9uMDSK3UhfH+9ivf6I6eiwel7RXQ+9braz75wqaVzGAyXR3pqJ/NTfvxXyYyKtI5WEnIP8B7g6EJGXSLaeEpBX/UnfHwQFgDuLFnXNVukiRCBniPOoJ9aYF7n+ITwdZD5x0CfO09I=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="38.104.3.42"
                    InResponseTo="_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
                    NotOnOrAfter="2022-12-04T09:13:45.726Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:08:45.721Z" NotOnOrAfter="2022-12-04T09:13:45.721Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:08:45.217Z" SessionIndex="_f5001fc8804d258ea71e0f8e963e285b">
            <saml2:SubjectLocality Address="38.104.3.42"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:08:45,742 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:08:45,742 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:08:45,743 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_087a60cea5398cdcbac83472e84db659"
2022-12-04 09:08:45,743 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _087a60cea5398cdcbac83472e84db659 and Element was [saml2p:Response: null]
2022-12-04 09:08:45,743 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_087a60cea5398cdcbac83472e84db659"
2022-12-04 09:08:45,743 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _087a60cea5398cdcbac83472e84db659 and Element was [saml2p:Response: null]
2022-12-04 09:08:45,745 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:08:45,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-12-04 09:08:45,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:08:45,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-37586-yOQ1UI5aFgD1hGWAx2S1BolqG-5c2-NB', encoded as 'TST-37586-yOQ1UI5aFgD1hGWAx2S1BolqG-5c2-NB'
2022-12-04 09:08:45,748 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_087a60cea5398cdcbac83472e84db659"
    InResponseTo="_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe"
    IssueInstant="2022-12-04T09:08:45.721Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_087a60cea5398cdcbac83472e84db659">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>v9OWa9syCQxRs078jCyjaHtzy1JVHsnq32II/Tn10HQ=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>kKLZelqluuPMrTHudY18mc/uHHimyR5taELCxJrqwe474yFnFrJvjeYfZ/f3Ae8j3H+YxTRxtXPlNGYRjhXnSvpuVp/87zKdTe3hSV3GQKnEzUCn75pbfiDD7n2kZfC7Kv6aZD51rkYvZ+6d58gFVDDVIjWzLGRoM4uJHvZZs33h9UCWekBMjfb1ATaO5b0FhztOFs12D1Lrh+COAOsUudKdB9GsCMLieXG//kEAHrBzzWDq129YA0S+YwwqmD5A51/gJl5wOcNtmutLalrkWZIYOjACNRinhPhmCDX4jEynQWHl8XI6hcbh9Je3x0NXfBUhcznqu21Fuwb2RMro3g==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_023cd20e6e2e6c9250f3e96f6d71435c"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_f9a070a0b135d6488599620e8f142c0e"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>R+PiODQY7OEYgQk0adR71JTfw6uu61L5B2+e7yVj9i1e0fcbNnSGp9mGZN4SdpQh3d/zInsGYYCunf1X6Y3yXjuz9xMPUulVq1TXoOvY3PPbD3q+plkCC98/zPLLuSJSGEPnX8PR2PD7JhPs1iiFxCkgS3+5KUbBX8YWrbpaqd+PSbWXWGZoVSKGIMyC8HO7aY5W+0a+Z5cqxux0wSswq5AyhqqEZpPPMDjGFqkSyiRs4rNiVd7We6DG5PLKmEEtCIicWpF4H8H8EEj9hEZcn5bFtWGhaxaYDhi7ng2lVWN+WUfsal6Y+Ikvy8w9NZSFxP7MxuNU0J9t+kCrYxQ+9A==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>Wl5Gk42B6iHMwx4ewJRqoSQhoO+87Mj645N3V280FClsScIzT19ad3FaJsogJ9a/vEEiWsG2QMbXTFL2wgMpltZZeRJfQ6l3vCrKuPtl7J2j+Cta3kGgbX1sKxhbrHpB15pQiGhv2GnxsHUg6VW52qOOOLpECwPQ3rcwq9Ho3zGNhvcbD+RCPp4W5OpB0DdJ/IuW+JRjq17Gjg73EDPBTkDgOH6/tgFnZlysHVsq/gjjPn75XqMF397yc2E9j28A2IjcPzMIvop6xbVEMgQ9zfnzuE2XEVVjbuteidycUd7uyf6QfEilt342QcPtvo7g3ocWkvfRVwr5Z2xgYZJVwH3os7HJKx0zi3WiRnL3sDwHcfSCRwVFxFoFeBLcJCoYsWL/cmmpTe+2mdV9/oDRu9d07hox4KZ8v+HH6kUxTs7V3CkNQQrgvwfxcb1HIR1LQ05yTdzIDpY7m+5WySzxzkbx2oy+X/LfCbodvh4eNdOd08NcK7uqXAtQgJhdL/V9iTlwr1Vw6djNbFRFJp31nR60qLPrt44owCCR9mdyVGi7avxQFZAKdGDiFms6zmM1dle9zABSjJ0SaKVk746oKxMNrf+fztCEv8sGG+ebeUZglVGEfjki/r481Ah6xFV9/I4N50c223slSQIO3s4yHHW+YOn9CGzEmrFxTMaqAjtePB8N+FlEkrLoenJ9wXPO2qG1KCx29AnwtnyWjM7kZlEj3b4xOPw+39h9bypjhmTNJuORjEwt5H4rVmeNrhZxepkib1eJg2fXsQMt1ni7qiJYi5Ub/Yu7jukowtpVz0OO7zoSBvOjD2EmFtaR1hPu1Ljxsgy8evzg0O+1vRKkbq2gGBF2XHBAl44nyq+1DNM7KIuVeaTt9VXhkzMXUZG9eJBx6yZOMdgVLy0Uba3tASJwegeF2vZuUQNY71SxpCezL6bVmqSewKgo1ar34MDt2/IgyhGWLNVqA7mLZZ7uYmNT3UXVi5IAgt/ygSCNDJzAB0ZxiOMG1li1DSgAjiLti89svvLWPNKR+IQajLlrKJcpBn5ygDE8BWv0B+7+QYjLgyISTyuhBRgmGQNaP6btFbuRlQecwzPQdO0FCqw/4dRONY4y4f12b+soasOnW4gN8lxZUjqWGkGoT4kr7M+qyyeikAwuxEcEWyPg7C0n3kPeurfbztRZ1/odliXAt9vCMS/rjsnIkUlHJemhP+QVIHo3WicfT3q1bXNrLJPIISm2wkCAKdbdGWQb8sjJhvsn1V+SuN9CJt6ELQn86tnI7AP+t9B25JVTCGd+vSQCDiwr0fEmyEycR4o4/j1t2o4YXP5/I/y82M3CDDrrbSdSVfKNZnPYOVdjCe2jkIPHcX2DX5RzM+P6nCkcEmMzE7d4kraOHprayQP5yVxgyKbMfLuC6TASvIms5d2YMwG4FRIGwihLw99XkPz0OQD2nnPzw7oK2NRSZMd1H8MRdn61yPhDM2qQRAMi+uFYm2BDbHnZW+IhHypbPnaSE4pic6wMZKzVH2b8ZSS2tpAYLQHIgUD5L/BymiFJkeLdJax8lu36JHKYbh/VnMRnQgEx8O/bGiBDbLSoY4plY7JANINxx7+4lTjqGmuXW1dvj4lgCaa9Tp8LIogd+9PtN0kjb5kbut81mw7cCTy2QK1ePryPg7u/Ay5RLyOhjnvLOGzKMR5srV793H0D9/pQbDSAG/cUgnTMhur3iz2Y/nx38NynOqXSxA/n5FZZdyzbt61x7iIklEBoxsZuXOEsRGEEhY+EMnXyPR6dHMf8/9FTr7l9x88FZ58O2ZHF5LO7mnHGIOneHT+fhhQLXKizaevZWnnU1Spnhm6I/FcAWXzhKhy2zgdplvrHzoLMN07m8ZRgwYj3/hgyuZyEifzoKsWpEWB1rIgaYJUbXvwmyxzFyrtUI+CW6rAgV7xS70z/QH/AfjvTva8UDPpwVX0SAXOcJGnB3r5Hv0Juy/ajuM8gV0AffDaC+FbBc4jkCiTh9WULJUDCJIYrGfK9jZ7jMHdJdArCivoXQjqijdIdD7jODuHr94KCppda079MvwNZmM6fbQQo7nbMrbQj2UA80N7NuxfLotYN/7EsIhQGeZQxIlk64r4V90+uR1xlBZboAyVyMtWczMVBtMuwSyACuA+w+5K0DlPKZ6SftajVfmgXiy1UPXUwpDm40VMRl2CRg6eU3d9tFSZmZEZOvoGmQJ5klGqwGW/p5DRYq+wzXMqMoHL0zi+iwMvr+3r2qM+GQBSo9vi2du4b80FJBKRKPfKL2/ILZO/RVM70nwnHCbOciye8tmfkuh0IRjcwk84/S3CHuhhZqSNVe2nmDJy3Q2G7p5PFxkjUUSEoLPENQXotFDzyhw55JvUDoQp1vayzoFnySAn2ju1wlEUMzdbgJxZsVcaSZlrEehCHulaHlMBUwRIzpRO/1PAw3Ffnd7N2t8xg3SaqXX0O+q0VxBGZarUpINJJbw3Y/Ynqex1MTNnZ4oD8Wmp7K1Ng+ew05w1XalbeBozdWL16ifB3eyN8++KMJx7VqLBKbEzjCV0FCIAoF6hvxBu6UK8l3wcFNs6daadzJoVh1Nqjzi29yZWClswI0t6kraywqeRtumRQdpkH079Sryg6vIPPv5kULa+pukOMUu58sCwMfXAKREoLS7QwvtFIywuKn0lSvSJDaTG2m0MlydOy1WfPXcY3hFanuVDYX/95Pl9h+6vzLG5Zkvz+H3NkmNZYtEPy/vWR4zQ7iqfM44V5TTtq0rjS6HwExeHdFrGMNDWezsH4OA7K8OMMrkjc+/zqF4DgHyNkjUmj9/PTS2s46L4MoRvApK5kvsiXNxH2iZm7Yrd6Dav9s6hg6a3VjPVXqwqsZ9NHCgtNoVYIs4LkFupBAFHBSf214HpZhOg/MN/LXzAyO327GDiRBxiCxoudhSMDZWtbQ407luPFCjVTGuBCLOfLgiFvw9tJB0l6xf6IwNmEYax7pKcaIAoQAyyal/Oq6GEOg8XYkF1g7IpeiWcDrFheQN16LZvL/T9iMg6Nfx3nY9JdW8y26qaYXqHFRR8DXnseUwgDFzOrc7GpGtLlyFUh/G114lF3QjBW5M5tD/js4iSgTx0NuRNuE+Dfvc7WzuA2Z+dpbxoagpaoZGUh2I9pZmEJY2dzUBRzd1vCVGT/cSAOnL8nCLBOqcJRUGQOysl2242eAT0it4nAMtsalCX8+tWGcOc2ojVGC3IK+eEyuKmIwKzh3TdsqKalztJoGMroKFy5ISyjBxQrPW8wDPG0yBXvmvnRMOh9cVPB+OIZyMv+DL77JlwufP+wXZ+Tm33Xg2A/EGvfD3hJGN5fMI8ivNy7KZJuGE1c6fVV2LCOHEQb3dAXW0BS69zNkTo0stlfVeGeaQWfw+9zh9qGguClEsivU1Dz21N2qjaK4tE/Kt94djJlQASLPUcW9mjt1r1ZunoubQo3Ojo6t5Q333jevcVI94j6E0cXF4PEEuxZHRvVbRFlhObsUNTzi4Cl/c4mW2OGTpWf+0PaIFXVkwBU74neV8+JNfjo2GUXgguA+YNdGxSLiz2URvG31Gt3wZiv+tkN6wpa/sjt/enef0x8b7JKU6kZxxUF4q8IVvEIcja6DhvTNtQPt7xHa0+0lIuGdFTFu4y9yPmQCd9QQ0bDegY4QvSZNSBoqU9WGF5N0C0fu+k+h9tnlAAkRCFu+/n1F0EfPCtCg7yoGc69kRx/Zwnj8ZDnOjXIEkyrG6bqQEoCUOJqrSb1KJNGpYjDItMfoKugNErDIE3su66kLYDXDFiqIjbWJnwz1mVJxyRB+EEw1n9+kMcrpF0LMR3qYXkP/4wKdbVbJma+DSWft3Q2psJxlcdCA8Wck2fvWM5eBTu5K/GiAD1EnpUnk5zP+oRXs7rzKkyMXUkPl/KZvErN76F3rETPslbMOvIph1LzUWDhVww5Iy0mhvMiJvgS9g20s6kr1TQy0NUKsFzF5RdclCsOfRS9YHCCK/vexYknIAH0+1s4cxcDr5wR+ZSTVR6SYqxNWmklnUfpA3iTAS80T294GnH4p91wyoravjwHSb/15u/95TbXq7oydTUjA3Ish4EEd7cxEbP1njZJ3VIkw+VOKjDSN24p6bPlwEMUaZBNV5DsqO9U+cy9UpxUOWMm6hdQ73UsAX6A5Pah5jrYK4pep1RlgBcIj8Kz/VQlT6CBaGQMIhWhQd1SPTxlK/IMoo9JX7kmR/5jTSrHIR5SMjhjJy1HER+dUJid7eQ4N5VBTasQRNY1GrChuohJCC/mcnMpjdOF4UJRs6aNc7t+BpuT1dlQB947y5ZFLIWBIOh7PAX4byTbVqcKQyIrijDsJVxgS9mGUI7iv36jZiI+poLRjwlZCOxCQ+bpgqavvV/Ch/yQ/U8sNRH1QK7SAMaamUjjxYIDq2NTPyKJxjHi64lAvP/phrlVpmWBSjMeqX13JGUVSSBGa3EcLfiYMrQw/77uhLO8EC6U4+6D2NQddJW+A/CyCe8qNOPQ4RDJp1w5mMI+iOCW8nN5UKY6yc6ohf+v1yFFEU0965unhP7Qysj8JlaGnFKeBIcTfZoshXLlePocTJ0KlcWO9qPbC9tlgqmlBt6AYPw5Ui8RSGAm92DrlUGbdzXR0qVm/Y2Xg7lDCkQBMJbeJdRTR/QB6LghpmJmWwmV5LaRmqLFGe8s/Vkso3F1mjc2AWX0kvt0dIc6ZOF8okSgK53qhKh1y66SrPOWrtNuyrQ+z9ZBvjrNJdHo/hEy31o9Dyrj4SImchMsIshHSZgUbiVhwWKjohrmIf3lAs9YUGi/bg0lostI1uXYR+jtxXhHNvf1jKrZaIRpXeAqy6tegulpDpAXMC8iUbo29rtSNTuz+GYIT4BKF9Dzw+rVBog84xz+7GUCVLRW14JBnqzueCpldsVOLCLdSpj3Nu5GCgPZqd7Ouru/msuyHnZrmG6iVNee6zHyIt+v+rYgZ7e2h4RSCWpPj8G7uG6SSwbs+bdM1jTG1m9aW7kZU+mfgA30e1zRq+g3y5DBCx3W7c1gaVOBAA7U9m8FTGtuCZ0xor2EWLBzSIVw+h3K9L7m6xanZodqi232v8hTzznrRGmLrjnRxzvTS6M7CuZHvJkM3PBptYDkZZBv5hxXs5TIX5FjAsmfDYF5PG451GTGjY6+gYxU6P/aTqdD7Gsqa1Wd0XOmr7hob0tSR1QJrVzdIRoEU6rL1KecSs8m/kX6OcbRN4vy4GNZGNwRbjkyHtH0</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-12-04 09:08:45,748 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:08:45,748 - INFO [Shibboleth-Audit.SSO:?] - 20221204T090845Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_2aa4fc70d9ca4ba4ae2a322f4fcc9df7a6e5dfe|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_087a60cea5398cdcbac83472e84db659|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxqzaoD/hPj83oXKszQ4X/Mg9uMDSK3UhfH+9ivf6I6eiwel7RXQ+9braz75wqaVzGAyXR3pqJ/NTfvxXyYyKtI5WEnIP8B7g6EJGXSLaeEpBX/UnfHwQFgDuLFnXNVukiRCBniPOoJ9aYF7n+ITwdZD5x0CfO09I=|_d5bea50cb3a262e68c6231da35e60bd4|
2022-12-04 09:11:27,364 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1oQmtGa0dPVGI3TDI5S0tlWDNlRTFYMHlDaF9vUWl4MTEtQTlHQ0g2RnZzJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCtvZmZsaW5lX2FjY2VzcyZzdGF0ZT1XOG5zZVVWWGNtJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy
2022-12-04 09:11:27,364 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:11:27,365 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:11:27,365 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<ns3:AuthnRequest
    AssertionConsumerServiceURL="https://global-login.sandbox.streem.cloud/samlv2/acs"
    ID="id81cfe8b5813546fea27a4a85587110f7"
    IssueInstant="2022-12-04T09:11:27.057Z" Version="2.0"
    xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"
    xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#">
    <Issuer>https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942</Issuer>
    <ns3:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</ns3:AuthnRequest>

2022-12-04 09:11:27,371 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942' from origin source
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:11:27,371 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:11:27,371 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942
2022-12-04 09:11:27,372 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id81cfe8b5813546fea27a4a85587110f7', issue instant '2022-12-04T09:11:27.057Z', entityID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942' does not require AuthnRequests to be signed
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:11:27,372 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:11:27,373 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://global-login.sandbox.streem.cloud/samlv2/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:11:27,373 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:11:27,373 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:11:27,374 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:11:27,374 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942
2022-12-04 09:11:27,374 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-12-04 09:11:27,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-12-04 09:11:27,377 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:11:27.378Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:11:27,378 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:11:27,379 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:11:27,461 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'global-login.sandbox.streem.cloud'
2022-12-04 09:11:27,462 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:11:27,462 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:11:38,319 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'morty'
2022-12-04 09:11:38,319 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user morty
2022-12-04 09:11:38,319 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@300734469::identifier=morty, context=org.apache.velocity.VelocityContext@7a698118]
2022-12-04 09:11:38,329 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=morty,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@300734469::identifier=morty, context=org.apache.velocity.VelocityContext@7a698118]
2022-12-04 09:11:38,331 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'morty' succeeded
2022-12-04 09:11:38,331 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:11:38,331 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:11:38,331 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'morty'
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'morty'
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal morty
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session e1971d74af8e7e50d06b417f6cc451b234a225bd51e32715f68662fb8fa56ea9 for principal morty
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session e1971d74af8e7e50d06b417f6cc451b234a225bd51e32715f68662fb8fa56ea9
2022-12-04 09:11:38,332 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=morty)
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, identifier, uid, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 2 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:11:38,333 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:11:38,334 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:11:38,334 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:11:38,334 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@76c3bd0f'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty'
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:11:38,335 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:11:38,417 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'global-login.sandbox.streem.cloud'
2022-12-04 09:11:38,418 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:11:38,418 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:11:38,418 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:11:38,418 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:11:38,418 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:11:39,045 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:11:39,045 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:11:39,045 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T091139Z|https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942|AttributeReleaseConsent|morty|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:_key_idx'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1701681099046}'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942]' as '["morty:https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942"]'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@76c3bd0f'
2022-12-04 09:11:39,046 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:11:39,046 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:11:39,047 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:11:39,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:11:39,047 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _d3eb083ae0ddd8b689a215c02daa340d
2022-12-04 09:11:39,047 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _d3eb083ae0ddd8b689a215c02daa340d to Response _3a5976615ed060507c84e820a4e63f50
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _d3eb083ae0ddd8b689a215c02daa340d
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Ambassador of attribute eduPersonEntitlement
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value None of attribute eduPersonEntitlement
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute identifier
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value morty of attribute uid
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5505 of attribute telephoneNumber
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value janitor@samltest.id of attribute role
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute mail
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Smith of attribute surname
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Morty Smith of attribute displayName
2022-12-04 09:11:39,048 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Mortimer of attribute givenName
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Applying policy to NameIDPolicy with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Request specified NameID format: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-12-04 09:11:39,049 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 20.83.144.189
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id81cfe8b5813546fea27a4a85587110f7
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://global-login.sandbox.streem.cloud/samlv2/acs
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _d3eb083ae0ddd8b689a215c02daa340d
2022-12-04 09:11:39,049 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _d3eb083ae0ddd8b689a215c02daa340d did not already contain Conditions, one was added
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:16:39.046Z, to Assertion _d3eb083ae0ddd8b689a215c02daa340d
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _d3eb083ae0ddd8b689a215c02daa340d already contained Conditions, nothing was done
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _d3eb083ae0ddd8b689a215c02daa340d already contained Conditions, nothing was done
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 as an Audience of the AudienceRestriction
2022-12-04 09:11:39,050 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _d3eb083ae0ddd8b689a215c02daa340d
2022-12-04 09:11:39,051 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 to existing session e1971d74af8e7e50d06b417f6cc451b234a225bd51e32715f68662fb8fa56ea9
2022-12-04 09:11:39,051 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 in session e1971d74af8e7e50d06b417f6cc451b234a225bd51e32715f68662fb8fa56ea9
2022-12-04 09:11:39,051 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:11:39,052 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942 and key C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U
2022-12-04 09:11:39,052 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:11:39,052 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:11:39,052 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-12-04 09:11:39,053 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-12-04 09:11:39,059 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://global-login.sandbox.streem.cloud/samlv2/acs
2022-12-04 09:11:39,059 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://global-login.sandbox.streem.cloud/samlv2/acs
2022-12-04 09:11:39,060 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3a5976615ed060507c84e820a4e63f50"
2022-12-04 09:11:39,060 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3a5976615ed060507c84e820a4e63f50 and Element was [saml2p:Response: null]
2022-12-04 09:11:39,060 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3a5976615ed060507c84e820a4e63f50"
2022-12-04 09:11:39,060 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3a5976615ed060507c84e820a4e63f50 and Element was [saml2p:Response: null]
2022-12-04 09:11:39,062 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:11:39,062 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://global-login.sandbox.streem.cloud/samlv2/acs' with encoded value 'https&#x3a;&#x2f;&#x2f;global-login.sandbox.streem.cloud&#x2f;samlv2&#x2f;acs'
2022-12-04 09:11:39,062 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:11:39,062 - WARN [org.opensaml.saml.common.binding.SAMLBindingSupport:?] - Relay state exceeds 80 bytes: Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1oQmtGa0dPVGI3TDI5S0tlWDNlRTFYMHlDaF9vUWl4MTEtQTlHQ0g2RnZzJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCtvZmZsaW5lX2FjY2VzcyZzdGF0ZT1XOG5zZVVWWGNtJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy
2022-12-04 09:11:39,063 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1oQmtGa0dPVGI3TDI5S0tlWDNlRTFYMHlDaF9vUWl4MTEtQTlHQ0g2RnZzJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCtvZmZsaW5lX2FjY2VzcyZzdGF0ZT1XOG5zZVVWWGNtJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy', encoded as 'Y2xpZW50X2lkPTM1NzdlZTc4LWQ4YzktNGFkOC1iMTFiLWM3ZDRiNzhiYjYxMCZjb2RlX2NoYWxsZW5nZT1oQmtGa0dPVGI3TDI5S0tlWDNlRTFYMHlDaF9vUWl4MTEtQTlHQ0g2RnZzJmNvZGVfY2hhbGxlbmdlX21ldGhvZD1TMjU2JnJlZGlyZWN0X3VyaT1odHRwcyUzQSUyRiUyRnNhbWwtdGVzdC5zd2FnYS5zYW5kYm94LnN0cmVlbS5jbG91ZCUyRnJlZGlyZWN0Lmh0bWwmcmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCtlbWFpbCtvZmZsaW5lX2FjY2VzcyZzdGF0ZT1XOG5zZVVWWGNtJnRlbmFudElkPTk2Y2M2MDlmLWZmNmYtODg5OS0yMmE3LWRjNzI1ZDhlNjdmMCZpZGVudGl0eVByb3ZpZGVySWQ9YjRiNDY4MTYtZDNhYy00ZTU1LTkzZmYtNDUzZmYwMTU5OTQy'
2022-12-04 09:11:39,064 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://global-login.sandbox.streem.cloud/samlv2/acs"
    ID="_3a5976615ed060507c84e820a4e63f50"
    InResponseTo="id81cfe8b5813546fea27a4a85587110f7"
    IssueInstant="2022-12-04T09:11:39.046Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_3a5976615ed060507c84e820a4e63f50">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>JyvBffP5rPVxfJ0S5Nz4aLk/ACPjebPdZU318TqA0+k=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>b9wLg6htTsMlr/FHGvK4BBF/rx/jCBDdd++kqA3ODB1uU3Qb9oAbbURuL5S+EPk2mix/UPdEcd1JqwTLprv4cHg1B8X1F2YIW7R4y06T5ARV2dCxD6S6coAB9ruzqv51QgKws/XCsSg9bwbYctXlDaa7zBbNr5kq4HY8+7+fGXYwdAL3N8bs93QElIugQEQ7z2qkYKDHWbLgpYEqKc6ZSeqVK/6RhzMWpMAae4OjZucxiwCN/gMDP4yd0/iSvnc0OlfCk1q9WK3+use5D0uJOEiIEJenChYRBqROOpLBYSmlycrICTc72ZhSKvu1+AIdRFEhjOJH/rwCCBiIsRfmwQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_d3eb083ae0ddd8b689a215c02daa340d"
        IssueInstant="2022-12-04T09:11:39.046Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="20.83.144.189"
                    InResponseTo="id81cfe8b5813546fea27a4a85587110f7"
                    NotOnOrAfter="2022-12-04T09:16:39.049Z" Recipient="https://global-login.sandbox.streem.cloud/samlv2/acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:11:39.046Z" NotOnOrAfter="2022-12-04T09:16:39.046Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:11:38.331Z" SessionIndex="_0b23f3d3931e8707310c3902f34299f8">
            <saml2:SubjectLocality Address="20.83.144.189"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Ambassador</saml2:AttributeValue>
                <saml2:AttributeValue>None</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>morty</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5505</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">janitor@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Morty Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Mortimer</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:11:39,064 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:11:39,064 - INFO [Shibboleth-Audit.SSO:?] - 20221204T091139Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|id81cfe8b5813546fea27a4a85587110f7|https://global-login.sandbox.streem.cloud/samlv2/sp/b4b46816-d3ac-4e55-93ff-453ff0159942|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_3a5976615ed060507c84e820a4e63f50|morty|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,identifier,uid,telephoneNumber,role,mail,surname,displayName,givenName|C5OYJH47Y243KBWO5RAC2QJZJWFQRW3U|_d3eb083ae0ddd8b689a215c02daa340d|
2022-12-04 09:13:23,813 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:c4c5cc14251a78026ab28b0ed2c7f7c22edfb6e4685a9c36ce226993f806ef83
2022-12-04 09:13:23,813 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:13:23,814 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:13:23,814 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_4266e647ded67c466b1e99716a219c57"
    IssueInstant="2022-12-04T09:13:23Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://shibboleth.tailoredinstruction.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-12-04 09:13:23,834 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://shibboleth.tailoredinstruction.com/shibboleth' from origin source
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:13:23,834 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:13:23,834 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:23,835 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:23,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_4266e647ded67c466b1e99716a219c57', issue instant '2022-12-04T09:13:23.000Z', entityID 'https://shibboleth.tailoredinstruction.com/shibboleth'
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://shibboleth.tailoredinstruction.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:13:23,836 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:13:23,837 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:13:23,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:13:23,837 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:13:23,838 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:13:23,838 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:13:23,838 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:13:23,838 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-12-04 09:13:23,838 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-12-04 09:13:23,838 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:13:23,843 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:13:23,843 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:13:23.843Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:13:23,843 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:13:23,844 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:13:24,229 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'shibboleth.tailoredinstruction.com'
2022-12-04 09:13:24,230 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:13:24,230 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:13:44,097 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:03bbf6584c0f8a1d84405f29f5cbdc9da1cee72a582f2add36fb087e77d50ac8
2022-12-04 09:13:44,097 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:13:44,097 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:13:44,098 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_b0e497867c456852b3174235d745d28b"
    IssueInstant="2022-12-04T09:13:43Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://shibboleth.tailoredinstruction.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:13:44,113 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:13:44,113 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:44,115 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:44,115 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:13:44,115 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:44,115 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:44,116 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:13:44,116 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_b0e497867c456852b3174235d745d28b', issue instant '2022-12-04T09:13:43.000Z', entityID 'https://shibboleth.tailoredinstruction.com/shibboleth'
2022-12-04 09:13:44,116 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://shibboleth.tailoredinstruction.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:13:44,116 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:13:44,117 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:13:44,117 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:13:44,117 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:13:44,117 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:13:44,117 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:13:44,117 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:13:44,118 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:13:44,118 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:13:44,118 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:13:44,118 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-12-04 09:13:44,118 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-12-04 09:13:44,118 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:13:44,128 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:13:44,133 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:13:44.133Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:13:44,133 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:13:44,134 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:13:44,134 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:13:44,134 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:13:44,134 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:13:44,134 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:44,135 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:13:44,135 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:13:44,135 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:13:44,135 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:13:45,519 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:6f61dd25ac4a30ce88104acbae5b3ab1ff7d5cdebc07d4d0f48a95ef0cb63b9d
2022-12-04 09:13:45,519 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:13:45,520 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:13:45,520 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_a48e8ac7f9c26a24b46c22a7688fb4bf"
    IssueInstant="2022-12-04T09:13:45Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://shibboleth.tailoredinstruction.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:13:45,521 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:45,521 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:45,521 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_a48e8ac7f9c26a24b46c22a7688fb4bf', issue instant '2022-12-04T09:13:45.000Z', entityID 'https://shibboleth.tailoredinstruction.com/shibboleth'
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://shibboleth.tailoredinstruction.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:13:45,522 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:13:45,522 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:45,522 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:13:45,523 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:13:45,523 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:13:45,528 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:13:45,528 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-12-04 09:13:45,528 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-12-04 09:13:45,528 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:13:45,529 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:45,529 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolved cached credentials from KeyDescriptor object metadata
2022-12-04 09:13:45,529 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-12-04 09:13:45,529 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:13:45,529 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:13:45,530 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:13:45.530Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:13:45,530 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:13:45,530 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:13:45,530 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:13:45,531 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:13:45,612 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'shibboleth.tailoredinstruction.com'
2022-12-04 09:13:45,612 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:13:45,612 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:13:50,997 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:280754778f95a357c074c144d64ea182aab9327924b46dc0ee4d76fb2afd65ee
2022-12-04 09:13:50,997 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:13:50,998 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:13:50,998 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_268f8fbff18d340315fb8d073bf24275"
    IssueInstant="2022-12-04T09:13:50Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://shibboleth.tailoredinstruction.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-12-04 09:13:51,004 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://shibboleth.tailoredinstruction.com/shibboleth' from origin source
2022-12-04 09:13:51,004 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:13:51,004 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:13:51,004 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:13:51,004 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:13:51,005 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:13:51,005 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:13:51,005 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:13:51,005 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:51,005 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_268f8fbff18d340315fb8d073bf24275', issue instant '2022-12-04T09:13:50.000Z', entityID 'https://shibboleth.tailoredinstruction.com/shibboleth'
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://shibboleth.tailoredinstruction.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:13:51,006 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:13:51,007 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:13:51,007 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:13:51,007 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:13:51,007 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-12-04 09:13:51,007 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-12-04 09:13:51,008 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:13:51,008 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:13:51,008 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:13:51,008 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:13:51,008 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:13:51,008 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:13:51,008 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:13:51,008 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-12-04 09:13:51,008 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-12-04 09:13:51,008 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:13:51,012 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:13:51,012 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:13:51.012Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:13:51,012 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:13:51,013 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:13:51,088 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'shibboleth.tailoredinstruction.com'
2022-12-04 09:13:51,088 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:13:51,088 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:17:05,014 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: hFj7352RIKAk5EDAPK9nwhV-HNf1FABDRJZaB7n_fRJwCVoUoO2F-qQq
2022-12-04 09:17:05,014 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:17:05,015 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:17:05,016 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://gregiladmin.northeurope.azurecontainer.io:8443/saml/acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id-a215167a83ede51ee1ef0e3feacd6faf159f4c1c"
    IssueInstant="2022-12-04T09:17:02.107Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

2022-12-04 09:17:05,030 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata' from origin source
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:17:05,030 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:17:05,030 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata
2022-12-04 09:17:05,032 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:17:05,033 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:17:05,034 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:17:05,034 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:17:05,034 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-a215167a83ede51ee1ef0e3feacd6faf159f4c1c', issue instant '2022-12-04T09:17:02.107Z', entityID 'https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata'
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata' does not require AuthnRequests to be signed
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:17:05,035 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:17:05,036 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://gregiladmin.northeurope.azurecontainer.io:8443/saml/acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:17:05,036 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:17:05,038 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:17:05,039 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:17:05,039 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:17:05,039 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:17:05,039 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:17:05,039 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:17:05,039 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://gregiladmin.northeurope.azurecontainer.io:8443/saml/metadata
2022-12-04 09:17:05,039 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:17:05,039 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes128-cbc
2022-12-04 09:17:05,039 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
2022-12-04 09:17:05,039 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:17:05,046 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:17:05,047 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:17:05.047Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:17:05,049 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:17:05,049 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:17:05,049 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:17:05,049 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:17:05,052 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:18:50,289 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-37906-8476EA0hsCiqVaMpqbXIlPTGXIDExFzY
2022-12-04 09:18:50,289 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:18:50,290 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:18:50,290 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
    IsPassive="false" IssueInstant="2022-12-04T09:18:49.693Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>icvNOyX2oUdNCVItBkQVsYna4FXcuHGl/uFad5fIENM=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>Gse92eHCUfbP651fneUE1gc++KkvO4gu9iW2lT2HGc7TlkPUwknlYlsEsgpbYvhS0bI1K+izAs5xru/D+QXMBYyH4TvXecf+rI5/wcLByWdllnZvHyq28ph/q1MLs/hpjr5kcZpt+HQr4GyH8GK2jZVhrDbAEnKEotsO1EJ5yTCR90XAGYVeyPGSWDyqbZXVWbI5tGcBMhiXzdmgnmClYM8ran2/ltEQW76M0uH9O1H/7TNtreIjxtmqBl7BS4AkFfO/VEyCF5CG9gIV8T8bSrFfwoOkL8uPNIIg3NSfMSHFUJKYwVNICxlKOKM8/fnQlZxS53w+Dvl3UlQkXBB7FQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-12-04 09:18:50,298 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-12-04 09:18:50,298 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:18:50,298 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:18:50,298 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:18:50,298 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:18:50,298 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:18:50,299 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:18:50,299 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:18:50,299 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:18:50,299 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc', issue instant '2022-12-04T09:18:49.693Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:18:50,300 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:18:50,300 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-12-04 09:18:50,300 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-12-04 09:18:50,300 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc and Element was [saml2p:AuthnRequest: null]
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
2022-12-04 09:18:50,301 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:18:50,301 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:18:50,302 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:18:50,302 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:18:50,302 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:18:50,302 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-12-04 09:18:50,302 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-12-04 09:18:50,303 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:18:50,303 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:18:50,303 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:18:50,303 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:18:50,303 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:18:50,303 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-12-04 09:18:50,303 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:18:50,303 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:18:50,303 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:18:50,303 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:18:50,309 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:18:50,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:18:50.310Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:18:50,310 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:18:50,310 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:18:50,310 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:18:50,311 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:18:50,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-12-04 09:18:50,390 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:18:50,390 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:18:52,035 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-12-04 09:18:52,036 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-12-04 09:18:52,036 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1281862610::identifier=rick, context=org.apache.velocity.VelocityContext@23e75def]
2022-12-04 09:18:52,037 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1281862610::identifier=rick, context=org.apache.velocity.VelocityContext@23e75def]
2022-12-04 09:18:52,037 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-12-04 09:18:52,037 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-12-04 09:18:52,038 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-12-04 09:18:52,038 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-12-04 09:18:52,039 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-12-04 09:18:52,039 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-12-04 09:18:52,039 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-12-04 09:18:52,039 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 7bb1e76735914d7e84acb6546c1c0138ea54a3a63224c9b6397a10a095b0212f for principal rick
2022-12-04 09:18:52,039 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 7bb1e76735914d7e84acb6546c1c0138ea54a3a63224c9b6397a10a095b0212f
2022-12-04 09:18:52,040 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-12-04 09:18:52,041 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-12-04 09:18:52,042 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@72c65505'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-12-04 09:18:52,043 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:18:52,130 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-12-04 09:18:52,831 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-12-04 09:18:52,831 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-12-04 09:18:52,831 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20221204T091852Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1701681532832}'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@72c65505'
2022-12-04 09:18:52,832 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:18:52,832 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-12-04 09:18:52,833 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-12-04 09:18:52,834 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-12-04 09:18:52,834 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _4aac1e309fffe73117739dc13568ff64
2022-12-04 09:18:52,834 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _4aac1e309fffe73117739dc13568ff64 to Response _1fb7c4f340c304abc941850512e9aed2
2022-12-04 09:18:52,834 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _4aac1e309fffe73117739dc13568ff64
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-12-04 09:18:52,842 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-12-04 09:18:52,843 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-12-04 09:18:52,843 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-12-04 09:18:52,843 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-12-04 09:18:52,844 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-12-04 09:18:52,844 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxsDqF31TCVh3bhbgZuKR2MLKC1GeBS2he0w1yfEK/4VFsDmAW0VakElsR9FkWVdX1LKwBhNK+wHed4PbwKijFp/bIiHNhKaoDHGgX4yk3aZHgHowwGVuXICMYSFRz5NsuT1CmBtyfBXmbJGqvS/X0XZkwmjn+o4A= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 204.2.56.133
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _4aac1e309fffe73117739dc13568ff64
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _4aac1e309fffe73117739dc13568ff64 did not already contain Conditions, one was added
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-12-04T09:23:52.832Z, to Assertion _4aac1e309fffe73117739dc13568ff64
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _4aac1e309fffe73117739dc13568ff64 already contained Conditions, nothing was done
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _4aac1e309fffe73117739dc13568ff64 already contained Conditions, nothing was done
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-12-04 09:18:52,844 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _4aac1e309fffe73117739dc13568ff64
2022-12-04 09:18:52,845 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session 7bb1e76735914d7e84acb6546c1c0138ea54a3a63224c9b6397a10a095b0212f
2022-12-04 09:18:52,845 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session 7bb1e76735914d7e84acb6546c1c0138ea54a3a63224c9b6397a10a095b0212f
2022-12-04 09:18:52,845 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-12-04 09:18:52,846 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxsDqF31TCVh3bhbgZuKR2MLKC1GeBS2he0w1yfEK/4VFsDmAW0VakElsR9FkWVdX1LKwBhNK+wHed4PbwKijFp/bIiHNhKaoDHGgX4yk3aZHgHowwGVuXICMYSFRz5NsuT1CmBtyfBXmbJGqvS/X0XZkwmjn+o4A=
2022-12-04 09:18:52,846 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-12-04 09:18:52,846 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-12-04 09:18:52,846 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-12-04 09:18:52,848 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_1fb7c4f340c304abc941850512e9aed2"
    InResponseTo="_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
    IssueInstant="2022-12-04T09:18:52.832Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_4aac1e309fffe73117739dc13568ff64"
        IssueInstant="2022-12-04T09:18:52.832Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxsDqF31TCVh3bhbgZuKR2MLKC1GeBS2he0w1yfEK/4VFsDmAW0VakElsR9FkWVdX1LKwBhNK+wHed4PbwKijFp/bIiHNhKaoDHGgX4yk3aZHgHowwGVuXICMYSFRz5NsuT1CmBtyfBXmbJGqvS/X0XZkwmjn+o4A=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="204.2.56.133"
                    InResponseTo="_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
                    NotOnOrAfter="2022-12-04T09:23:52.844Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-12-04T09:18:52.832Z" NotOnOrAfter="2022-12-04T09:23:52.832Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-12-04T09:18:52.037Z" SessionIndex="_d72449bd07e8cb9273ef521de86032dc">
            <saml2:SubjectLocality Address="204.2.56.133"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-12-04 09:18:52,865 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:18:52,865 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-12-04 09:18:52,866 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_1fb7c4f340c304abc941850512e9aed2"
2022-12-04 09:18:52,866 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _1fb7c4f340c304abc941850512e9aed2 and Element was [saml2p:Response: null]
2022-12-04 09:18:52,866 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_1fb7c4f340c304abc941850512e9aed2"
2022-12-04 09:18:52,866 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _1fb7c4f340c304abc941850512e9aed2 and Element was [saml2p:Response: null]
2022-12-04 09:18:52,868 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-12-04 09:18:52,868 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-12-04 09:18:52,868 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-12-04 09:18:52,869 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-37906-8476EA0hsCiqVaMpqbXIlPTGXIDExFzY', encoded as 'TST-37906-8476EA0hsCiqVaMpqbXIlPTGXIDExFzY'
2022-12-04 09:18:52,871 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_1fb7c4f340c304abc941850512e9aed2"
    InResponseTo="_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc"
    IssueInstant="2022-12-04T09:18:52.832Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_1fb7c4f340c304abc941850512e9aed2">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>05SEb8i3wZupPx8h1raErgt2nDQ4CQv6aahyj0KXe5w=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>CAhX1LPJB0ptmpWoFO7+gODAfsP7aRLiFDAYqEYSjTP7YFPps7PA+z2A2cUYjdQmgU3YozQu5bd1J7fhx6bn8YnYmXg++BpiqfuHountYlq/Q6GUMmqxUusYTYrFZJHgHGvEgzf7JVSXTir9E7anTN7qVPXr2RajjeHWR5JEKlIGwZyYMd9i2WxgXgKpckDAbYBOLYiF5sVTsgmvNjz3IiPwHTtFLlt7ZzNu0/2f7+hvnfylBfqKZLqPLQj/jwHHPunGLrrT21DcbEoGK5ic2DikP7S3cg29oSEQf6CnJy2D1zrwtrJnqHi9WCblkaVdeo/95SwpM/UZRe9n+l6j3Q==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_eb6206d24012475b800cf8c4f5a49149"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_4bd0b3757a0cc155da586604238c61db"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>KtYYeJuKO/qtRdYreWeAyfqC4ztd9ECHhwlWZevm76/Ftelh25LAgfG/w6S8lHRbBM2wvmil3SywzhZAi6NVc4acLQUgRr2mgg84NHXy4ROAvJerhb+NbvRze+CnWRviDNNJlTLdIlsy0fF0MK94Im/SNM83wyogqcOZeaGfm72Y1paCnAPGJpQTpW3sx+jJYERtfh5QTJ50zamWS0YfvE+a8FYMrZ+AfVzeJTopkA48Z2Tk9x5Ys59JXAYgXpc+nuUHPOR2P0HCdLzKTlKwSQZneQJMvj2EswJVwL4IPgJyB3RFYOqITmYOwYnc6Nm0jgU0I/G01ra22Rj+iJprPA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>3xE12MxB1RBVzOgHg7wP6BTxeL13W6Z/ZTi5FO6mzE44urB3tkBNNPyuFEdiWf1gQYJHo0VvmEUO8uoG73WLgKM0CsCqIjxAK7B5giYykhfLbO/85PqsULJmEbYq4HmfO9217QBQE8nKbMVSI58SDY1aaUjzhNSKXDvonDoPwMuFHib74EJuFhhhv3Eyjtyz20yaYKpMTOjDt+hK5gxucqqT9UV5QjqVWxHPBIrtyH5Bg9PkYGp4sqJWLVnisjIa7sNOox6yg5qkQhjIRTAmRbBggKEh0ADMn/cyX5dhV8YzlpuhGo9ZERmvn9zHOWBFm/rZL6MQjHM3yh7flF1SGnXlGvJsGw4W9uKWbY2MRmhmPTuBmIXX31XkQnqQQtvaZoIFDQr6ymFssT4YijJyaCtLSWl1+EIMR8Yqd9amHxldBG0Cl9WRiLQpNaAYrc3sF0t36ag1/CPmT4mtBWydy2lJL/XQWap1B//yDbRUyA2A3q2Q44sx2vNYA/cvfus/zF0LAYAQetpUQberWQaRVbDJb68Zz9wVV34HpHb1xlnuQKYn3AmVeZ72AUwKe3Gbvh4bQVEPZwrrTf5cj4LoyvIrMw42dSC5wrxZzZjTVe53Mi7WMAIutN0casDApRLrw7SXc13ptZdeFACEmUAFRrj6gJeoweU7fwDJgtHEeqgqOd3qLAxMOL8mdF7V0NIWBzkLuUsq7JslKiLIspooPtoLlRKXXBQ0wWaVPYE4Pxbh2hc+7rHXSI3outLb3PZ8MLTjITdRZxwj82Mjpt7rKSZBiL26Ib/SQE+jUlSlRisIyh6BysyAZeqprGOgu7RJ90J0dSiYYEd2kQ/OpPovyatRmfDW/Kj1v2O5FfnHZfNOob5M2QSAyDu4Hdq4ycY+yU9tDJx3u3vquLq/HmXHTZ5hL3USQ5PzYSea5I35mKmbAaKAaDvD8g1qtvpCx4W2LsuPJYIQq4bevHX6Ejyj/sySSyBg81XYAz76vwy3HGu8sEhU+h1pNX7/n34Bqq62gyaoadwVdzPcEq/6pWfoUWBA3QlB7TjhdmlyHbpL1Jcs/7vvx+wm2QW4jXd7sAqRvHiwuYaxTVQw09kUm0BvNQvQcahSum+X1sAsuKlY/KFzBEb/uv8grTZMk9sOYU7u+5VXOWdx0UQRdqP26ROFVlX0QmU2rEHI/5PsgZgGX9FEs49PYvQqyc8cwev5GBBdDPtHrxpcL0Eez/YfEJ5DIPBQMgjUA9K3rMFq4VAI4sfUFNJ3+8tiAkJo86Z6I1vbm0Ocm8H6L3i0pF5KRKTLsB4ymhQxJOaccTVesMuyKZUVngTy5hYgUWHnqV8ED4ssJLQBS7b4bDVyhSiCHXGmMOlx2JkZFGchNOk0OOFwpgmhAhFgegndipreNuiriWrjwrOnAC+/tIx607UPG0dnGqTE4LhfkTyXjf8/Pb0rfJtn/uPCOf1PnLYvQi0dbQGUDsCB2rJZdg6cQPznpOzFulBKal1rJ0x6NxbUCcC9wrxqGvDOXQU1Hn4Hkq+d6bfxJKuaJ8AukjtH7okiiHW6MQNVSwCvx41esVf0Dy4QSrPNweOSZvIFHYTo85At88M/7CGrzco645tR/MHaH3oA2JDmJNz3WWTqvtPI3TSHR0a/z4CKAGh+vNvBfcz29K4wU3+T3lri56TaVnVaNVJwP0SaSBUola5W5oN1jSGzlSJWOpLTnYeFspBgRvTbwlRDoq3F8JskwCYeztVREgUx7yVsc9L8YlsmIv4KNoN9EXTm1dSzr8lHY8c1ks3svakcy1dzEsW29Prvnr96oF+u8ye0adhpsqINw5GpQOZelkAHFBUvZiNhCBvwGTJFkpjLM7BqVJRKHuxISJfYfVimjp/T6RfKHeNsLasuTq5s9/2W8D3d63zoU1NYvim5od964m32SpJZWLKwG7pKWO9qt6um7uTL9rpufSO83RKv39RR/+Hc/htkvl6zoFGJ0KdVup6yBAj1bhCHJWQBzxDWcDTtxmIsF5655WUIyml3pdfOvgS32EMOeGYVDSXsBDhKxtkq5rwmFvcwi1kGlmPwJKPapvnFkqFW248CU/CNkzbBSyGjoRrDKBmc0JwKC6fcdhwHAd3Z6m4Qw6mZJeVfWGlpsaIdfaB6YnrZXCFwsOZqv2cDgG7s46WSvm3vyla1C52cInlteV+0FV20H0Hno35SDe2ubGY7nsaEqIuPBmg7eeaZGjoyBODzKF0GNOPTvUzD10UnvYeIvdiOziVyhV+OVq9dX8kmxS0scviRkuP07rkUPMxxAOMYc1ud2L0pzLrvPxtiBnIrQ4xk/b+gI3huyKGL2vAMJB9ONw0urMiKbCMXHV7uPlP3KWSWiMBRLN8aAUAKvfMs6LWHN/RSy3XO+kNG+olXgoS1vyMEOSVBqAmepPTmW/qCPH1oCHo6Kq+AbhHgDLpWzLr1j1wEnX6/fSQIYOntE+D2dwyDRUckHijJmLaGaFM65SRHoZEIz5gjxi4bTyrubE18MvC1WXIiReVyOy94Wgr9h+ueo4MzdMr6rD6lbBioKZNEuZ4dW6Njhkb0l2a0v7ezuKuWdA6RAj+u7Igsw48hLLJAiiQrI5MezX7JP1bmiaKmzE2ElgT9oXBuYzWFRM6yi96q05IY12HSbdFTsro6m5EOTF2aKmwoazvT2bNRZgzEfelziMqeKeDzQiyhfJaKdbP+fFfYQtqbPGSX0kwI07sBCqUD/mnDc+wM4ZpYnbN48VkgiLVjCqElnk8StCmARC3cy1hFQUEHvLEQsVipwONHixrP1bcjMhSl94vothzbkKVtpyEoKjuyMn5vUkvafRPo0FnqxiphO81MtiLHEJcMvXUO4etwyby8AtkW5goufJvYUzTX9NaapZoztbPqHR1k3DvESsj0wZ9U6KDxp/12uuQABkw8PivnxkiPawi4opL4EribuVZim16MMlZ9xpMUhpGZAY21uCVpSs0s0GCxzPOQBxpInOTuI/piwf8G1Wed+zArXk7/F4vEbGQwVBILo6bT/7958Fh4uTAqAn+CHYnqFFtd1q+qGo9PG5U38IUKziWzI8u2FY3IgNUMONBV5fAHT1FUyRF0wwNa4iunLR33aterNh9Vze8M/dfK12cFkqpcK3nGGUxxHZL+/Ij5gDjrt3LmOi3vruuCiLinEzz9L/pDLCjT+SG9AQrjVhzMkCb9qlwXUdTn49g1wgYDjEH7HozVr+QbMoZoJqJag4gVGgEVZP+42o0FRHHIkPL/VgA0WRT1KMaKhWAq06YAN7hZDOeSu4haXmrah1gN2Fjz7Rmf6j2Pj87qrFo5uXHN+HhhSNQdDIopDQqhKbh6NSSkF4+fm667Unxc6LMqL9S6VrFHOkka4lXmBSuZB/2nb7/kQ0J8gxAzbnkHEFGhTS78AKZjxFN22XcJpO7gJxoZ47k5I3zOUDiEiA3dtdTX48AP/3p3DTuJG40L+dsXrRDpb6lZRWPPxe1N+8LzaR78tSpfXeNQ/2VZ+dhHrfKbsfiB32sMr8gE2RSx7VIrSSCtWT0iPsSBwOvc3h2k6gIM1g66cIroI7vWp0Khf6C47yM/laGkg3rhZ/CyoEjP98YO0ShiP5deRb2pzRv3UuTDb1BI2ZpC38kcZpHvy5yYvPczOna2/VGySrYGYb99qN+NqSFWDBE01rXJqb237nNn5OnpzXu5GgvDldYuqijD55XN71CK+A/2NMfg0iGhEb5cKEKsEL+X+araNo62tl9eujVIAeQnMqjlyOdyH53sLdUsAHrLWzSYd3jMMSGhLLI7Gt5lK8aPLEh4pWv7DHwqPhndnWln1K7Uy8PE1qk99Aehz094E0dtxnE948jN6+tY73utvAcgxYWpntp/wclueNEL1IjxbxgFwhry5P4Wnxa82Blcz4xktDA4GAobBRP1mx7HoX0ZmzSkxVzY5ruPnQqbDuJfqR6UsxGo6R6QwdGkXK7j6y5MbQutMCqBpBOruYTckbw+ncu+OC3VKendPqcuF5rBQAFsBRz6yBkX66wJFDZh9yDX+vzIbK8QCv2XTLEhb+waciXBop6r1ytHipDP3FwDj80x407KOyBUfQaA4yx1PxGr67okCDGMxUZ2tvsVbuKJnHXMPV3VFxV/aOlD5dvtTel3TO3TwLhsLPn8IPyVQLZn+BxrAZvZzsxMFgDwoSWsY028M7Yfqy7XQEsv7HdgWZhHSL9WlPtbv86LRvmCacwRGqylfN4j3L+EtaOwVW0uWm3cGpkSKKXDjx03bwR+EPLwQOBI6jWw39jq26+rhAnB36LBTV4C51QW1A7O2DORsvhUmq9pSiF5Sj9wkmv5EVectOw75e6DpYPlx1i+CwFFR6ZaL3cIdtVIt/pcWsjuroQPQ83iirdM8SVXwpUmaI9H0tmAUuvt0FdoGDeiz7kIpI0BMdy9I1VW1VI5NNmQWmbv2A3vDE3xW6t5LfVPw+8O3NRDW9cfR3Xpo1bL8/js7pQWvXbqSGhfiHVzg9J8it69Z00Pg5ZierVQjjNCTyM5yec+rIxXyrO/PLEnBkrUyPaWZTcxPd4ZZyhdA3OMNOwFB6cMSsmDuArpfBqcEZpiRWQ0XM6TlyMwavBgbuhzHcPBsO3QVVBM3+eJQW7avnDelNbVXx+024pNqGDtK+FZyw0GbCbSiyX+yR7wJI7dHvDbbHf1m8lo7mqfhMA0U4/j3d1C99PDczi32/ZOzt/6GbcDNo0IxbsDCg+TivwN49+Mk88vE3XyfGVCigjQ/oBPgXDhg97afSaZXdROGrit9ReiqKsVJLcSScikcdwcW1Ee+4EuGyUL8uz0BtFLZ2XAev9fS12ldCszWuawbm8ioqWammjJbdAsrZi4LvG4xAFnH7yQ5Y/tXqPODCiavmNmiTgLbwP8NuPVAgF04hr+XjxCNYZgIBLU8gvSAGt2823zco7l2iJzPB54MAe5HBvGBFpaQz/5sAmGJIcKSdhEiq2I5n9azaib6oruTVl3rQKarm5sQaR70Bz5o3ThtJdAvoAWx2UT4ej4/u3dhBuAoWL0ySUmi94mvRbCt+1l9AMmE0HcWyuEM4Z6jU2KJKeixt+wR5JfrpbHBlzs0fTTzoSkwHdpOjl7XFbo7qsAjeEzZPsW1B4o5swnd/GZRa3qP9OtBvjMSWdMILMeH8RNaDZjYdfZ6wC5M4U5YF2KoRCJMEKXbAAN3TyUzelKF+aufUIVT3hzA+pIiqpWLBhSRlP14sw2</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-12-04 09:18:52,871 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-12-04 09:18:52,871 - INFO [Shibboleth-Audit.SSO:?] - 20221204T091852Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_1d009aa0446f440b9a1ecb7c93fcc4fcdaf0cfc|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_1fb7c4f340c304abc941850512e9aed2|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxsDqF31TCVh3bhbgZuKR2MLKC1GeBS2he0w1yfEK/4VFsDmAW0VakElsR9FkWVdX1LKwBhNK+wHed4PbwKijFp/bIiHNhKaoDHGgX4yk3aZHgHowwGVuXICMYSFRz5NsuT1CmBtyfBXmbJGqvS/X0XZkwmjn+o4A=|_4aac1e309fffe73117739dc13568ff64|
2022-12-04 09:21:37,736 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:8d22fa71cad5f2e5a707083f05b53b580c2609d86742b29d3c4dc92dc0ca16f6
2022-12-04 09:21:37,736 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-12-04 09:21:37,736 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-12-04 09:21:37,736 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_0973f9ec7913264640d796316f1479dd"
    IssueInstant="2022-12-04T09:21:36Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://shibboleth.tailoredinstruction.com/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-12-04 09:21:37,751 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://shibboleth.tailoredinstruction.com/shibboleth' from origin source
2022-12-04 09:21:37,751 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:21:37,751 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:21:37,751 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:21:37,751 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:21:37,751 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:21:37,752 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:21:37,752 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:21:37,752 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:21:37,754 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:37,756 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:21:37,756 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:21:37,756 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-12-04 09:21:37,756 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:21:37,757 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_0973f9ec7913264640d796316f1479dd', issue instant '2022-12-04T09:21:36.000Z', entityID 'https://shibboleth.tailoredinstruction.com/shibboleth'
2022-12-04 09:21:37,758 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://shibboleth.tailoredinstruction.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:21:37,759 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:21:37,759 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:21:37,759 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:21:37,760 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:21:37,760 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:21:37,760 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:37,760 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:21:37,761 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://shibboleth.tailoredinstruction.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:21:37,761 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:21:37,761 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:21:37,762 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-12-04 09:21:37,762 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-12-04 09:21:37,770 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:21:37,770 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:21:37,770 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:21:37,770 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:21:37,770 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:21:37,770 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://shibboleth.tailoredinstruction.com/shibboleth
2022-12-04 09:21:37,770 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:21:37,770 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-12-04 09:21:37,770 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-12-04 09:21:37,770 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:21:37,778 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:21:37,782 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:21:37.782Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:21:37,782 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:21:37,784 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:21:37,784 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:21:37,785 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:21:37,786 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:21:38,073 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'shibboleth.tailoredinstruction.com'
2022-12-04 09:21:38,073 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:21:38,073 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-12-04 09:21:49,291 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: SSOT_2116773121
2022-12-04 09:21:49,291 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-12-04 09:21:49,291 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-12-04 09:21:49,291 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<urn:AuthnRequest
    AssertionConsumerServiceURL="https://journals.sagepub.com/action/saml2post"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="_555328390200518897" IssueInstant="2022-12-04T09:21:48.589Z"
    Version="2.0" xmlns:urn="urn:oasis:names:tc:SAML:2.0:protocol">
    <urn1:Issuer xmlns:urn1="urn:oasis:names:tc:SAML:2.0:assertion">https://journals.sagepub.com/shibboleth</urn1:Issuer>
    <urn:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</urn:AuthnRequest>

2022-12-04 09:21:49,297 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://journals.sagepub.com/shibboleth' from origin source
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-12-04 09:21:49,297 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-12-04 09:21:49,298 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://journals.sagepub.com/shibboleth
2022-12-04 09:21:49,298 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:49,298 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-12-04 09:21:49,298 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:21:49,298 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-12-04 09:21:49,298 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-12-04 09:21:49,298 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_555328390200518897', issue instant '2022-12-04T09:21:48.589Z', entityID 'https://journals.sagepub.com/shibboleth'
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://journals.sagepub.com/shibboleth' does not require AuthnRequests to be signed
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-12-04 09:21:49,299 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-12-04 09:21:49,299 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:49,299 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.common.binding.impl.DefaultEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Candidate endpoint binding 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post' not permitted by input criteria
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://journals.sagepub.com/action/saml2post using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://journals.sagepub.com/shibboleth
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:21:49,300 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-12-04 09:21:49,300 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-12-04 09:21:49,304 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-12-04 09:21:49,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-12-04T09:21:49.310Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-12-04 09:21:49,310 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-12-04 09:21:49,310 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-12-04 09:21:49,310 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-12-04 09:21:49,311 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-12-04 09:21:49,502 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from UIInfo 'SAGE Publishing'
2022-12-04 09:21:49,502 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-12-04 09:21:49,502 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No matching description in UIInfo
2022-12-04 09:21:49,502 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No matching description in UIInfo