2022-08-09 11:00:59,824 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-08-09 11:00:59,824 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:00:59,825 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:00:59,825 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost:90/bpozg/samllogin"
    ID="_19edfa99-5205-4524-a9f6-a423d2425df2"
    IssueInstant="2022-08-09T11:00:58Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://sso.idutest.com/entity</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/>
</samlp:AuthnRequest>

2022-08-09 11:00:59,833 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://sso.idutest.com/entity' from origin source
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:00:59,833 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:00:59,833 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://sso.idutest.com/entity
2022-08-09 11:00:59,834 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:00:59,834 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:00:59,834 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_19edfa99-5205-4524-a9f6-a423d2425df2', issue instant '2022-08-09T11:00:58.000Z', entityID 'https://sso.idutest.com/entity'
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://sso.idutest.com/entity' does not require AuthnRequests to be signed
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:00:59,835 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:00:59,836 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 5 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost:90/bpozg/samllogin using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:00:59,836 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:00:59,836 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:00:59,837 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:00:59,837 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://sso.idutest.com/entity
2022-08-09 11:00:59,837 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-08-09 11:00:59,837 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-08-09 11:00:59,844 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:00:59,845 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:00:59.845Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:00:59,845 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:00:59,845 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:00:59,845 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,845 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Updating expiration of master record for session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c to 2022-08-09T12:00:59.845Z
2022-08-09 11:00:59,846 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading AuthenticationResult for flow authn/Password in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,846 - DEBUG [net.shibboleth.idp.session.impl.ExtractActiveAuthenticationResults:?] - Profile Action ExtractActiveAuthenticationResults: Authentication result authn/Password is active, copying from session
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Reusing active result authn/Password
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name established from session as 'rick'
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:00:59,847 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Updating activity time on reused AuthenticationResult for flow authn/Password in existing session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,848 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:00:59,851 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:00:59,852 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@28dada47'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://sso.idutest.com/entity'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@34da0085' with context 'intercept/attribute-release' and key 'rick:https://sso.idutest.com/entity'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:https://sso.idutest.com/entity' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1665126276477' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:00:59,853 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:00:59,854 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:00:59,854 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-08-09 11:00:59,854 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@28dada47'
2022-08-09 11:00:59,854 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:00:59,854 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:00:59,855 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:00:59,857 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:00:59,857 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _fe5c5273aee131d65058eb6fba7d90b3
2022-08-09 11:00:59,857 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _fe5c5273aee131d65058eb6fba7d90b3 to Response _602224630b23a3f2b18fa69a63bb3a51
2022-08-09 11:00:59,857 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _fe5c5273aee131d65058eb6fba7d90b3
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:00:59,858 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:00:59,861 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:00:59,861 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:00:59,861 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-08-09 11:00:59,861 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 217.18.178.74
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _19edfa99-5205-4524-a9f6-a423d2425df2
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://localhost:90/bpozg/samllogin
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:00:59,861 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _fe5c5273aee131d65058eb6fba7d90b3
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _fe5c5273aee131d65058eb6fba7d90b3 did not already contain Conditions, one was added
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:05:59.854Z, to Assertion _fe5c5273aee131d65058eb6fba7d90b3
2022-08-09 11:00:59,862 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _fe5c5273aee131d65058eb6fba7d90b3 already contained Conditions, nothing was done
2022-08-09 11:00:59,863 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:00:59,863 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _fe5c5273aee131d65058eb6fba7d90b3 already contained Conditions, nothing was done
2022-08-09 11:00:59,863 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:00:59,863 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://sso.idutest.com/entity as an Audience of the AudienceRestriction
2022-08-09 11:00:59,863 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _fe5c5273aee131d65058eb6fba7d90b3
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://sso.idutest.com/entity to existing session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service https://sso.idutest.com/entity in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://sso.idutest.com/entity in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.AbstractIdPSession:?] - IdPSession 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c: replaced old SPSession for service https://sso.idutest.com/entity
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Removing secondary index for service ID https://sso.idutest.com/entity and key 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://sso.idutest.com/entity and key 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE
2022-08-09 11:00:59,865 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Older SPSession for relying party https://sso.idutest.com/entity was replaced
2022-08-09 11:00:59,865 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:00:59,866 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:00:59,866 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:00:59,866 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-08-09 11:00:59,868 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://localhost:90/bpozg/samllogin
2022-08-09 11:00:59,868 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://localhost:90/bpozg/samllogin
2022-08-09 11:00:59,868 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_602224630b23a3f2b18fa69a63bb3a51"
2022-08-09 11:00:59,868 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _602224630b23a3f2b18fa69a63bb3a51 and Element was [saml2p:Response: null]
2022-08-09 11:00:59,868 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_602224630b23a3f2b18fa69a63bb3a51"
2022-08-09 11:00:59,868 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _602224630b23a3f2b18fa69a63bb3a51 and Element was [saml2p:Response: null]
2022-08-09 11:00:59,872 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:00:59,872 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://localhost:90/bpozg/samllogin' with encoded value 'http&#x3a;&#x2f;&#x2f;localhost&#x3a;90&#x2f;bpozg&#x2f;samllogin'
2022-08-09 11:00:59,872 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:00:59,876 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response Destination="http://localhost:90/bpozg/samllogin"
    ID="_602224630b23a3f2b18fa69a63bb3a51"
    InResponseTo="_19edfa99-5205-4524-a9f6-a423d2425df2"
    IssueInstant="2022-08-09T11:00:59.854Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_602224630b23a3f2b18fa69a63bb3a51">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>Kcz9UO/qEUwouuHLf8WXjHoTkWsBeOcaOkOkI59Yuz4=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>Mqn8GIeJtdsVn5YKvGa9iUr1YgMos0Kv8+F7qZSSZy3PGIhnpskjy5TRr6xCHiT6meAB5RdJg6joWXx3rJDPk5GacIttP5YEXUmFMigPkED/7r6/oX65u+vbeR0o9rgb9oJNFZOPwKGcyzdFj2CCp6S6lcjf+3COg3vSqIkijtLR3pJZPPQcnXloMcc5JlWtqRGL+ZfivCPMwFFoan6oAYQHNl7s4RK3OeS/QbPguwZOHuGwtxORS5ytCZm1DQNQySFfkRvyDHtNruADynYagClr8OOvGM7pVj+dwuwpd+bnYcCPdy0Wt63AZYlGykkybYJqLxxRZiGSjRzPvXAh2w==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_fe5c5273aee131d65058eb6fba7d90b3"
        IssueInstant="2022-08-09T11:00:59.854Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://sso.idutest.com/entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="217.18.178.74"
                    InResponseTo="_19edfa99-5205-4524-a9f6-a423d2425df2"
                    NotOnOrAfter="2022-08-09T11:05:59.861Z" Recipient="http://localhost:90/bpozg/samllogin"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:00:59.854Z" NotOnOrAfter="2022-08-09T11:05:59.854Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://sso.idutest.com/entity</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T10:28:16.729Z" SessionIndex="_1bee026c150fa2db884516eadf07b489">
            <saml2:SubjectLocality Address="217.18.178.74"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:00:59,876 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:00:59,877 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110059Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_19edfa99-5205-4524-a9f6-a423d2425df2|https://sso.idutest.com/entity|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_602224630b23a3f2b18fa69a63bb3a51|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE|_fe5c5273aee131d65058eb6fba7d90b3|
2022-08-09 11:03:05,364 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:05,364 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:03:05,365 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:03:05,365 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_8db0d8f68b78475b82e961416918d6628b49d6a"
    IsPassive="false" IssueInstant="2022-08-09T11:03:11.603Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_8db0d8f68b78475b82e961416918d6628b49d6a">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>SpzCz0vRrSoiLl8aArkIvCxgTXoFVv5iY+nKjE0+uPY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
yVDOf4akT9YGjoXBqrcdpIiopO8CFo3C9GvedbUYiCDcaGGTpAsLr0cwOuC/liE6UAlSdGaNf7Mq&#xd;
XvEorJpFwur1yhA8BvMbQakyV8deXCTd+37uBktmD4MIagTat/JqzPHQQz3WY0S8IrN7FOkomWz0&#xd;
rRNCK/EsPu4LI6RuFnk6jd9gwrzxUFyqDUsH2PdR7GBdyy++WAu9h5lEUkDvRDYFpPMhYZb/Hrx4&#xd;
5SYg1vEAMw9lsWh+P2w/i8JlR/EkMYW6LuL0ZhkcrwWQp6pORqpg1SskkfQ3rWzQEY20ZbW2KY97&#xd;
+kL+2buShuPgYckd02UFPIZJnF2okBEzI6z6cg==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:03:05,373 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' from origin source
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:03:05,373 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:03:05,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:05,374 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_8db0d8f68b78475b82e961416918d6628b49d6a', issue instant '2022-08-09T11:03:11.603Z', entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:03:05,375 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:03:05,375 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:03:05,375 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:03:05,375 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:03:05,375 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 29392041739316831879909492263420809618356180272706027652343679098016282364414745216536632236600099715481081529744647645524003605122510817186315887517802452912643799162132870623358634804138327500912458001247256725586583530153692971849689848886777937538189618258798059356709972927743814711999393727110032489973264689064077963688570016506826594214907457503424024951351469455588099097161329401211827643012675421693008670801375297917537559379804376187770338075916115969654848155346928965046567907849079265565736568268190945123584854744386448963767726504663579103653226620589261606418333687915975781431485708245812900729641
  public exponent: 65537
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_8db0d8f68b78475b82e961416918d6628b49d6a"
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _8db0d8f68b78475b82e961416918d6628b49d6a and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_8db0d8f68b78475b82e961416918d6628b49d6a"
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _8db0d8f68b78475b82e961416918d6628b49d6a and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_8db0d8f68b78475b82e961416918d6628b49d6a"
2022-08-09 11:03:05,376 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:03:05,376 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:03:05,377 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:03:05,377 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:03:05,377 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:03:05,377 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:03:05,377 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:03:05,378 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:03:05,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:03:05,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:03:05,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:03:05,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:03:05,378 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:05,378 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:03:05,378 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:03:05,378 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:03:05,378 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:03:05,383 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:03:05,384 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:03:05.384Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:03:05,384 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:03:05,384 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:03:05,384 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:03:05,385 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:03:05,447 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:03:05,447 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:03:05,447 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:03:21,708 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:85e85ac76adc7a696d2ffda7348846ca3fb402e4d371fae8be200354fe34c680
2022-08-09 11:03:21,708 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:03:21,708 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:03:21,708 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://stage.tedu.app/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_48eeff2f8ff9ec1f218e6987d8d309da"
    IssueInstant="2022-08-09T11:03:20Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://stage.tedu.app</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-08-09 11:03:21,720 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://stage.tedu.app' from origin source
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:03:21,720 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:03:21,720 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://stage.tedu.app
2022-08-09 11:03:21,721 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_48eeff2f8ff9ec1f218e6987d8d309da', issue instant '2022-08-09T11:03:20.000Z', entityID 'https://stage.tedu.app'
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://stage.tedu.app' does not require AuthnRequests to be signed
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:03:21,721 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 4 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://stage.tedu.app/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:03:21,722 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-08-09 11:03:21,722 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-08-09 11:03:21,723 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:03:21,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:03:21,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:03:21,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:03:21,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:03:21,723 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://stage.tedu.app
2022-08-09 11:03:21,723 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:03:21,723 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-08-09 11:03:21,723 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-08-09 11:03:21,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:03:21,727 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:03:21,727 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:03:21.727Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:03:21,727 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:03:21,727 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:03:21,727 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:03:21,728 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:03:22,214 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'stage.tedu.app'
2022-08-09 11:03:22,214 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:03:22,214 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:03:27,526 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:03:27,527 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:03:27,527 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1580175884::identifier=rick, context=org.apache.velocity.VelocityContext@3bf305fc]
2022-08-09 11:03:27,540 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1580175884::identifier=rick, context=org.apache.velocity.VelocityContext@3bf305fc]
2022-08-09 11:03:27,543 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:03:27,543 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:03:27,543 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:03:27,543 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 9dcaffa08409cd573dd8a6cd092e63f95200693dfc80b1c7cf0c9fcd3772d3e7 for principal rick
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 9dcaffa08409cd573dd8a6cd092e63f95200693dfc80b1c7cf0c9fcd3772d3e7
2022-08-09 11:03:27,544 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:03:27,546 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:03:27,547 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6fc01051'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:03:27,548 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:03:27,611 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:03:30,191 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:03:30,191 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:03:30,191 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T110330Z|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:03:30,191 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579010192}'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient]' as '["rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"]'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6fc01051'
2022-08-09 11:03:30,192 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:03:30,192 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:03:30,193 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:03:30,194 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:03:30,195 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _0dc63d1c637e5d8a5ca252aa41264ad8
2022-08-09 11:03:30,195 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _0dc63d1c637e5d8a5ca252aa41264ad8 to Response _30a952853ab107407746e3ed6793170c
2022-08-09 11:03:30,195 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _0dc63d1c637e5d8a5ca252aa41264ad8
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:03:30,202 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:03:30,203 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:03:30,203 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:03:30,203 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Checking for source attribute mail
2022-08-09 11:03:30,203 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Generating NameID from String-valued attribute mail
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID rsanchez@samltest.id with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.77.23.3
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _8db0d8f68b78475b82e961416918d6628b49d6a
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _0dc63d1c637e5d8a5ca252aa41264ad8
2022-08-09 11:03:30,203 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _0dc63d1c637e5d8a5ca252aa41264ad8 did not already contain Conditions, one was added
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:08:30.192Z, to Assertion _0dc63d1c637e5d8a5ca252aa41264ad8
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _0dc63d1c637e5d8a5ca252aa41264ad8 already contained Conditions, nothing was done
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _0dc63d1c637e5d8a5ca252aa41264ad8 already contained Conditions, nothing was done
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient as an Audience of the AudienceRestriction
2022-08-09 11:03:30,204 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _0dc63d1c637e5d8a5ca252aa41264ad8
2022-08-09 11:03:30,205 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient to existing session 9dcaffa08409cd573dd8a6cd092e63f95200693dfc80b1c7cf0c9fcd3772d3e7
2022-08-09 11:03:30,205 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient in session 9dcaffa08409cd573dd8a6cd092e63f95200693dfc80b1c7cf0c9fcd3772d3e7
2022-08-09 11:03:30,205 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:03:30,205 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient and key rsanchez@samltest.id
2022-08-09 11:03:30,205 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:03:30,205 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:03:30,206 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_0dc63d1c637e5d8a5ca252aa41264ad8"
2022-08-09 11:03:30,206 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _0dc63d1c637e5d8a5ca252aa41264ad8 and Element was [saml2:Assertion: null]
2022-08-09 11:03:30,206 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_0dc63d1c637e5d8a5ca252aa41264ad8"
2022-08-09 11:03:30,206 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _0dc63d1c637e5d8a5ca252aa41264ad8 and Element was [saml2:Assertion: null]
2022-08-09 11:03:30,208 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_30a952853ab107407746e3ed6793170c"
    InResponseTo="_8db0d8f68b78475b82e961416918d6628b49d6a"
    IssueInstant="2022-08-09T11:03:30.192Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_0dc63d1c637e5d8a5ca252aa41264ad8"
        IssueInstant="2022-08-09T11:03:30.192Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_0dc63d1c637e5d8a5ca252aa41264ad8">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>6HiGsn2JFObdMHx3y/e1mpAzFIds+5CC0w1r78QC/eY=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>HsJd+0Uk0/LsLkRsRXDfigqY9EJzSZtN2efeOM7p/Us7bLtz21L3RSLjwArB9w/oY3sv5DT9DeSKqAeSbfuH+0hFv3wzqQm9//LVMIjRP4Rt7uWBkfp0EZBhns2AKX1Z+5qTJ6C1xeInWkN91+2E4fAT0eZGdFLEqfzbRy1znBB7WA8uqz0gghBkmy6U8kANYV7XROhEh+3Y3+3DdogMFQCdNmkd0XU24b3o8vVRL/D3SM7sdDVIUBlr6GAt6WjYeqNdVTfnr6njhf9KNnYxBa+tfP3bN9aj37ow5+Wf9csd/Q4KOnbs/2n6BLHZBXAXLqs43wpfQ7E538zJ5L034g==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">rsanchez@samltest.id</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.77.23.3"
                    InResponseTo="_8db0d8f68b78475b82e961416918d6628b49d6a"
                    NotOnOrAfter="2022-08-09T11:08:30.203Z" Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:03:30.192Z" NotOnOrAfter="2022-08-09T11:08:30.192Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:03:27.543Z" SessionIndex="_1309df892388732f6c933ca269a6f6c7">
            <saml2:SubjectLocality Address="40.77.23.3"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:03:30,211 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:30,213 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:03:30,214 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_30a952853ab107407746e3ed6793170c"
2022-08-09 11:03:30,214 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _30a952853ab107407746e3ed6793170c and Element was [saml2p:Response: null]
2022-08-09 11:03:30,214 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_30a952853ab107407746e3ed6793170c"
2022-08-09 11:03:30,214 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _30a952853ab107407746e3ed6793170c and Element was [saml2p:Response: null]
2022-08-09 11:03:30,219 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:03:30,219 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' with encoded value 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:03:30,219 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:03:30,219 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient', encoded as 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:03:30,221 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    ID="_30a952853ab107407746e3ed6793170c"
    InResponseTo="_8db0d8f68b78475b82e961416918d6628b49d6a"
    IssueInstant="2022-08-09T11:03:30.192Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_30a952853ab107407746e3ed6793170c">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>mFjLNQlhMdlOkZR2L2LBskZFZFzJxvIZZ98WQ0reQXw=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>ELei/LbMO5zanglJE/GO+rdQEz7VaAfUiHYI7hGZR+1ghMkIFSi6v6/rl60oigZKgQMtfqLDBJ/lPYi59ckxsds1UZJNYw8/pp8LhEKll/kXTjigIud94R0z8LH6mPtYlf1fG2g1ByijoH3LG1z8x/HggNhhensqxowsbdLd8U6djmzh5bfdnbloV1S1H8iKxXCzzsbgrGLQixqdwDI82DsaN/F5d2BTGyg6RKZ25KO90NM34artzBTTey0zyOPabie7quW+9icTY/dzcZ6MHTHTGahwo8XEgzrrYn8rsy5OnvLvtzGXB6ERQ+cJh8miKZDGmj9k3XoQrp3Iy/OAxQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_abe15aead6a181639b37b1a4ad73850e"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_8452f6b392b4cf494d8845a7b847ff15"
                    Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>UEbIItdy25qi3GhJhjB9qLL89Yx00OyTgR9p1URGymLh2Z+GUX6aoj9w7xB7v/mFp/enMgx5RkapSY5S//Kf6wlEsu+25WM17HXflNq3bJR8taSxO0qiDFG99XX15nHW71bnoqmu/K7CoibH8Mp1z04pKP69pHj7ss9OeJ2dzBpqyetAVv/Z74WPuyPL2ydDwuiM+X/2kV2Ny9hiH5+XCBM4zY5BENcOZqEaws4hbbHfhzmDJQDzn7ysVLeldSVxnXbR88jionMm1NEk+CtEB5LqV4BDILAFRRf64XavDjUUgVoPX5s9CmkHybSUO/HgBznWG93NlftJLg6ifIFLPQ==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>q2Mls83Zphz1TNX8L5e8Skyb1Vs13gk/nx5UmkyiagncfSZQRJCpaOlITg5DkBeaVIrlm6DAqoqU+WNYx2UOWS6wIkRr7nO2yw+V3WKqcOKWynKj2Ou9hsjTrYi7tqkKOpT4I7jM4SWgc7IXjbQW6smuHcPZMAIwMeoSCjlhRgbp1dWMxfkauukVz0S7az/yu1UNyr/nTfXOMWlbXI3UwRUthlPyoxaUEjLmD2cmSYC7dgX/GVOgshvT6hZlnMNlnkNTrEubi9dRIFs5cC+FQ8yhhZ4tj9Fv//k4g82zlEKsyRfflHDpK1Ypdz51Z8/AAMmaczwfq3T7NRhyzlA87TVo6OmnmJgapzBwv//Yz7snLVTCNrl7TiCeg/Caq5CMagJ8aD1vgwgcvLwL3iDL8BMmDYjh9TvQjbZ27SGo8lu+AFGfew312pbiSR5xxUA1yVrZFanFydXHglcQu8VPqr0fPJ/g0HN8cFlmMGVduTuX7KUjxn6W51vABmQ0isi+jeqcEiMDbBIxjg4SRoADT98RySNbfBm+a2kQbfsq1Obj+cB7xxCiGT8W8aEKOwkjVCMFTGnWkVssfl7IY357dQbH1eS/Fw8ebOL3J0MYbgd6zD58PbIiXjNSX7aetpiWmHZ/jRrp/d6ntbCSQcjchI72wojVyOvzjuNNxjq6lxk5rxw3Uff98lJfiB7/o7uAopU66ZQRKNl6/9hZDf87Ex3IoImoCoGccT09zKeAVKT67XXbip3wi9Wh/K00JCjPhRtx1dH5RuSSGoQ+Ff6wpNUSLxvzdTrsca1nP+k4+Hwhpd3kiDhmTwkupldMnR8QxaeJ4dMTbhtX7ulcEjYqUHUTxr1l2Mzh1D0T9WVtB7qvyGiuYepIr52n/JN1OK/Byq42K/+yGBUj3W2wMEcvF0+Vdu5UODUi/GGXmrD7AvNTwTL5UNOVfMdLE78NN+QpLB5MzRGjdzQOy98G5piRkfq2yK0KfY15P6bKYA9Q3N51PUkCk1VI1ZIiVx/f+7BaeX/K+95Cwu7nKWhSwr4+NllDZ/73fHu7k3KBR8znE+9TRdUAxyDquYPWalOyA8PQmz44/KiGf/L7P9yTpcFsW/IXNEDN89F9Byn/rBzJakj6UWa3WXeR+kuN2HMlMjwGjLIrjCF2uahUruamPdPKj768K53NMvDhQ0A5nidAFBBLVASIUcIx1Zxf+WClfZjSinAmeE5Qxpv9DVD8maDDHXC18WXde24Axo4fh6kiesncrrIAw1Y2X7EcqpNBgLPGIAqByqZdTIW9OdsBk3l+12BFcoqts4O6rZTBsRJT/I61OxvHS9G3VL5u/W5esx03aiFA3u1Yyfd/hHuPFZBOa2wJHFM2nYPMejC8e+5dJbXc8VgiDHjPL/dXW+Sh5U5K1l1j+M8jEB8bhbP+cDWaYP5rqvvllRCuk9LE1pkRFf1SmxUHQS6Uzr9acKcPRN9aorFpi82E5pNEyU9EmHJk0yfaV/YfDbyJVXBCMpBs2hc0J2FIg+ms5kmBj7TkDYdwu37vaYcoGHX0v3NQAtRuyoHLRU9ZYYm6Hk8D/4unrMdy9hN4WNHNrIXf/8Lwr2DBQsi2NYKzbhqL/m497oZhvp+HcbVQ6J6UOyJvE/f2kPuy2He/artx/a0ko2c5bKuWnHEq5s0cEnfqV5Vzr1o0FkXksIaNIzUoY+yP55NRFexqyiOlODJ3sviO+68q2TpJm4O2E7aA6KAz3HUT/nLuOfpjejIO0Lz+Lu8ul6JHpJVX1fshPou1M2chdVX/hmLm8/qeuvZZr5CAiQPcvmmLX4KXNJzg0LhWyZaJSYZTLNYxYNeUHxr6XHvFwFRSx9dDU4skvGlHYzb5VIVXmt8mwP23Y6+Q/DX66jG2LbLGYFJ77qAEcDLy+Sd+m59Cspe/zHD6FyI65ihaIkxQGf+9OJeimAMp1Wtq6GPWF+KsUDW5pGSyp7AHkE1CL3/OI8Hdyq97bGROZ+Sd2Z0majJM5nOz0A9Nn+NDLQ3+En3+rF4fXJRuJ33/6V8SHFaDtIbEmJMx4oL1zn47f3COxJaPhEUu4CL6RjTiM8GnE4OiD6PEIRfDDn420SWjo5JzZLZD5vR6copi52rrVDzDrDPnfXhF181jbmMgqnfF4AFV8HrPeojjZpP1fUFhxSLwJZOQSprH+CwjGb/oz2cEdLeJVy6mid2r53xk5tuUuuIRGIdhSd4+emivNXqVKELKTgMv/TSwdZwg7Dg+H0ZOH/ahtdNGiHkgshTMCDffRXMGK9evdJP+fb07VDbX5EcfdRZdxucIS148bvtjqpnexEXKpgaALSW7BvhxIyPGHK4qtAKVwp3e2RBM8tMPdP7xSr0Tr9AyWeFiVrPIVDHxC3ctcmVJmcmdchSQxfjw7cIByOcbmemrccDJFzJ+dMgZbZXmkUd0ZRwgEd2iHhE7hubp75VomIonQikk3jLZllEukY2/PBOQ4Q7vb7n2Pro3l/dWh6o9BEmz8fND8+OwlIwvJrtvhcFOR/TfydTlXeLJbda/efgmNpXQ/OHvYO/yxTup6lQzxyz2xS+yq3qWEsknQ4dCAY8YTgcjME+9FE6WvnIk3mcdnhBNtwBjldtd5HVb+Xl5R76xR4HCVZqoYEmYJtTxlPteNOZu8GN7maqWIYljQGFDdBoPclfEF/UXAwR7+ELwxdTWJypCqx+lEh0okhr5rEh6rJp45XGhojkDojyT+uOwzqGkyr000nSRmwzyny5TL0wEhajLukFwRRWsJoY5ohzYWldLiDNyy/DxgoeYkdxlYSOJkIzl9jJAuJFVuaLgN7y9cmBMfdosNdrTSh3gsDSzUNtU/hX8X4uUR+FgubDXOtyphVLtyuia9l4XR1mShvRbdYgLIGTf8VkXN/waYIHeb50S5e1YjI88IhfVu1AFtHmTGhkX+sScfJtYQtTAGYQ6rd59fmGonDQggwjPzq++8EyQ7coqVFMg1r2aeq7pvz13Q+tmMMlFt2FEd7YE+JPc0921QlPPYDqSTgfpReFqU6U5r7kyIw8PgiJMnGlgzKFrqNmE1P2anZRX5QTghoFZwsl8EAzpnCXzwOojAw7lmZ6RxkwJrVG+8Sj5v27vl7rqPEonCywZN4bWWJaQnLcPwSGgYMRrYpkPzwjdmHoiUXWHDePzATQPSaIA9LwjQ8smmTYLgAEKC3uPB78yACdeBUw1IZbY0H43nvtu3hQJ8UMcgq+pbeA7zdDBzJ/5PPfiRaUO7lXf3KJqvskde2xazWtLBZHGWenjJ3Ss7x1LkxFY1LnL+dY1Z/CcqLhbb8Ha4BrT9lfpN07lR8RGKZegVwGUbNwVrLefAehebKtaYoBeCVKBkGeALWtzQ3IJwYvnvWKgkObm/PcLR6D0TtcSQn/YS8SkD8SGfSLrp3xfIeewP3hiESoPnZjx1pPUQr3kh/4HP3aIq1kiSFNnyg3WMj7T4uTtujsgafFzmCkUrnkHBKOqClddSrwtMz25BogseqmkX07cXNmv4wkGWZYkJpfsbDCt19lxc5N5vK0AEoH9sY0h9/Fb9ZCG9Y7NICukQivDatCs5Zw2cxIvrrxfmeAmOt3T0hAQj4VazOS1WRuy6pT/bvsTc9e6xEryg8gKfqch3ZwZgi1VxpYZHGlaVVN7BPWiP3Jo56iy7e9aZxIP2R2hl2HZjKOLX4Mpj7CunmLkN4WXktQDUTDF3YTr0TBMwF1wDFqypBrhCgqcPEtonFpWkPjePmcwTLyad39dIA38Y3eFIDVuH4iaf3ST4DdiUpMBxUELmCRMoRFmwBTvmOYCYAU3JxzgdF7CtC8NfwgJf5IuiU0EyFJ73cGmNBIirLR0VK1S4o5c0ELHAf9WEcmMqyV+wlWT+T1HrXvp/suF3I3hS6D9JUmUWkr2vsnQx8W9xVqdAC4HPfzVN79LMMwlq19J3TR4nDdwP9RyoIcHLR3ZJ7rpvLnoeEfNAHkzcjys4CfGStMRd1AlnPU+YdRM++3IySgfrkbeJccITviLoQlvk8Hgk1QlQbL3k621gX9r4q9cXKEfYgoUFuqwwak8hlMDYaZAbUZBDqeTFw9cnqu2A7eKJJH9ihbLgBkbzawVUB2rt7NARy/qlMoVUjds3Alon5YqQ54s41Zz5W2ASar9YbdC9GgOwi8k1Ha5+cjjQncZ5vx4Xt0hw7FsWK88e+OTGyGj9ZmGh359ZnRzzByAgB5w53BoJX/qKXwPSvsB4rqsRLmNY4CBqWNUtMQzm/502s3QuViFymPves9iZSKLg/xOt5ckbULETXqU9Qp/7XBjx4A0hCSo178GPR/CegLOXy81isLtGEYFxMfm9kFjryGfQYkrBZ2Th2+o607A1ttWt9faGMF9og6VcQoe+Az6F8+48zbwFaWCTN2J9PAyt81T/GxyDRdnY4FPsCXFE1a+G+RFzZLa5Px4LGrnrAFWJ2ReVjfH5xjDifgA3hVKvZLBwww9zkxckwk3y/4ESuJOgxgffOgQnBVUO6LthIB5PAtGRUoihGp4n5u/iVP0wgG8DRc4BJEJbYDhdu9xH0QV+p2XhqNeXuGqgsgpXPgNuNmdOFFWaiA4YEm8Mggow3z757dza5IczTw5+wMOfQqVrBeLTg0Ttr5aP+/NpK7KOQfAO3VUTfWH1LaWFlETOTV8pSVfavBMhXSvQlMNcB2QNWGQNJMH0G8cXGxJSTmr2joL7yF3wsPGuOv4OUNOf7lLRdYFbfVXhMMAkmc4NuQzacw3UYTsm4N96yXeC6nuwvfHXnXR54WCUeA812Phv1i0LG56N8cse9Hv7ctw/W86+hRkQZA1jX9rd2rnPjs/jpin6aDhYD9HgjzHb/0uKqpNjnxBjP2P98zsEzTa5ppK3jg9ATLjMz+b9ft8q7Jd9shfRWTg+MfySSIwzM2aIFi93sl99jNTusSehGCQRJI4ZeoPDlr9g2SsRR4abBGdlvdQtz3t55hIxsSX4UlUX268az6P8uuiixnTUAaHLkGwpcW7s73MAH09jsBmOpKF8gEEY1HL674Dxs4KZ1xiAC+CmZjMulel5S77McuTWqWB/vDNIZ3I+F5qZaYP6KNlxk2HAT1Q2QQSWg1YSgzJrLqVwYJsIp0/wfaJ9MbWYTA677hbGy+Vb/G2r+e2fwDFCJcD4F2E0uMEBs5+uLzBuzbFzNcLDSjooQkEOQytrCjrMvCKRAlkKKvnFyMM68F/GJsj0z00CqcluencEkhG8QOMnCEMOMaTEtnaDU/Ixl6BkdwS1oxErwSY9hoPDVDfr96rBHg+I36b1UCEcqv35UYyk00Rjg9CCYu81nNapQ5cNDXRLDk1FBJA0oLb8nvBgfivg5gW+2wM0zt0CoCJsVII+ATp6+hKN2NKZM+o56WUFHpexIN1Ne6RY+/rbIxcTxta6/VK7yjoq73c+IVAKElkLNJpPM2TF1Cmu83ifRetWp27sJeN2ji9DRAtaZDEqwkxBsNUeT1y0XGOLGPZjSdM1Bwe6cVMJrHW569tmY3gXsEATYZoQpt4M6g5pzt4uLmuEYNhvXiC6MC8FPotxUDSYPJl8WB4pVjbuaXbO9ZTWBwBuSN/LS5usPSTz1Yn9xD0yU7RWb+fJFJqL5LgJ3/onmsw7lMCQUBqEHU1QnE8G2HdxJ9YN/wislKggG9yINvhUVjo/hNLYfTPYE/eIID7zJNLd/3Me3SJjaZZIhv2XxA0GpmEZlsC/FDbz6xA4dOvDrUSu1JGBEC4nwhWPYcfRc/kGCxHSR1xPNw3/ZVKEv7XJGIojTDwFukOqCSEgGW39AOE/zuhIbEsj0+QzARETsKfeS0iapA0Iv6vABU9NMQEaK5ICLdR0w0SkRtjVHKffD0blx8fm4ODAcFfqb9q7RQSRxyfi3HNuY+vGHXtsOhVMW6o5lIRcE+hZORQHodvuKZWUM63/nqAs2G+hti1JNbz3OX3QxQasQgJ/RR2tE+rT1v/2/3hj/z3IZfDVCETSJm+9FPghxt6C6eemG09pDD0K0WYsGM+SS2/jI8DGqNx9R/7rU/+SQDEcUO1Tlxkcg6AUVHc8gRyk80VZaiqHMjpoFP4ngbbUxSYofqSnF/61+fx4RZdx36yNxwiSxK2BzR6+WNfnCpxGCHGiEgICwHE/IB1/dyg13mPoPxK6aBJJ4xQnN++6+vfLmowMhyzJaXmXwO49CgqrppJhjbxtlBSsw6rFMbBMY0MLs/LYvim9JLDe2hT3Eq3xTSsSnZO+ZLd1mcqUHBVjICymVz4pVQC+IdcBHygdOQ0RzLw15CNsraSZOPj3fCQP5VloPUDkbb0B+lCZ8j2uVMFZxuwHYgNeeqg8yGbhyL7O7m0Mcxe34GcLzTI7ql9yDr7jNuGxsB/YRmYP5NcRK7uWRmJNeFvRAiN4TLy5fGY+YOCPD/MNg5MqfhU0JFiyP5sfjJoeT9zl9qL2gRx5bOATti81eFam/Ha/vINWqNnlUjzl6tNfQmODHVETlBGNn0lwRCBrD3LMdVK9croKqjB0HjPkd9ZnIPU+5P3/ELkLGemHiCsBz+NLuwv26p27PaDp/IiITBuN+f/0MbCjwjTe1u1uASyzhmdw+zjHj/54JeYCmHvXYglXLrnjJEIvmrcjNY6P8bShMyaNgaWA8VoaScgEvKuKE6fTrpDnMPf3VphOHnMRtH5a9UkeR1K+5KYpG4mnUtOvlPUyeaq29S9Ik/u7E+v8oHgzce0xliV9z3DxbawpxZgv6UPr+X6Kcd6Q0fLlgu3vO9WVxrU9OnrAb3OWYwS0hDzVsy998IRq/1ltVBFWPvlZ3Cp053p+tFa9uI7GU8vRhBSXedTSmHE7dMZKtx8bwYDG48X/ujR+S0thFC0ZP5h6/fgwWO31+uy1YkNyosuDv5zBeBpmW0N2mpceZdbL+tRW5B/ogqA22stS95R50KBQCzMT3nianDZMAWFQB6SSQ3gYMQFT3JB0xPsxBzsIn8GXO5A2ktLmQaagIv5hEQvDw3Wot3rvdcswDR8yD7DWgIrp3oSecJedeff8mc5om3sCBu/YODbHzVxe00+9rig8tc4TTkGMRjUX089jIklPOVCtdfEXvRtoVje5A/OIl1JIOi6mLwOeRpGwiHar0s/wWGDodi/QOZfFMmdaM12ijhHUBsbZ0C3DfcnNL3qkIEM7P7jzdbHPnc2pNde/hwwKd/OVAKdqtJCPhD8FtsVHuMJNdEm/39iPv/YhY/H879clM3OrUZeO1OnJn+noAzE3//Fuga3DixzXYmfGOuOYPnlHhLftUJLwXO/FRwDIiIZeeK3/n0PDEJ4YaqOG/JBUQQeZVjzl2KTl+odv3KFZRlI7hVLl1NaU0jsQvAgt3SaABLYJCTxOBo5sIkzuJwXpOb4N3Idorc5ZK+0rUIIuGDfaXRlr5zK9NYNaPSIbBvP/pfzPq/DrIMTHK0FD1GLEe4rxICihu5ZL0QlcHVSWPf+9QqDy/FoBp/hqgc9Sq52pKS0TSe5OaK2jSAvcLcJ8dJzfAafQyfwtTUXSA3APDWnD/kcuATT3A8Hw5XDwtOL/0NN+XKO5RgCd+1vToBrS8KmgrrKWI/PfxnEX7GMCpgeZC2QXZTG2En+ECN9nJZaODwj8DQ0TiFclobNxmW7dclicV+vLewm80XigXyJg+E/qpXl16e2TdDfD4KamFOd2SucFsTDdzLGSdpNwZI4ILJcfzLhM0TA0uxWHajO1WcMxss4hB+fOReXbr6ysRW7wj50lvqbLaucT1mNduWirNelrhtxTIunJQ6p3aJV5zjeC9to4lxyi+QFxW4AnlvU6aRBlq4iGjtzNbBIs2e3rpO/OBYJKYbgt5FwonwffkENvAsT4L11fCRX2/XJTPnPe4tvfi/IxvcZ30ur2OCOm0VKQSKZZ9GyrznFhxtSG3wI7K7uW4d/xjrAr/OvNOQ43/xC0d3vnU38DXiQ+MG88FIPEOvKyt5qfnne2GtQb8mXcCGKA+273u6gdwc+r1WQKj+3U17ujxnWnvSlOTyOoQwAF8QO3/f7mHm4FTRrbs2LMkSDweZHpPFyC4rddCT82wdkxLLaCfzyqKBeeUkNo4P0H5xh4nX/CGjCw5yhfIy085Y45TyH6wjxNlNAgvKnM4KVNbDapN0XCkaenYZDazxMIRCYhTq6HdFlQPncTBvCdzZFK0yUqavyWVPAxbOQn21QsClgE+QXXSYua68p7sGHdYLOXhVDFHU=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:03:30,221 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:03:30,221 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110330Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_8db0d8f68b78475b82e961416918d6628b49d6a|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_30a952853ab107407746e3ed6793170c|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|rsanchez@samltest.id|_0dc63d1c637e5d8a5ca252aa41264ad8|
2022-08-09 11:05:21,336 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'Rick'
2022-08-09 11:05:21,336 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user Rick
2022-08-09 11:05:21,336 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1163537788::identifier=Rick, context=org.apache.velocity.VelocityContext@6148bb93]
2022-08-09 11:05:21,356 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1163537788::identifier=Rick, context=org.apache.velocity.VelocityContext@6148bb93]
2022-08-09 11:05:21,358 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'Rick' succeeded
2022-08-09 11:05:21,358 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:05:21,358 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:05:21,358 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'Rick'
2022-08-09 11:05:21,358 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'Rick'
2022-08-09 11:05:21,358 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:05:21,359 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal Rick
2022-08-09 11:05:21,359 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session eaa44a90641da31f1c891e3a3aaab5fa87fc981234d41f22565368b2ee076986 for principal Rick
2022-08-09 11:05:21,359 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session eaa44a90641da31f1c891e3a3aaab5fa87fc981234d41f22565368b2ee076986
2022-08-09 11:05:21,359 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=Rick)
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:05:21,365 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@337d783b'
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'Rick:https://stage.tedu.app'
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'Rick:https://stage.tedu.app'
2022-08-09 11:05:21,369 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'Rick:https://stage.tedu.app'
2022-08-09 11:05:21,370 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:21,370 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'Rick'
2022-08-09 11:05:21,370 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'Rick'
2022-08-09 11:05:21,370 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:05:21,370 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'stage.tedu.app'
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:05:21,622 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:05:23,937 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:05:23,937 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:05:23,937 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T110523Z|https://stage.tedu.app|AttributeReleaseConsent|Rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'Rick:https://stage.tedu.app'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'Rick:_key_idx'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=Rick:https://stage.tedu.app, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579123938}'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'Rick:_key_idx'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'Rick:_key_idx'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'Rick:https://stage.tedu.app'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[Rick:https://stage.tedu.app]' as '["Rick:https://stage.tedu.app"]'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@337d783b'
2022-08-09 11:05:23,938 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:23,938 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:05:23,939 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:05:23,940 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:05:23,940 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _a72dde902d32ce56400461133f012208
2022-08-09 11:05:23,940 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _a72dde902d32ce56400461133f012208 to Response _8a23d73c8c33e84ffd97ee68af8f78c8
2022-08-09 11:05:23,940 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _a72dde902d32ce56400461133f012208
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:05:23,941 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-08-09 11:05:23,948 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:05:23,948 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxk6Wczc+qv9UVK+YqFpKTLsXXyKcgVeH3e1vvRsGaUOT2HoyFttir/h2ktO9fa7RD0CH5KYg5QL+WnbQzHk7YHyj0Fgsc6OhDUriwcBiFeXb0KrG+aw8/2i8= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 212.131.135.131
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _48eeff2f8ff9ec1f218e6987d8d309da
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://stage.tedu.app/Shibboleth.sso/SAML2/POST
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _a72dde902d32ce56400461133f012208
2022-08-09 11:05:23,948 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _a72dde902d32ce56400461133f012208 did not already contain Conditions, one was added
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:10:23.938Z, to Assertion _a72dde902d32ce56400461133f012208
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _a72dde902d32ce56400461133f012208 already contained Conditions, nothing was done
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _a72dde902d32ce56400461133f012208 already contained Conditions, nothing was done
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://stage.tedu.app as an Audience of the AudienceRestriction
2022-08-09 11:05:23,949 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _a72dde902d32ce56400461133f012208
2022-08-09 11:05:23,950 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://stage.tedu.app to existing session eaa44a90641da31f1c891e3a3aaab5fa87fc981234d41f22565368b2ee076986
2022-08-09 11:05:23,950 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://stage.tedu.app in session eaa44a90641da31f1c891e3a3aaab5fa87fc981234d41f22565368b2ee076986
2022-08-09 11:05:23,950 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:05:23,950 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://stage.tedu.app and key AAdzZWNyZXQxk6Wczc+qv9UVK+YqFpKTLsXXyKcgVeH3e1vvRsGaUOT2HoyFttir/h2ktO9fa7RD0CH5KYg5QL+WnbQzHk7YHyj0Fgsc6OhDUriwcBiFeXb0KrG+aw8/2i8=
2022-08-09 11:05:23,950 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:05:23,950 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:05:23,951 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:05:23,951 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_8a23d73c8c33e84ffd97ee68af8f78c8"
    InResponseTo="_48eeff2f8ff9ec1f218e6987d8d309da"
    IssueInstant="2022-08-09T11:05:23.938Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_a72dde902d32ce56400461133f012208"
        IssueInstant="2022-08-09T11:05:23.938Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://stage.tedu.app" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxk6Wczc+qv9UVK+YqFpKTLsXXyKcgVeH3e1vvRsGaUOT2HoyFttir/h2ktO9fa7RD0CH5KYg5QL+WnbQzHk7YHyj0Fgsc6OhDUriwcBiFeXb0KrG+aw8/2i8=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="212.131.135.131"
                    InResponseTo="_48eeff2f8ff9ec1f218e6987d8d309da"
                    NotOnOrAfter="2022-08-09T11:10:23.948Z" Recipient="https://stage.tedu.app/Shibboleth.sso/SAML2/POST"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:05:23.938Z" NotOnOrAfter="2022-08-09T11:10:23.938Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://stage.tedu.app</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:05:21.358Z" SessionIndex="_ec6b4bfee0290058d47f071762e4a4e3">
            <saml2:SubjectLocality Address="212.131.135.131"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:05:23,953 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://stage.tedu.app/Shibboleth.sso/SAML2/POST
2022-08-09 11:05:23,953 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://stage.tedu.app/Shibboleth.sso/SAML2/POST
2022-08-09 11:05:23,953 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_8a23d73c8c33e84ffd97ee68af8f78c8"
2022-08-09 11:05:23,953 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _8a23d73c8c33e84ffd97ee68af8f78c8 and Element was [saml2p:Response: null]
2022-08-09 11:05:23,953 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_8a23d73c8c33e84ffd97ee68af8f78c8"
2022-08-09 11:05:23,953 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _8a23d73c8c33e84ffd97ee68af8f78c8 and Element was [saml2p:Response: null]
2022-08-09 11:05:23,955 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:05:23,955 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://stage.tedu.app/Shibboleth.sso/SAML2/POST' with encoded value 'https&#x3a;&#x2f;&#x2f;stage.tedu.app&#x2f;Shibboleth.sso&#x2f;SAML2&#x2f;POST'
2022-08-09 11:05:23,955 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:05:23,955 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'ss:mem:85e85ac76adc7a696d2ffda7348846ca3fb402e4d371fae8be200354fe34c680', encoded as 'ss&#x3a;mem&#x3a;85e85ac76adc7a696d2ffda7348846ca3fb402e4d371fae8be200354fe34c680'
2022-08-09 11:05:23,959 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://stage.tedu.app/Shibboleth.sso/SAML2/POST"
    ID="_8a23d73c8c33e84ffd97ee68af8f78c8"
    InResponseTo="_48eeff2f8ff9ec1f218e6987d8d309da"
    IssueInstant="2022-08-09T11:05:23.938Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
            <ds:Reference URI="#_8a23d73c8c33e84ffd97ee68af8f78c8">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
                <ds:DigestValue>hwFXKRR2I4hvJiPOQlHA/y8pirE7YgODXR6FskmY3TFGTxEOGzAiBmdRi4GluAyzvGVFym2Zf6VOvRW0n6b9kw==</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>jEMWgd7K+ggrwfniKJa+Qf4+kF3+ml8k3VseigdtE4nUfvTxkwEZJIIlVwPjxJDT2jX0BaaghBwemDSBwl0LclRBcVtOd/jV7XVnOlhyy6CuHL+UYI3kDvQV2g79RWhNlp/lo19BnjOTT/qi5JKcLKdPTcUVK7YumZPQAzufY5pp9fPvoiwQIAwJlD0UoQjTXQWEz0g3ejZzhAns0QAMOa5hchXz8h+YjJ7UN0NuPhXen3/gE2TTJLFG79G/J6b7WzTPpZQAFebSnt4bi3xSJlhfuWR1mFm0YVQyO6yX8Nr8notwnylKhvzy0a2Yz23zzET68zuim5Xkei+OjuQ84Q==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_48c84220093a53a791f3ab260c93fac2"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_fc6ba76df890db55b84fda8aa4690763"
                    Recipient="https://stage.tedu.app" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                        <xenc11:MGF
                            Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJALqKG89SeSxjMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNVBAMTDGRldi50
ZWR1LmFwcDAeFw0yMTA5MDExNDI3MjhaFw0zMTA4MzAxNDI3MjhaMBcxFTATBgNVBAMTDGRldi50
ZWR1LmFwcDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKD1Idjgq3kklyB9807SmtLO
JCX+zozDADEK/UOrbvvn0gRzEtrIUfqV81bsFs4phkBklhV3Xt46wcqBq03vAuDQ7vKFGdgnPqPD
iHkQCT3wGaBl/d8gXQcRm1z4QUONupdI4QhYgrwAXTXNsIl5Rl204qpFH2kPNRtdM8alMWBgoVem
PF0WrERaUG3ZRl2o6vlNc5NnD9aM5ZYiNnmLlvBA+Swt+enn6aKPDVGsd/nnQbNpIMzrRZB/n+Xb
69YmUmdXPjuzql64iC+VmYV2FNHfsWogzWPXYOOSPJqtDeGja/P9XIwKtPeQvxshV0vh7etYW6ak
vAZuYtSRWC/BrJV2ufnN5/CatjkH63JsDfWH9rUdq9hFri/qBLDu87yD2oGxpPYThyifzi/DSqXg
3A6IGKokyq1dt3WY2VYmznZDAQ4GMxfVYnwQwD/p5bfRROmZfBeeVzKJRp3Qz8XxmuVU48jYAR6P
3bInNL/I3RawtdqaVLObMwe/LQ6a6C1acQIDAQABozowODAXBgNVHREEEDAOggxkZXYudGVkdS5h
cHAwHQYDVR0OBBYEFF9ilqcJfXP4S2EkUYIEouAyWBJgMA0GCSqGSIb3DQEBCwUAA4IBgQBcosln
iJBCQgK15WLgfikeGsIvIAzzLaQafGb4kUope+gHh50OPpsR7Rz85rSbKlAXtRyzCHZ3X9frFuII
x6dKGukcmv2bsD+xXn9gAUKif8OhL7p4ImkGxi97Ucb/By5CvuNj4Ko+OhH+aR4iUU0Pgvidt6P1
b9S8LlZmswGY0Vi53Ec1geUtxcoq9cguRwenaWMy0qfJf/x77Ygo3IuR6PPJhd443iEkSxegUfYr
1HLBLrLG1z9g6JoIFod+n8WxON5RdnjLTgzVePzrovPtJUTH3zDdyoXO0iTvGOPRJr0tr226JJDL
CUzj65xFSA2PLjt9SaX5jxxydZN/MDz7uEc44GIdtivpdt6VZ/W5AwgW/HwafLhDkHw1BWl5rh7Z
2tAs15/vQc88DXyKaxvc0kc3nL7h/9zvhT73qWmabbFV4efTjUgilBmmmHwiKS5iv2IL0XYRwVdg
hBsLD8r6bjGOwg21ifBurxzOKPMTlq5EjWr1VHmWAxMK3xx+Us0=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>SGbARdbz5Z/CWMaBeWMjXV9aDDM6JS8Yu/nxsve7a0NVsnBbaki2dSIPqj4CCPCJuwND/4r4C+nmNVEiOmr0vM2lhEPRJtEPc7Kx+Gw2jlXtf5/Uc1A5DkUxfONBCemeot/x7VEn+H+emGzh2nhC/LeMaWIDUpi5k4ZsNNjJKu8YI7FZ6ZBrJdPcCX3zt2wJroNlEikOlwjtiiNlwUlwH1xjdlX4pNi+qCA4Blun9ugEAG2TUPvMaG3dVeOcXG9rEdYYnwlssBGFhVw70evFf8AGBwvs2GNTl52jcAWOnMEuXmhHxCU76Q030J9dlKBfM+OjVIzvtS6ArefEd5wLipUT1o4C/cgBRS5nG/6BtkCUPZr9oZBfdw3ECRqvU6y/iCOuPXkuBDYg8EzfTd98w06u0QHKXooTcRKc12Dshlf8Ic+fReuu1xXy2hhFROWk5399Vi8ser8K9nHsuRNnsOuA8FeHrjNSRk+yVAtxmAQxisZhsj8R7CUN5hM2NPen</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>wZr7cOmMBMuzPn2x1j35xFFfLWX5csjCNsuOSR1Elk1cf6K8jG8NsthTvhwPdS1AGEGNx/vh8oVzQYMZznx6ilgL1MbbMZ2n0011KNVA0YOyIhZpXg323Huf9naum6jIBGoFUDTvzvksom+d3MlgKzCU5t8UWRkHc3dyoNK4rUlBxjbB8rdo9yZrtuCO1nrVw5+eJJ6kT23dSXHBFBcQuyTuoKGmUqwrpCfmkKpA0RUM0nI7To5trPWEqg4UisLPxUUU+xpqU8noHCdyEDbGoweWXbgYPTdlmO1vomMj6RIVZeoYcdGeeDZvZGYfitG2vpkra/7ia/YwjiCoDOL/DGg0JFdF1B/ieD4UjyAc+kLd7dPmSZHsc3xq+CqpDfp0r5kAWYoRhwzpK16nkm/IrK7w+qVOpzVbpXuq/r+u9iD5TlMl7GwIE/u8x8om3HHed2ALUp+huN+JX0YOHxZbYR9q0L7QHShBVn/b6FL2wolPJu4OSLR/CFP8g2Q53CXQz+CDmnwEUI7HImmRQDrnI8caHDcOm/gO15Cj9KtrjxVlsGTOf8ZOPmaiBLvNxyCaup9GiiyW8M44sYKbHqhcCCPp2pGckg9VNzI8mwLDCdMXNhkpHSANZUgomWf/BgyNn6X/pce+ErTYxUxmnegeKYbCbZL4SdX1ukVeGu78R9CEJtSCi5YpiqmlVjajt/nMLf6/Z23DJonVLQsojsuEDvghn6iSGWyVwMWN7XpHbA0dlRkg2vlDdz2ValA4NJfsmcJATL7cgMhTDx8Pt9f12KagnZVvCwYK3T9T81ag58/BetuT3mTD8zcGiT8Y9ThWRnjA/GpfiAcgLWIWFCcEpa5WV4eZByJD5JD/TRyQJTX9pEu7bDuDF4IFVgRVCqM42NWi7CpCbyoUTZSwZNYu6a8ueZo8r2LnpZlfLa/LKxlbh43yy/FhMijfLX+Tx1Hhlq3qB1sOBhe4TXaQ84HO4bLyke2zepRTcNJT59jMVVdIKWH6CpXMELlqyFJG/DnLLlw+ATOUxJL6ZYPr8lDx/gozrsvmrk17JZaDvtOqiyq+YOXKMEr0axxmJ/fvAv5vBGxCCPL9x9G26VjQQure84CVF+mMTzQGkvGOr1GLAo3uSgvIgxlemrSSC0YI4QxysavRUYo1aTPnlM/vHc3wWs+MZiBN7rtqgR5JYsLMCbH2LPWo3eyB2oTWCB55RabsE0ffJCMb2F4DTRKa3w/Rj4f7EFX1xvUhOfARepDlo+e+mlU5fV8WT4/P0ItqljTEmnSfJ8IsAzt9+DthWhsXkIermAHuVMT3x75iOtibDTUYwv00Dzjft3HoV9NRUMnVVFbQ8HCCGuUU5QPV8hJJhFALTH1igwxUdgkTkHxDvtW9Eb1DrZ9R6BwSNwHI6zdUO9ZZwUQxvsuH71NC77uS6u90Y78372oy3vIbrQfEJ7u0hIUeMfsQF7xPREpQ/w93iq71PtvM9tU/Ci9NGvdPJYchmBExWSTUpkQrY3x0a8MKQTzm7V0QZ28lrRIRlE0l4rmQtP0xQRdr9D6Jk4U9PAjoOgMpzWwp/GQN1E20oJF3OypWjGYu1E54Vz2OyNKofhNcRDZPY5gfq+KiGPcEDH5sRVEDEMb2lBlD0JskW46Nu/kCFKABU3l5xuqz/V/3ZNkYuO68VJlIT7HrYXXKRBhuudNHwRfijHuGpQff19Q1vKh9/7gKLCOaDAp7oUOd1vW8K/veeeaIg9Zs69eVI1D3VPiWF81rUD+nnpf5dgWk5fgZBGcD9ywRl0YX0v9gzZ9itJxgsf0aSU9szzzaPrI9wCQtsdAoXwx08HoUuuDd4KDmxTRNU4xyy+Xoc/owiOYJr7CJWtoPaSuDuJS080uH0MGJxqWRdSuSuT+6/MOAP4E4NDnBWfKO9oKGj9LfEaaVn7QXDqKqbhiVKbikMaHGOl8RM2X12LcujHkXd7ASRmznuWsHWuxKHliBE4VrKWt39PD8A9Q1LsHh0gumThPZPjNXxPMbRbSURlIX+4nskuntKJvzd+rJyS7FgcMCTSt2Mj7pnC6Kajwf03EPNhRUm4lXJRWNInk/vwFyQ6FF+MPTRcKXZbpote9pdxN9+pwXb6ACcbgRKZK4gorYOmgwIH+7sk8nY3maYulyYi2m1GjZ5eHvWl7pSl/8nUCIq8EJGDTV0XP373FYOOm/t0GiolOrwMHuCeN2JaznOKSPakqFTyhl1x3vcah1Adl5jIu0bY/07c9jjEzjBxQBgLgkKV+J305k2a//H0QWGOHgLZIfLcd4lSPmrss3SKwJ4NzIOF0cif8eOPg41/KnD36Hg1GvcMP9kZqQ59cC9y3MkWoF/oJc/mdeGBRAIQWrs/Lq3dVQnpUb1D+ymx6sLcvak7pCC1L09cNVT5JGbHEeLxD7+Tt7vmIj07yYat+bpI1TF0uTFdfOgaOTtSGU8892y1PcREnd4sDNKQgXWUmIJ8xd8uWC9LCr10Rcn8c/7ixKGOkRbU1Y9wMx8K36ycrdnjtK/z326VAAct3ikqaCnryjaGx7yr2RizTXPw0rOgKAhlbSaE0AimcT08HzMJV9/MJI4cDe6omlEg63Vbjbge8XcHtIxZ71cRqZB3EQL5E2qQylUvemskxngeLBEcT05GCCTA3//e0Ji3XMgBiwA32O7HRGaTQmRJ3ZoyHI0TDFvptJXZ6hp7Zk1l/8SA3mxui8SUwq0t0XH0fFl6vXtXaY58cJyJQYrYMUJOiSxWBDn2OV53BckqiRnBlOLs37RlOV5HLf+ibq9HJILtP5MqYnEfWnZ1AKsqJOnkLEOKkSPRhK96c4IsR71UetZS2r1FSrSGnx00xCf8BygEVkGZHt8P9JppVBzDJ7SHcIAwIZfyihW476RW7p8L+Ju62sbqiYnXSksE0ybtv5QZtL/gvP5bLBcI+/HhmBThotPJFKzrMfjytxvNinp5l0fwR3PyCErlYvfQQIXiciPUbdKrxvHarQcxSp+nBoRD5joeJXJ3FGmWu6VLNnJNyDhW8Q8rMVcmcG5XY5e7p0AAEsiTQ3EPnVGxMX1CfGQ0LLBdeas0nEh2p1eC5QoajJAnIXd8d435H+bWsmBt0vIG/kJ2uKQin9DEDRFW1LIqN/FMMfVBtHrP3yqspN42HjMoMj8B5ZgopZlQU0ZtUIBe5gvxrrh1bcEd+TYK/YOr4SGGhABRUWqKrqQzynIFmZ3p4xBvWtdRxtfMJbbA1hPFl92VgXjQ9He93kNYo3eR/bEE0f+tzARqDw8vFHlM+oJdHOeYtVgToX/PIs27/XgR9jNzqk6IV4SJI3autx/BT16/huY5487xvSGCqAgpTAGJFZ68aWUjRirL+SNPE2srnLIfqsLcILcMi4xH04Z8++zGjiZucxLq3QY8urU5rHFARa9jnntfYSWIj9IGfT0cIvxtUck1Kn6WBI1+Lb8ISmIvrT17nGezjvzcboqdshGJSycZh2srSHifNDcL9Yfdwl9RMKRD0R96OMTYj4rMngQT3JMyPbEZpH0W/aGNiDsOkP0MhWsrJVsOIYwca8Zd64OK3FKmjx0a86+SDbzsMdXlJyn/luZi4ovP9spCe12ZQpbRFJauaQ16tquKmPdd7YGpdoivueyOWMzCUW4TOp0HVcYypMMhzhgOCGSApjhfx602zIiQu0Sjda3GECFaGz7nS1xqdP3BzbaLxl2tU6MacQ5FNCVeVOvY2pmbQqeS1cPvhOo5ZVwYeJwvESjnIlKm5woHy/66Tlz2CgCsR1DycgNu9X3E06vkBG80y70fSrU4lhepK0mw9fMgJyDH4NRjKrQeObHHjCivD1+zU/fUxv+lpO4nesKAKZNUZWtWJLYGjzfzHD0djWAW55R1SuvYDczcPHe3RVIlMVQqRvedpfy9BRbXW8IpHGffEyjLsvWVJ6pDc5OGIyXM/8ASghTeADvUsrsP23ehynhJBdPv2jP6LG0ZXneIuKnoHQIwTTstvIlg0tqjbMrpeQ/dwLlzgkj91uDvM3kcDr0pXHREt8nI1HPNb3W/M1RNDsTV/6vPtV0Jgm3zBUePOVgQIx0iiWqS/dhHffk3kYFMIK8bRRRACz2X7Q4fxNv0eF9MXbJsOIlIf0KoCEb/UlgeAu4LyWgrinU9gmxCc5yBZJvaiWW/r4BlWe6ZlT9qSg+6QkbCDHnJagJoxSKIyRXDGkFN4qjFjwSh0d+eIXUAfBoyxzpGDSp3xvNrFNCQO6NPwZpHg49qDkapfaZEr+InNeDe0mTDZhWxaKFbds6QW8WeCqgjjaTTWAdK1XzT4kl7BsW/tgoo/UNWeHYMO7j75osVTi29iUIIKvfFMu4aXsR/LY4VvyGE6nFvbF65m+z/FOp9qRtdEQmdi6LwNGXllOIbul3/UB0saF+ZpMumkkROzq3Gf7/XYQUugwoRWMVtDNcoJnUQ5u77rwrcVAuU95xGmoKV9eaTP1Gpe59BNktRb2EX4SSxnLrstbTAaIMg4KC0aFPlnIL8o+BAnR8a2VfUSyyXCI88b8vFQJxuQKk87cmKj/bg3PIN/Unomv6i5B8L9OHVnSApMmxQWDAKlBJUb62F6faauFPbOnEmlTlxHWr76W3pOV6VuinOrdV/gcfPiLhnwaZYQL5fNwqZ8GIM+89fvyp0mZmmPuabqFokOE3qi8/udv8KDdyNVM1KkrWOdoYZ2hThUlythptAuE1gF/0KPPROfK0MGE8dNIED7SFdpKpBtD11ignGBO3HE95DuhD7XhdG8l/vineqzLcmfN8SLMN7WO21mtfsFVuDx3MIDSviuIydOms13EL08hiPSNXuUSMEUWERHulZVpuKDZP37tEFoFMvVFtf594Et1eTGBlwiM/7fkL2oeE+qY9FNdlzg4hzn8CJHqn9WPqfh6LmXHIL2yAuqpi9tQh/kEg1i1DVIRqEFJTQypOGs6Nut0bhRNV+hBXspUJ75tccEUNROFuqcqSAJGILwgevx8N4HYo/Va4YB1W0ZNBgjgiXVtTvT4Hav/u7kg8fRtKKXuIMBxDR7GLMkoSRSEroiT8gjRPGN309t/2kKd2ezseOaMJT8E8LkyFP3P</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:05:23,959 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:05:23,959 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110523Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_48eeff2f8ff9ec1f218e6987d8d309da|https://stage.tedu.app|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_8a23d73c8c33e84ffd97ee68af8f78c8|Rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxk6Wczc+qv9UVK+YqFpKTLsXXyKcgVeH3e1vvRsGaUOT2HoyFttir/h2ktO9fa7RD0CH5KYg5QL+WnbQzHk7YHyj0Fgsc6OhDUriwcBiFeXb0KrG+aw8/2i8=|_a72dde902d32ce56400461133f012208|
2022-08-09 11:05:45,595 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:45,595 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:05:45,595 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:05:45,596 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_38753b3c1b9943ba95e2f5e953243a708a14725"
    IsPassive="false" IssueInstant="2022-08-09T11:05:52.443Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_38753b3c1b9943ba95e2f5e953243a708a14725">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>rltx2delRmRcZv6SAYjOMF30YLP+wOJbBv4skzODUjM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
JRTDTIFeOi3+8NvS/23eVZOz6pwg5z1kxsIqxFu3aqPRJzGfPGhA4oKrNhW0BXYve0fbViKb83E9&#xd;
52iWXh9yF5jRE6eywxGtHaTl3r8ode+4jXO+mUC/1PdE0bx8nEiqboqiaDWSdgOF6GW8TkxwK/bp&#xd;
K0wXrL7GCC/reoEtXqN8Ld7qiCp2UI5G/pjLCnelD6Fa8/t7rCu4CQoV1gVnLrHd9Es/HXIMCbTA&#xd;
fkgfDC8IQ5zveu+aFYScMM0/4DWJRazr38CLmCOnIVFPxdB9dtke6+V55uHRQNqhFHXzy8m9neHn&#xd;
mxYwA/jxCsTol4xV2yVuf8+f3PUX4tz7GWZpLg==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:05:45,606 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' from origin source
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:05:45,606 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:05:45,606 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:45,607 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:45,607 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:05:45,607 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:05:45,607 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:05:45,607 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:05:45,607 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_38753b3c1b9943ba95e2f5e953243a708a14725', issue instant '2022-08-09T11:05:52.443Z', entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 29392041739316831879909492263420809618356180272706027652343679098016282364414745216536632236600099715481081529744647645524003605122510817186315887517802452912643799162132870623358634804138327500912458001247256725586583530153692971849689848886777937538189618258798059356709972927743814711999393727110032489973264689064077963688570016506826594214907457503424024951351469455588099097161329401211827643012675421693008670801375297917537559379804376187770338075916115969654848155346928965046567907849079265565736568268190945123584854744386448963767726504663579103653226620589261606418333687915975781431485708245812900729641
  public exponent: 65537
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_38753b3c1b9943ba95e2f5e953243a708a14725"
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _38753b3c1b9943ba95e2f5e953243a708a14725 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_38753b3c1b9943ba95e2f5e953243a708a14725"
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _38753b3c1b9943ba95e2f5e953243a708a14725 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_38753b3c1b9943ba95e2f5e953243a708a14725"
2022-08-09 11:05:45,608 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:05:45,608 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:05:45,609 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:05:45,609 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:05:45,609 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:05:45,609 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:05:45,610 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:05:45,610 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:05:45,610 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:05:45,610 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:05:45,610 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:05:45,610 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:05:45,616 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:05:45,616 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:05:45.616Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:05:45,617 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:05:45,617 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:05:45,617 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:05:45,618 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:05:45,681 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:05:45,681 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:05:45,681 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:05:49,458 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:05:49,458 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:05:49,458 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1842124711::identifier=rick, context=org.apache.velocity.VelocityContext@36d46f8f]
2022-08-09 11:05:49,471 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1842124711::identifier=rick, context=org.apache.velocity.VelocityContext@36d46f8f]
2022-08-09 11:05:49,472 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:05:49,472 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:05:49,472 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 8e52cf755e0eb300314c269b342e14ff29e48cdfa04f1021e540df878a8c7fed for principal rick
2022-08-09 11:05:49,473 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 8e52cf755e0eb300314c269b342e14ff29e48cdfa04f1021e540df878a8c7fed
2022-08-09 11:05:49,474 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:05:49,475 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:05:49,479 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:49,479 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:05:49,479 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4995a7a4'
2022-08-09 11:05:49,480 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:49,480 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:49,480 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:49,480 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:49,482 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:49,482 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:05:49,482 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:05:49,483 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:05:49,483 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:05:49,545 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:05:59,516 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:05:59,517 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:05:59,517 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T110559Z|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579159528}'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient]' as '["rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"]'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@4995a7a4'
2022-08-09 11:05:59,528 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:05:59,528 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:05:59,529 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:05:59,530 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _d08e5d8e65e155be7e4db06dfcd44ef7
2022-08-09 11:05:59,530 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _d08e5d8e65e155be7e4db06dfcd44ef7 to Response _c17a92de8f97a60eddd1932e9521ff5c
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _d08e5d8e65e155be7e4db06dfcd44ef7
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:05:59,530 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:05:59,532 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:05:59,532 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:05:59,532 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Checking for source attribute mail
2022-08-09 11:05:59,532 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Generating NameID from String-valued attribute mail
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID rsanchez@samltest.id with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.77.23.3
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _38753b3c1b9943ba95e2f5e953243a708a14725
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:05:59,532 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _d08e5d8e65e155be7e4db06dfcd44ef7
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _d08e5d8e65e155be7e4db06dfcd44ef7 did not already contain Conditions, one was added
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:10:59.528Z, to Assertion _d08e5d8e65e155be7e4db06dfcd44ef7
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _d08e5d8e65e155be7e4db06dfcd44ef7 already contained Conditions, nothing was done
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _d08e5d8e65e155be7e4db06dfcd44ef7 already contained Conditions, nothing was done
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient as an Audience of the AudienceRestriction
2022-08-09 11:05:59,533 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _d08e5d8e65e155be7e4db06dfcd44ef7
2022-08-09 11:05:59,534 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient to existing session 8e52cf755e0eb300314c269b342e14ff29e48cdfa04f1021e540df878a8c7fed
2022-08-09 11:05:59,534 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient in session 8e52cf755e0eb300314c269b342e14ff29e48cdfa04f1021e540df878a8c7fed
2022-08-09 11:05:59,534 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:05:59,534 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient and key rsanchez@samltest.id
2022-08-09 11:05:59,534 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:05:59,535 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:05:59,535 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d08e5d8e65e155be7e4db06dfcd44ef7"
2022-08-09 11:05:59,535 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d08e5d8e65e155be7e4db06dfcd44ef7 and Element was [saml2:Assertion: null]
2022-08-09 11:05:59,535 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_d08e5d8e65e155be7e4db06dfcd44ef7"
2022-08-09 11:05:59,535 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _d08e5d8e65e155be7e4db06dfcd44ef7 and Element was [saml2:Assertion: null]
2022-08-09 11:05:59,538 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_c17a92de8f97a60eddd1932e9521ff5c"
    InResponseTo="_38753b3c1b9943ba95e2f5e953243a708a14725"
    IssueInstant="2022-08-09T11:05:59.528Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_d08e5d8e65e155be7e4db06dfcd44ef7"
        IssueInstant="2022-08-09T11:05:59.528Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_d08e5d8e65e155be7e4db06dfcd44ef7">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>LSbrBenRXj/FHLrDoCuSeHG7pTpP2AEiruHIxYhK/cQ=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>b5ZMaqxJX3X+thZ82ureTAMRyzCS6dtXsQtYph+7J1BbWt5ZB2ucKZ7wY203MrNoOHC6kv0aNssC6OupRtpzkYpuuumBwNlDvu4qgsw0JLoKrbM+9hF0CgiqLvFLFk8xs5PmWqlwg5+ahPKtY5WKiAujftt/b7yQL5IgnXxncNmfLubSinWkE7s7QwvuZ3CxVU6EqyDpRkTSxw0QWsAfmxkj1QHxUH6ifyLWVB27DqoY5QoHBYVAIp0GAmjV8Wfk1GNWZDbkPYmm9CpJ1eiX3iFS6WtUE1ron7SsnbkjwPgwWrHwWfY5wPoCH/PAKo0zZEvceZQ5sXi4C3ids4z0GA==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">rsanchez@samltest.id</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.77.23.3"
                    InResponseTo="_38753b3c1b9943ba95e2f5e953243a708a14725"
                    NotOnOrAfter="2022-08-09T11:10:59.532Z" Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:05:59.528Z" NotOnOrAfter="2022-08-09T11:10:59.528Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:05:49.472Z" SessionIndex="_de57c2c3a73537085af3b60b6c2bdd6d">
            <saml2:SubjectLocality Address="40.77.23.3"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:05:59,542 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:59,542 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:05:59,542 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_c17a92de8f97a60eddd1932e9521ff5c"
2022-08-09 11:05:59,542 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _c17a92de8f97a60eddd1932e9521ff5c and Element was [saml2p:Response: null]
2022-08-09 11:05:59,542 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_c17a92de8f97a60eddd1932e9521ff5c"
2022-08-09 11:05:59,542 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _c17a92de8f97a60eddd1932e9521ff5c and Element was [saml2p:Response: null]
2022-08-09 11:05:59,544 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:05:59,544 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' with encoded value 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:05:59,544 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:05:59,545 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient', encoded as 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:05:59,547 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    ID="_c17a92de8f97a60eddd1932e9521ff5c"
    InResponseTo="_38753b3c1b9943ba95e2f5e953243a708a14725"
    IssueInstant="2022-08-09T11:05:59.528Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_c17a92de8f97a60eddd1932e9521ff5c">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>+OEcB3EQqqnnF/Tp++WEKeQW+C4OdK7IRimNsZCAql0=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>A2dA+XURGApHBVbm+yEQV7CYtXT9UBWaVKMeF6PDtqxFHhb9oG4CEjE9mxpQtggl21rR6O1N8RHaLfvV6K7Xg0RzSqhhs2at2+oipc+E0RjjzrrL0Y/FK2dU8hS1unrgkdB+Qhc2oorHJdZnPxgUJwHV8JSureQq5/xiU0rtXkPzkPOQRkODLy65Dr8L/c/4nILsyfrJR7nPRFHmQpQSgGCpE+I9guJ6Oe4h6mcojFZC+qnfjL1HfUt3LImsduI0G6KgNwvz7mAbVdB4pX1J+arPmDNAOSvyK5JSoYf/LrG70X0DCl4CakdvVcD0lXDxbIBza22TAbtlVKPbt8rZ3g==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_7f9048e6373bfc73b85ed7345e7eba35"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_24c1ec8b57638279fb55ed5268557122"
                    Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>rsE/MVg9cZlZf9N82OTct3CTQ163mT75DVzKXXTvgOusOxh3U5+8ByC/b+NXDxq6JN3i6DOAeAYNJwGtVJD1t3i+3mB5Su7BVqpuWGFXkGMIIkBUa0nOzqGWR50ZSrH5Zzinml33fHHL5AcYOPb7AQr5GgN1FaYoHnrexPOQUph+Xje+11F1H1NzUvwml0oKikZFxZtq95iajI9HgzJ3tTUFRRe4pRhC4vzMmzUAnrmvVh1JOjLg3YqNuvKDaQhrAG3hdbR5wyr67pu6b5XumkqPpjvAvw2qXYBYZggpYpKu4pC798+1hkHtIG0bxBOnSt/l32tDclXkyF5zHAJHFQ==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>nCj9xCX5sCd19YeaAhkoIWXW1b3QrpmHkaKpo80hxhCCUem10IB8o3oIEW9L9vKwa7uK3fA047J/dTMgqOAu75iVfLHivMRDgUxRY1vDS9l4gSBOHhVUyl+yUPCfYk3kgVH4bMeI+ZC39UI+YgVF3iSdtfbzTRvbMbc7Hj/Jv0pqekM8xhsPZbFN432evqMoljRtBItYd+BiRcnAjb9p3tp0BXQNklAl1R8QdEOIU2LGkXTJ4Uyjmqfw2B22u7Cpnm5kENIzrYhk0sdZiBPQe0nLiju1so2PIxHhDw9kEp34DnNJymA4DVXlxtQ5oAcP7SG5JtetnZ5nJIuwFM5TKc3lE8bxUsdTj892w9N3DuvMQ+vTNYUQd7ko8hAzi+L8/tsxZxrep0kaO9/YNTXojMirMGlTfQ8Bk5nI/fPYsTiIBw4fht86zk8fPR9C15R65Jl/vE71awxod3uKqfVVD542RojsgML+nMCLwrIJQVauc7NJRHJcD7b9XHFSZNk+XW+d903uyNNd4oq+/CxlMepNlRjBUiKZCemH+dGQxif06LoXbg5EwZO3oGLEPczvl70AVLGWro421br9V9Cfj3pLrq7QQdayD4NnxEtoNuxWrl5/Od/65+kmXp6t/5QiTN1LOy8mIJLvkDtyX6Bk6Ktw2WZ1crg7hxpBjbAw07tKzjeNv8mKAWPVw9m+0byUM07jFwbAJbZvcpLZaFe3/j1z4WlK9L7maLd3RBvEMw/JBYBofWEWVYXVspok3CV/RwlGIzGB2GnnvUUCxhK2JkTk2bGHOSEd/LdgD+mfpHbb4mlOWBd5e3okupb8UpWH+ArP4ADrec82oOO9v5XlkdUm2NE0j/vRMvdRC26iFbutttF+b7lRmBDNeP9Y9rDLKXV3Mo2DwOY5EQ9KYa7AlJJc5R68JJfG5kxwd9qXkG5F+RUkQIG6jNtejC3mwkAuizPFBObSJ+eWrS08oEo1AJXWRIP+9ngx9kXGTadLPaSRiv9ygr1nL7WuA6Xgj6f6/eRj30RodZ/Szeedgba1YIQZhlfxli8VrxkVnEDvYbvwwQrsSQLLn5yB47/lGcKLB7cyKa3NFZSxgwmFdu81fBZKBkF6skoJJ1vxzdVFJHCS2whaMvKmrABCLCtWcKGg4Sq/rfWF4l5WMvPVFS440joXqgWaQOGbocDdntSTu179Oth6km5MhWxdgdlqmPyE4amnEkuAyQ958Cw21JdyA4/+lrRZ0fknxcB72LBgLiQ6PasIksFQEjtpqNeU43UCEOnGH9OPhV5vzY1tjpgvbHtllmQouomMnk8kj0vMMb/KaS7RkRWGhDSZl4O4Y6dNzxW7Ec/RQ58YcOq43kUcs024WoaMUs7DILB7b1ur8NLCUnXDBW1tkoT5uUiU6Zn/xCEHBzFPDnM480sH1zDPpn4ngdpYsURj5S9lG49tjlyWcAHFUkMHdTsseG56Vc2niDVSZnIPXfaFyGQ8wDitsgnrpXEjmDOggQXVFVj5KzY5k5uMCjjDa+/Jz479Ppi8XHc5Uaj/R6PRkyblXNllGxqnJv1vxDaMYK5MQ0ffJ7SdkRSfeFAwgCa/YhPYG53WX3hWPYmaYAd3kiyQbE2vw5JaycEl3TAMHM1biC8XbX+PlDcIO8KoNsf9EjMYj4deEXHxSoqiMGg+ukNcUnChD82g0mEk3fn7COv/0uISspDeWDY86Tj/aJcRibz6Q45FsIv1JUMSGyKI25oZg053JSzWzXE9T0NZfTAT51iWLFrg+RSTHvyBTyz3yoWVmp1ZNg2bSxCrrW9l/T30aKyowpulQZ//POop336Uu2oFVXtPTMpfMhizeuM683JveZBJ8EkhCON9bN7SkOyNzCoEXZ/t0w5HKgNGMzEvAI3jYMVRrJD1Peqjn5iK69jkjlBPz46tgE4Dpq/V8v11pReZSSnDD7r7wh/v8PLHpMu0kSPg23hfUWcE1tJsAqay3OY3RB962ZOlHPJCVfhfYCGA59Ep+Ugd6nlAPn4kO0RjYnncoNs6rZ4zwF+X+FVCUi+7SMKOLZo7TxEDHDuibJSJh8qgQ/9H4UeIYuwpkw6HNhH8S+BqgKM5u2BJ2w9DvwFfDQyLr7xuzRt+oe89upC8FaVAjNQblxeRB6I084yQNRGWE1/K3L/nCvXmCB6gVdHV8/lxDZfffYqQTkiojhuxLWf95CVZaSZV28gS+h6/N2vmifAjn+giaJRGR1qsnXPGWdvFtcNS0QECe2/MPpFANz+1XF8+4/fF8xBh4Af5SeFRf/qDFJlfidPuCGNlpn3rBRyLSC3yInn1snmGxcqtwTDqbqCmMtJVcpTWmxU1BcC2foZELt2lVYR1bw/KONLLMhk7RxkEvwrX+fOp35UOpsihOP/U9oMhFDlOjRFmMMz87Jou8HPrYRHFe6hDqvPQe/j+6b1DAX/OVSdRpt7IOphGxFBqF+MEhlYFj3jjzSZBopS5bQxdrOYgr60qThSv0K57z0wY0BO8biffzqK3ikdBFcQHFhe9FgfwXtmh4e/9z9Udd+pqIDbVukmAsXjSsUPs5YqXZCETMtjtAJA3LmHQbQs5J3qVF04OWPaFbiJaUNm9WKQGoI6E3FvEdxF0NecRAsIY8Z4TfEbJHHfkRkKhALshK0ewyRWn41HQPBWiwV6qesJv7FgGyO8BOC9OGhIQgr5ZCEmYkZXV149ln8nxDmvY65RQHwwoD2dmyRGBu8NhTvRCny1MAzhmmMEGENCkt0voD2czaASvDWt5Y2yG/0s73vsLLvYvJCWcVb5F4GmqwPPrbctTj+ZAsEC/bzjoZTDz6YI/Vz9pn+beccdQuehjSAuobvNJcWut1s7LXueyU+mpf+y12GGmchcn4F29QjaCU5mpgGYf+zo5hNaf5T7FRTqqECN8fJ3P5hsTXAPVLohl0m+oe93BjVf6fjr7hhZFkfd4fy9m+WPgB+nF9HvMFa2/Ktz860wZsxtOnWhNwllJQ2ukMQMdDRUNcyuWyhYYZTqkoeBmq49tkSAaczrlKzXR+8F7y+fv+c4+MaiFGxCdEbFPaYLlkiXLD+qhFUpkBE+D8lw5+fFU2EMrFk7eSduAyJqYVmwaHrdNpErnfVduvMAGGFcmwJGttBYw0Qa0oBcmcmY642cFLSBozJlGU1amv0+tM050gEYeqYGSaPklHgqFM0UOz05OXxI4CxdbjQ84HUqweO02gkPwWLkuorU0FN2yGVVz3r2P8CnNUR3u2P49Cq3zQplVG17R22EtDBK64tlur03oK3oESrhKMLdA1RYJX75r++ll/Y8sIE7owY4u+WqgoEXhBEuUJ2/glHWRx1jH+J6Sa2Ku1DYZIixSrgrmspvFEJoDR95dTyOEqfroVGzCtz9aH8yAoz1gX8laX6GiKuGnYsmpxJUoYPU7U0vthaO/C1F41QKoBs+LtCz1FBhEj0dG/H4LyaIcg8HfQ2L1Tc4MxIDjKoL1DOUTEoTgsJ1Q5AYJg73cpXJ9Fa/1vUhnSzmI6Y/YrlHtwYQSFelwY53sEyvDdpnOlOqJY6uZnoBuHLSxazOrwGWRvWDJx3+iA+uQrYZDtfCZ2cdY7qXIypXuo3O9ydHk1gA8sE3dRo8FgHt70oQzwNxLywg+krCWiZjGdbAOieeKgdqC4cdY2+97NnJD+hl/l3q7kNaxESloVYTNXzwUnvjrvn+VAlHs239tzZylp6UUM+Y9iozjqQQZv7brngUYLkepEwoBJynZ7V0YsyN1eSjamR9qjm/BK2LDCiAZ4F+aLE60+XI1iEnEfpgo/BGDpQYmqWqzNnuLMYMOzlf8oz7trgY5OK5lezbX32PWlxs6qkGjBCGnFsJBFvSP8y7l3D0TZkoscmc5Z4voXKSZdIZ2cJKt3Ue+ndR6YqrZxCtTgpJ5pSzVKbNsR8z1opcgXJgPy0gAaDk7dUtYZ0o1F2NAcO5gpdPKUpZT85MQ+7yjUt6YVILDNYPm73tmJKo30w0yXNx+8in8bAWbsfdhWn4al4RTfp2GJ4WBN4d3JPJ9G4NHZaihStcTR/F953W+ew4BVXiQkyFPC0zwaUMa80K7ntLkOui2zayTOx3LAQ4guGhGsxJcFGtGFcqbsQ/20PONyT9bFGXkpTIQsO0nypIqae0gLv5eh0LsLH6yMhd0ixcJgW3g2l484LUciVzRbndk9I4ztcj0Z/BrF3df6c31XmNpNCw3OajFOP2jrWtEQdeyiffS8tgFRzb1lttxC6HRXJEZ15ECHPTkW6lELjYh/QXXWSC7AJ8+qDwPyx5+uLGaEoGzwQ7htx1OURUxtiUXpgDtCEA73ks1goi965Oo/o6YSEpFh482pnWyNL1hshMFXuu88M2FzgQQKctpxDXuZ85j5V+ZIErJaMz6psuVnuX9axNUOoTSP+L708xgW2jyVqcD2Dih425VnX0Jvi6pl55hlgf9CaKpnqKRYjS8RUOhAnn8Fp/LHDAZucgT/0uXpVsbeb+xTrkHO2ZIp9E8+HHchCconLoGrv1V78uidNnTHeUn/b86xdNn7MEiBGxgQmn+AJph/j6uZIWmd+lNQRcPb+p9Q0ANN5Tad1Ehmkb3cFkXBBCWdUqEgH0x7ubYFNRRgHGEEU+fCJa94VbGk+JvByl2a78gC1Avyf+xCIInBT/dk58uWYI87wC5L7Y1q6j3RMTC9xK/uZWkVB9jPgxOgC/Xb5Z3yK1w2hMXtnODZ1q5ij6WKKudNFSsFeZpkuELwKvYrN54m5RuUdCyaaSubtZtB7QD+B5u+uVfzJaeCjUkLZVqLf0R9cPgsKl6ighrQPt5mzMt2i6l1ZXLvGZUs197vdRwwiFL36Y5hU5IK6iaT0YMQJxNiQAk20dWfYeBBFZZPSYlOipFjh/WKy+mqcPtGHLwP4t96RIRUy2rzu82vt8L3EXlANCfPNZuUD5l9ottn3ZttWKgHQoA2nLP9/T26Whk9CDtP/UG8ZYJ+5GT4uIAc9rVlHilrYwLgBw1Lap+ntwzWvAr8f07N2OUYZFAbrrxNeUK3/s0bZ9FsjdCNR07mnN4kHd9B5fJl5Dho7cfmXES+O0PvcIyqvNaj6NYbgUxMCK0qfxGg1v2qzNBMXDqI8IqFyKNiB0LNlG7hkDZyWTyC9qQ0fS4pzUbKIjzOuZ0BOZwNNLpwo1SPSOM0CLAtHFJcV3GUjTgT4LToUwffldfIv8UhXnBx8Kk2VhiObtmV8Ko+ZZ0lA5Y0BBq+TLS43y0RrheSDBy/XdqRC5B40RQdG6hFrMnxv1lEIKOpVgoMmk1zc38TKMtUCsted/lNoaOLgnXz62NygKy8EEUTHo6xdKQNbkCYq5HsimWMW3AZIQNT6TgNNnnCGMBYuuhkSVRu2X2OsfH8WfsiF+tgzqqNkou02e1OI4oEYMu/RQ/4DTcAJGV5PtgBDsu+e5XdIDyXGlVV+Xnr3EkZ5zLFB0BEsJU4fc91hV2Bg6hGXR8DGHduxWSnQCg8QBr/my1RsSvBCnZw00XjvK7IRIXxL4dh19JaEfWXmc2JDwiURYK7fxsH0rjfnSSkKv/arN7ChHjI/oS/vFNFnSdYDrbKAXl2EZt5EPdOQ7y8J3Nd1Go0xH7UF3sMw65KmWOHE50S5lRVEKPERNIQteDWBD1EzL+NdPs94PiUzgENnrKka7bGKcYBjzOAhE5dI2ldl0pvvajrySQxV49l8i7XsZ9yZiEf4wYhN7Y8XdC6qWcZaLgU/BFaH9zGmzSMQBJ3OLXX+Kday5dmFa901C/VOVV8WUl/N+iuMGpwH7jZz5XO9ZT8Egj2op8jaZOTXsEtaZRBbrf834bWpTifB9aTyoh2gF4sQoDCBixLcaghfmuldLDrsyOgxYgjLPcJA2BHByRCBicMTKcKs6elYB+IMPhWiyybTUwex+k951vGfqR2PC+QjFQ1sXIyV1NW/QhuZJYbiDp7qGuJxSrjcVx2yM/ENCf2tm4KWvJkWIm7UblDVLPcL0J37OOdnwoWlJPG3aEJA9a+xxuU3we5ntFIYAPvP1aUSm4+67W/N75g9+3jRORsDyDmbABBbIfPVDHulsLcgt0OrtM0rV1zb3oWncLMi9WlINQ138e8ZWsvtn/nkX/9duv80y4j9ZyLHgEyn2jDxTtMANfl5XJRV+TtWACwWXQf36/HujOPDDVpkGHUL+VHc/NDZaOaInnoQDIoPGXBc76LjBlLpF7EJwoTN9DEvUuJKqkulr3KwjVD+jlw3UOmX4gkbMHVRzx2+/aJ7mA0YQlXpQwuCtdvVZn5RP2vbhdQZ33mNZIiD6028+W3QdMtPEOJDQbB2KUmS+jc00cK7bcer5d33ay+zRNpZidXqccKX/D0SVXp2XDSmCgQNGb3EM0d+vjyal9FAaw9OtA6m7EBKZRiRAIW1t0xlOZ2LyynyDIJRsTzfGBuPhHIabYz+NUe6ZAIEOjbj694zh50K5z2fieCHEcSHuYMcEB3tMDDMrQQ535RgjEu8sDWoojXcsNhuDETMl/x+mdJFS4/o/MkD7TTsf6cY6ve55r2KZQHTrpr+GJe9kYplWmQORIIQTIuh1zjw564m6ih3imDmDQ/IgbwasiMIkmGNdeXoTziqAsQeq3E6NtgR5DEnIh2BCjnaYQ7yrugZiVK9uigmQymQvZy4Ju8V1l3spRnU8VihUVj484W5lw5pZlPYYEF729tNvYb7tYeZIgtzYOU/pMmsMMaQTJlRFlHvDzA4IMFjYM8R5NdeWMaEDm5BDCTR6H38LMD1/gSRzLkr5Ls65VWXOlKaO6ms/uVUjzBySPG3pqTQP6Rw1QsmsAKOsFU2+IHsHEAEBLnVaMVZTun8OzEJ2ouHSUPWTfbiJbMwZ9gxbo1BR9fem4iitfCuE4vdzY8oqk2FmwAqDFXdpVd0bpXBdafuQkRh2eXu7NWuq98dOVZ/prE4Bh9BG5TDyFRJCffdMA169TOwSO1uq4u7pOcLzu7OL4O34TkPzx0cUlLwCcbeIIvjmgYlgns32jGNBtFH0/qgY4vJuGZZGd2KpPt7b911qzpmVTuw59tYmq/61V4IFe86y7SDWVhPWDtClT8amRzaP+mIXJzGwl/X0NxvBjepuT0RuWnj1bXeJ7NoixMIsCSJ7PjWpu3p+TPKUcMflcSWXgboQyQoaI4QZwEwQQV0wjqtX2AANH11tIRw4NrRjXESv4u4QQadU1TxCR3Z4rCOJqM53HFOCZnpYXt2JiknZ7QUPM02guF38ZfshF9sZYFrRdl5PLvjPoS+M3KLKYyjwrD232Fk5ukdWWcqHpaSic3Ufodpcls2Lx1gGMN8Ql1lMFJ61Pck9fN30vESNYCe/WVBY1+6We9VicF9sJGY62m4YxbbuTJg9pkXAnOM358pJ8EnwmlltBhou61YHn3Xu8dkSGQ+/3fkr0l5GzOayVhXpgWnpX1bprviv2wG55az0G0OSCs6oVj07/lxIo/54z731tZE63uGCT63U/IgJwzgk0gHEm8RfKlhuMeZBgZGQvuS4iEkDSSy9S77l9q39JCw0ycAGJq2mzZ9Gb5Lx65F7SW3dSd0c2F5GuNeMLetOJcLzoLFJEz6EskAN4C/0V1Tkz2Lvw82WsYlMKMywAMF9TI8iZpGViIm5hvEdvW1YhP/uAlqQ+1DHn6P7QciljmKfCyTodTzfZZN57RFop5X0XjBLcmIwBEVEem02rBKXFHh9hWwVyRKswwDjeTMQqzHs3BiNOeQIdewpsMqsmlEl0jJTEvhgQRdMvSiPxZ6TMd+oHHj3K/XsI+S9u/aZdxwSQQZD7AS7xaTXHij6rKp/BKjeGAyw87a7hit/+6VMJM3eZGmMgs9nwT3eqygcGWhGH2yT0B4CchYWINSZ3taDns02hmVlTbPevQIFBWNvHaEDu74MrWwvOd/jEVJr/3puqQ6TFYayRQIseCtyYA48UTbfhbU9bL1y36lxcYeyDMr6+689lXXc91CCZQmUNLwHw/BD5D7tQd/a5vanud1HSL7a0PBcHDfSqSRYGExfYFEfF9WnF0OXI4AsRinqjx7BTWXG2XbrN6oD5O+eCk6vzJ5YnIFLAEhnwk4VGlc/PVqpLWKvf5vwFA+ATYJIDtnGO5Qu5/23qTQVIgxFYaOTlWoSQGQRbJFof7vJvaPwkaLTy66dKrrXCBrd7M6lA4rueZuAv56i6kfDvPgg5mbB+bcu73GrfW2+hx/DKW96Fx2K344U=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:05:59,547 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:05:59,554 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110559Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_38753b3c1b9943ba95e2f5e953243a708a14725|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_c17a92de8f97a60eddd1932e9521ff5c|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|rsanchez@samltest.id|_d08e5d8e65e155be7e4db06dfcd44ef7|
2022-08-09 11:07:00,870 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:00,870 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:07:00,870 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:07:00,870 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_5072d9fa61094e8b801f12059fdc90243ffd0d6"
    IsPassive="false" IssueInstant="2022-08-09T11:07:07.712Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_5072d9fa61094e8b801f12059fdc90243ffd0d6">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>yAx8L/Mvpu8L6FeykdH1TODzon9S/DdOgbfekHDSacs=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
wM75sXqz3A3iVYHGf6NgDs9d7ivDsyRz5Xx6o3yZZ50JtM1qgKftMGVDXwVKrZprnUpcWBYRPoVn&#xd;
Wt0IYpa7E4mfHuJEP5gavfQkNDs88ni8/+MWNihQb7TCgYbwfDi8BAZoKXP+d5ylEWYLEFM4/hOh&#xd;
afODp8exQWgjPScblFm9NY8wqrcgB+ZCgxVKNtl2V7HqXu9kCKsYeoKdjIXAFFop+fmpItx9467q&#xd;
M7MLyyZgmyqehCE9XwV0k8SWLeSFTPFvgSKW0zG3VJfgZVtDBElkyexMKCJDYwmgoz7oWXSkDD2u&#xd;
PWZhJGJK3LiimFhlDtAlW2cqbwacQs9ttSjbRQ==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:07:00,893 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' from origin source
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:07:00,893 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:07:00,893 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:00,894 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_5072d9fa61094e8b801f12059fdc90243ffd0d6', issue instant '2022-08-09T11:07:07.712Z', entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:07:00,895 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:07:00,895 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:07:00,895 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:07:00,895 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 29392041739316831879909492263420809618356180272706027652343679098016282364414745216536632236600099715481081529744647645524003605122510817186315887517802452912643799162132870623358634804138327500912458001247256725586583530153692971849689848886777937538189618258798059356709972927743814711999393727110032489973264689064077963688570016506826594214907457503424024951351469455588099097161329401211827643012675421693008670801375297917537559379804376187770338075916115969654848155346928965046567907849079265565736568268190945123584854744386448963767726504663579103653226620589261606418333687915975781431485708245812900729641
  public exponent: 65537
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_5072d9fa61094e8b801f12059fdc90243ffd0d6"
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _5072d9fa61094e8b801f12059fdc90243ffd0d6 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_5072d9fa61094e8b801f12059fdc90243ffd0d6"
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _5072d9fa61094e8b801f12059fdc90243ffd0d6 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_5072d9fa61094e8b801f12059fdc90243ffd0d6"
2022-08-09 11:07:00,896 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:07:00,896 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:07:00,896 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:07:00,896 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:07:00,897 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:07:00,897 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:07:00,912 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:07:00,912 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:07:00.912Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:07:00,912 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:07:00,913 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:07:00,976 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:07:00,976 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:07:00,976 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:07:06,675 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:07:06,675 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:07:06,675 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1606569498::identifier=rick, context=org.apache.velocity.VelocityContext@2fbd0232]
2022-08-09 11:07:06,694 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1606569498::identifier=rick, context=org.apache.velocity.VelocityContext@2fbd0232]
2022-08-09 11:07:06,698 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session c5471c6f5ec33a839e44425be340be7269b1e2e28339fd9d3e4fec7c94c88e0f for principal rick
2022-08-09 11:07:06,698 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session c5471c6f5ec33a839e44425be340be7269b1e2e28339fd9d3e4fec7c94c88e0f
2022-08-09 11:07:06,700 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:07:06,703 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:07:06,704 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:07:06,705 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:07:06,705 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:07:06,705 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1263a728'
2022-08-09 11:07:06,707 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:07:06,707 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:06,707 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:06,707 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:06,708 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:07:06,709 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:07:06,709 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:07:06,709 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:07:06,709 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:07:06,772 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:07:09,131 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T110709Z|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579229131}'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient]' as '["rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"]'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@1263a728'
2022-08-09 11:07:09,131 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:07:09,131 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:07:09,132 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:07:09,133 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:07:09,133 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _f4869c63cc2aa20167fe90ebb879148e
2022-08-09 11:07:09,133 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _f4869c63cc2aa20167fe90ebb879148e to Response _65a795e03bfd350ca973b439380fd9c8
2022-08-09 11:07:09,133 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _f4869c63cc2aa20167fe90ebb879148e
2022-08-09 11:07:09,133 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:07:09,133 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:07:09,133 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Checking for source attribute mail
2022-08-09 11:07:09,134 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Generating NameID from String-valued attribute mail
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID rsanchez@samltest.id with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.77.23.3
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _5072d9fa61094e8b801f12059fdc90243ffd0d6
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:07:09,134 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _f4869c63cc2aa20167fe90ebb879148e
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _f4869c63cc2aa20167fe90ebb879148e did not already contain Conditions, one was added
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:12:09.131Z, to Assertion _f4869c63cc2aa20167fe90ebb879148e
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _f4869c63cc2aa20167fe90ebb879148e already contained Conditions, nothing was done
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _f4869c63cc2aa20167fe90ebb879148e already contained Conditions, nothing was done
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient as an Audience of the AudienceRestriction
2022-08-09 11:07:09,135 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _f4869c63cc2aa20167fe90ebb879148e
2022-08-09 11:07:09,136 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient to existing session c5471c6f5ec33a839e44425be340be7269b1e2e28339fd9d3e4fec7c94c88e0f
2022-08-09 11:07:09,136 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient in session c5471c6f5ec33a839e44425be340be7269b1e2e28339fd9d3e4fec7c94c88e0f
2022-08-09 11:07:09,136 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:07:09,136 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient and key rsanchez@samltest.id
2022-08-09 11:07:09,136 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:07:09,136 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:07:09,137 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_f4869c63cc2aa20167fe90ebb879148e"
2022-08-09 11:07:09,137 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _f4869c63cc2aa20167fe90ebb879148e and Element was [saml2:Assertion: null]
2022-08-09 11:07:09,137 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_f4869c63cc2aa20167fe90ebb879148e"
2022-08-09 11:07:09,137 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _f4869c63cc2aa20167fe90ebb879148e and Element was [saml2:Assertion: null]
2022-08-09 11:07:09,139 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_65a795e03bfd350ca973b439380fd9c8"
    InResponseTo="_5072d9fa61094e8b801f12059fdc90243ffd0d6"
    IssueInstant="2022-08-09T11:07:09.131Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_f4869c63cc2aa20167fe90ebb879148e"
        IssueInstant="2022-08-09T11:07:09.131Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_f4869c63cc2aa20167fe90ebb879148e">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>cXEsIulvUtNBwKXAKhzbXVJwXivbPBOTxeB9h0Fco1I=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>U5SCqAXb8iI4UOUWuUTSYJdcOC7A5OvB4NkURv3R1lBtUgtCyyLM4ZN57C5K17tscON0pm1ANc1vq3D9O1p3XZuFWZ1oBy2ADo30ufwktA0+zO/vGP9ltaKp/kFYB1WeXknzdQjTWrzGkQ9ST4nXXux2ATyzCaXw2LHvvpZqvgNbN26u+jcF0uesVdbHHBObCp9iAWbAM4hJgEgMJUK1F2th8G58Tk/+rKCTHxjMvuZOZi4Iqnlk2L6LCCzrjEZB5FWk61cD36Zlkf2pcuAtniGXDpF8WT6XXYlwjeUG6KoyfcRthaeNe2N152RqgeWzaq9MbvSAhQ3cIa/d2vvfmg==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">rsanchez@samltest.id</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.77.23.3"
                    InResponseTo="_5072d9fa61094e8b801f12059fdc90243ffd0d6"
                    NotOnOrAfter="2022-08-09T11:12:09.134Z" Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:07:09.131Z" NotOnOrAfter="2022-08-09T11:12:09.131Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:07:06.698Z" SessionIndex="_0f081e3372242d19a3785162ff8562a9">
            <saml2:SubjectLocality Address="40.77.23.3"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:07:09,141 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:09,141 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:07:09,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_65a795e03bfd350ca973b439380fd9c8"
2022-08-09 11:07:09,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _65a795e03bfd350ca973b439380fd9c8 and Element was [saml2p:Response: null]
2022-08-09 11:07:09,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_65a795e03bfd350ca973b439380fd9c8"
2022-08-09 11:07:09,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _65a795e03bfd350ca973b439380fd9c8 and Element was [saml2p:Response: null]
2022-08-09 11:07:09,143 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:07:09,143 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' with encoded value 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:07:09,143 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:07:09,144 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient', encoded as 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:07:09,146 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    ID="_65a795e03bfd350ca973b439380fd9c8"
    InResponseTo="_5072d9fa61094e8b801f12059fdc90243ffd0d6"
    IssueInstant="2022-08-09T11:07:09.131Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_65a795e03bfd350ca973b439380fd9c8">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>RqP0XQciaJp0mgNtEGhrI0nwIEtZJvqITYk9l7W6cFk=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>MIFC8s+c62HBmpp64pJD6fw3Wfwiv4/tEKOvLp8fJjbij29ZPOiiaUsF4Qyq6paDwIK2Q4DOUzS8eI992zOl0dIvrUDcn7T1UPHw089W+6rABKBM+XGczij6TIGwjLzsSIKD8ryKV++AjSI8WnUD6ko4Mt5txH1IctjNO1C0SEWYYxwuoFvsIOUAQe0kyy4d3A9kN2Gk+T0Jwh9P2hIxjN4LmYZIPvB8BBdImzbggbL1h2IaQqi3Ab3jdCXiMEJ1GSTyejNcOfQDL1j2DzaK69OmeHF83CJlyFDnVi3vXXEJhdjBuYgWlHvKqml27ZqmxojbYtqsKn21oqzslSVoVA==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_4c3a3122732153c12db079fbbb404688"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_1cfbe1b1c447ba3fc72668f4e8b530dd"
                    Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>w/zgblGHRxBLIk7Z5RfVnSOMDJdiTViJQV1la9ffNZPADFcEVg+dZh6V+hXtCe2UuhQoSAOuWSxPz2v2Xyj0kzsSVxjndQbT0BPiH4gohIbHdT1u+NVJogk9pWZEXPMb9mi38Oxfm3WbS5gxjjOlr7rH6d1b5N+KwvtLPw0tWkpwkfusvLydE9yww+A6saTFIJ53qePN8yRMVGQ3L1XFJDlQaztVlDVyIh5VzkNAkDoEc2mx8T1UDn6FVUG/mugcCDP7XiHcqK1W1MyGJzG1O4wmlFbIzrIEDYovgVFpps/JsUa1s/mqreqHE1I0ivb9k1ENSC1NRCGsiLwGdt0N9w==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>RtEHkwLjTm3cFWEHxAhWDRjoIrdkrk2OmR51VkipG/E4hFloDMLv05muKdol68bfft7eaP97ybQ0Nbb7DgBP2CFTI6UxU10LEKZE/zssrF65j/o8ef4Mve4dHQmKaYhrW1/JgWl11U9CQ73n/ZkggVk/g+Fwq9GPhJAUSwVnrcR3ZKYy/xMr+2Fvh2/CWfb77OdXPMS5fce8qMbUiZ0aeCUB0bwIhqAULhuTn5+7jOavNCudhkNRsU+XqabjGpVJv2wXkLfBNMqKITkLLGzmsSpA1sQLOFOkubw8CtMwjhiol4b9t8MWxGeUY6qReY+xSPJ8JuKOhoLj0UVws4d4jpeNBHB2QjojnVBf3HsCX816CJ4X5LmhScq9/8Nrc4osAfzWOHCLCQBmPtg5L45dd6RMwbvGuyvE7zWkQ5oJF5gds/xoWptuM5AjGQ3gzRJnmM2EH9brs60PLH3iIcEFbipANcn9xSXW5FzL+8cS1eZYsScjfiEGWmeppn3xVhZZsF7zp8CaPtgKIVDKv5jRDzsHH9LTcTenmC/ieofz/5nWMi8440ftGiViulNmYnCA6FsUptFEaD5D+XHGt2juS7J/Z5/gSvxnUyXzKUhiVIAfda0o9w0GoDaRtib0dYsKAFc0LwHrk3ST/R5wUyScaS1vm+EGwi42UBSz+kUhmPjeu+blyZy6Bi/2QAbYIu6kM1dO3FapIy0elc1DaaAswDbQgcJHhhIClsjtCnxI4hnnFI8GlG3l8meBrxRIr+Wh0+p8sXWcyiD1dgyVW5olt6dDQRxZgHbIZXELnYpQiW3TyWQ7kj8mw9X2gIUGBWWamTkd6LjgBV7BaYoxlcsX7dC5zkKxw0fwUp05EaOsIoNWK2dYdGxovVyweq4aGlaG1o/phACWNSt95eQF3obHJSI2smvqbW7nuVvUWE8gXqb0bt7SHzWyQxzU8jfVnrcI8vguStVEZQP7Cu6wYhQGOUwq8KmsWJVKV9+QfpCLlfLKI7ThlGTJeWWKt6boie0pF/NK0KSIPAAWP0r7tO8XrPm2rAOeSloljYJ3+qecOS1Ak0hWLrHGgaQ0qSAmvGDAEj7DlZZaVT24RU75Op5AH/zTrxXV4LdvP9IJBBpPvQfwmQVhBwKlS8mtNrNZ3xU9VZEGGTlzqcESzpQc2sG6UWnhWKcA+BIlVkSyXAZK2NKXUNui9Eh6tDRrcPE8Xe0l8G17BRKy8isStA1SRcDyRi/8j+EX5nal2eDEqwBWf7o8UTNv1H5zCjf2foDUZb8Ay/ukF1M8E36DawhdctwPvyqJY6W2uX61n8U2cagC4BqMqGRBcTQRNH6WnZycGFm5n871tMcLbtgsNvFSr4XBhBRNP+/tP6+32p70qaMoXVNgcFJiZzzw5+1Fp8fb2vgVSsoRQM4phqtUVfyYZHGMd2dlPzJxYu6Qt5+UJC63EmUMGiGwdUNCIUCfvnGWy81R3H3/4utmdECLT3NLcGfjE8Gbv66NrSypADQ36UAUu42nOKZk4frN1hnTNSX16SwtymPcO5VJ+PCC3k9ENxBi07Ed6yBfhkiNUdaUy4i+nIts4JQio6nr9DFvdZ7ZGKY/5vkP8wCTgSeMUymfrReJhi7nWOLdbk58x8xgcpFzdtfhljuuh+Yaudz4wKi3r9L6kNYVAYbNPe6piwJZoxghXqlVYYm4/2Bg85nrm9gp/ilf6BsSUrfEz4tFtLTR1l2Yt2wiqYVp4c70Gs4OdAzBBcxgT5WuXwbZBCTiNd4skGh/QmuJ57X9Qx1CjJyvkkS+dQuRBE8Gg6Bp5GUNctMmCXyLaPTZ0pSqYeuXvuK0n3wHKBvHI0ym0tw1xWtPvlKTKNWL1lkQsQmmGeLgm72HNtHpo/28peiKjhhS1pg698GEE1WWRTDnVfBQy48d3eTJYQCrqNjQ8qNLNuWru6Fd65IT9sBKQp5QyMIbM0Sf0FRzl2RF8ZaQ8uDv2Vusa9P0N3ecmwhz2Tep378uETVuMz+CJzoA9A+SP5IVldHz/kMdwPa7mxrjDxC5u27fJXYzcaVwTUh5Oou1UQ7YPVCKgZGqJQyVLBi0Fh8L2n/l1brm0CdtGe2r6Uw8Xy6976CUYRlIcVX9BS3WUyomdgR37c25xNXshenp6eO4XHNc1eDZrdBhtdaiAyf7HweHtHzPsPAAhMfPyWmv57vuVe5l3uygwyEM5wW4NgDHyoT2tQJWY+R0xGLf3ZrKK9YsMAk2BZ5IJvdlCJDs3uRdebuOEHibm1aMVBfWzFVpZkNPfFVol/59m1nMcbGugAC7XYisaoyYcLUuu222yNI+uthaK3ztNR82DY1Ux0nPhM1ciTtH9gFFH14L57b9OlPrqj2f7Nrgmyy1wbclyx25/xCOWjeYcu1Y0A7xNq9P7hgeUZ5k2/ICpJs8xn1dWnx4hqRDRF7YTl4ZS0eOvZwskv6BEkEE3/d+JF9NGv1apZCcEGZWDPH5ee0UHEkeyH+uMUDCNcTo2nZLhp/DQ1gNLezR0xJaf0BDK51eCq7pTLk+HBg/phjuSPLvb7uKOTFg/p8cRuiBkJFWc0pK/E1W7dIveMcZqzl74TZB1bNwvZob+t6qVxlElBhulMR9K4P2fZgobmXkoU8Py9kbaLITpcnu4mnNKKYrBOmh6Z5fZmrpFuSvtt2kpfmwZGQGRq0cxJC4J0bdr+dc5gNt7QAd/ibd+ZEXxISW1n17jqCeZa9L/Hy9nok10zGnVzny6ijJ1EiSA63ouJh4quEH/fQDXyzpB7jLGeH6E/Tejdt92z+kXdwggH2Dw2nKYbdL3tYTEyUUaHjXCaqKzpEykVsxgOqlRLDinKyT5rnGDOQJJoNrTbztOrzkrajhNxlhGy9+qgBAS2VnEFnSy7a+qI4PKVWcGPSwqEWcaGhE35fyk2gl+L23I17spO0JKQl3RNqAPoOPlp+H5Hl7XWYrvUD9waY3sG/roAfP7UU3RQjbun2KTRll+lutgd3PV/GYBPMs1BCTCpz8imlbarFYqUKOa6quVILHlgASBvBdhg4BJtmy2YP281xJCufMuXxL/Svk7buI72faKlT4QhNqyoEU+6HBkUVY0BiacbpE7jsS/CsZuNXDBb1+Oen3qj/2/xcOTLBsYbi117uBKQIvckY1ucp/HSakBVY8RTZQEqJH1VWM/yt4Q85hv59kbYvLbB91Avu6UB1t0a6wvUR5PuP0IEmv+V1c3HD1H2unA7gPufR30XJCqyFKJMJ6vikRpUi14ggrPnuErBuZpST4WA3Ww8tb8Ag0vYtfPPi9Mj3tunQAqgIns7SO/3pJx/l+PyoOm3l1JoDzmlpB4dyViTCIcOtSWmX9qw6TdKPI4+zrGQviLDHVIaBWUIx3XGTL4dLLCnDKbeL4oF3voP1E6T4R0RO9UQTLw6jcjG5d+dZEL72vJ4lO5UGSqzzXn9wV1F1oqtxE7wY23bI8k/MBHkxVVzg30I/6wuhIztqfO1FapsXKJTHUQVBWTGHM5LAXru+wxPs4HiLGUNcLUHdS3u8oERJ9oMJFdkFFeyAMAiHsiZqm9iW+V4MF2ciL8BkaZBgNCMkm+DME0Iyf1yIXez/vjHbXl2fTRNfhWKPQ1R1JiKb2S5EwSKR7+6UagSD1EKLd5tQ/3g+9ZSuDsYTaKXU5YHGymz/LAT848B3vM3eBeTdEMEkZN4mZc8TW92eB7Pjx5mIsJoOIlEgzNmaNT4OUscMBHUvpiiwlh14z5tENB2z0/On2job0RGJ/2oiS4DINtwK+ZgfcTNzVLCALT+pHlacP9ZF/xGI0a62R6LOnxstSpjpSTk/mZcmQ6FCs9TD5TWEjhlAn64LFV1l8jQ542x9IS2TqSOsyFZspGTBdYCLCYXIz9NuROoF+ig2HPa1zMD30hkqQ9PDnW1nEXHh8bhpnMlQup+GwXrgmibokrY4VUevufifhLnNv/ZiIdefwNluWN/3/ohIhnZZGZQS0/j3keRar1EERODm3b5Gm+fcCQpocWTAwzgM15Otk8oZf2zD8Wy8Pul7q4ZglAZmO/AB68MUp9fYrJrRkzUiimlvz+jxM3zr0aipiFBuOPbHnl0ygkMNl3k6NOtYi58dQ5l1GuOce16fodLIitm5zVReZgqiVXGN5jqTMKxm3vOCu7c3wuTWqEFTwN1HLtWRrtJi9HfKkksQot77dq5IxphzIWUxHVkJ1xPWuLYTcAiHVrXOgL1ddHZQnU1uDAGP1xOwsnFp/LUAmOzS+vHujJHEhIUnkUPklj8A5a3kXo0AekghqOnCA0I+K50ZEEeHktG4Jd71XB0obfieUTW/WHIX97qGi+clu3KdDwVpP6HwaD5++Ks6Iajjtpguo7wPK7vrAGXM3+UK6UgyhGxBKABSJdOLkFfg/sH/uZMByXmR9oYfRpJfdDwoCC0wX4mIfMTx5s/UI17nMgq5WgCeCSLP1cb4uRZS0/61Jx9sc0oYpJ6dmPtLks1m4Qi7hTbpRE4PRKMJNWVjTaaKQLfG+ooo/Hsq6hxHh0kInT0IsgviwvT0rkiwO5RmWAq8fW7PC+ke8uRX4xQrQ3+0OwfyTrY3Lq8AMsQNm3DeE1Pg9nPPlFLcoWhWUtdZCSowEQ19GkDHtN/vZn8S0xD6viuFGDFNipOEa6t7z8fYruScXU58vZm3CUJKYFJ6cUr5mrmfdAUHqKSoUke16C14ewe94AcmfDLNHTINZl62WAtBvU5PRlngq720h8nKYfxzW2Fs5ka/mbQ8i6cL7Bp90BldU9y3Ie8LiVSMES6Kxtl9lNsTrLM0VYEt/WHUqDb6pKWgsvHUERR41RRQMjB4eVi8hteISgLdN/6gkdUjbUzOskJx0wFxILtm0HNas7+K5QWEBrn8h5Ot9JkbVgEYpYFXj53LchshIXLJBHbB8lmuzx84h3M4xCLjSLnJQBEWb2//tKF1o3VpA6erq/Y7ZZ55AZHtCGp5E8EfSKFqkRDk2ggNwLmvli/OoYReU3dYgaNc0p6ewUaLzl3lDMh58aeLqn01Yj1hwMVUBFe2MYiZEjx53fhCB868LKvD9K5+S2/ILwsh3Ba0V6ml174rifEPEDyblCBp3NJv9scJ2pxl2L8Mkf5/cTWufOzgwN2fFC7TP97Qo/m7ZHBPEn8Vgis/CyDE61UkxX7iZrptPFOyvO9aznsQzeM4BR1zdjWIKDJXsfToyII774E/fBPcy6rY+d/RkKpIoapFO4Gs85JUgOyR2RqXqK5E0YICOz/VBUncGGamu8aNqevi2IWgstXbURnPuhJnsMpX72/A3eoS88o5yfmIk4jwYi9MgsvjnmqkBIqDgm4ULHmh3xkvOTfNHTcO1pFAMlFfB0TPTojsmJTrzU+dwxh/JS3PDAbfqVJDqsv/jxZxYv5IuVgsEq+smHh3h2ilerUXaXRI0pc/q2g8UOT74gqFuDCTdtu0p0sC7JMV487/tkFpZrIj3ZMB1aPFWwyMBFcEQnWcvpYS1YERyAFQR6YfwrgxmBnmwM5IDjQEqw+MFwg1UARayCypSuuFcopaz3JzEp/UTFS+d2gSKrgShqDF3nhNGbOwP9O2ufAbBrHxkJT8H75P66hm4nZxKC28eQiceJ7JJ9xgZSbH2Dcx8K0qGgBS7UpiwiXF5isusWRpSwSZvs2J+Doc6iDAGmNAKVWsUZo/UbPmSeH1pxKiNGX9v3GPGLnQyJCecg8fTj3IzRKC0mOlGz8VAGck/u/cqyPIvmsNXt4GN1YTowz7I29oHAhmuo15MRtGyAyvQVYm3sA2PH1PR0exEE2ktVCw/Zs9ByUsMkisQ1sEz3PQmUsGD3TZ84iTRq4QErYz6sU+qyVQOYDGzjiEGqbWBjMO8lVI+9Gv6WZxLTF7Rk2B8rkmdI8S26HC63cPAcUjYnpR7e8DLMYDZDKPk/49tmbKYuyrmAS2B4j3IT9WWZ9e5PeEHtVywai3Hb51mGOvSVQNkwUTkgy4yTiYzEDVZ5Wt7VaVKGgafLEePvO7WT6ZoRLjWJG4hi8h90GITxk3an6sdPhccOf9ETfV17Okf0dFdRt56SegRsP1y586WzbUYwwJiaQUmxssC2n+SgsgDWTpSHKQCShKLmJVU1vNgfDliKlBZz1jfe12/DCvIiqy0TcWkt6/QXc0/1ueIJ2Cn25bn9qv+2Cyj4jVbZT+xYnDn3xUDzccKLUlRw1MWEMocZaFC4UznfkQQ1JmDkRubo8i3BzYhhYkNhvkX7yNOJGZv7K3FUbrICnMvB+ADL9s8EM4eoAKzw8GRcxCKb/XLl6pwp/pSIgzvKH5CXfekJ8qVyzRyg9MTUA17By8HQ0XRq3aS+/cQg5B4VHZ+YPyjxfqlr+xHB0W0HB//74ZtMsOREj56Kx3CWLlPz+UD/EKnuXLlZfcrspI04NQiQ5Xp3p6cU27qK7zP6S3GmIz/eBc1weU/hWzSaVF2r5ZFGVbG+mm9oWgGlW1cPijMpP/W8hPSW54lxEOetkjznHsTZcPiuqA8BM9j8lUQZ2FnZ3xG/J+qudzgrYWLEeD5ss+M2Ojax/he0mmlzQUe9s+Bx2+haJnH5I0Fog0GFV0zgDLNTzbwCQJpCuPvRLJz6AqL+CnEussJ7Vn/0B8mP7m2R1KKu/FHYYf1a04Y86Bx1DH4GURHfIZvaWP8TDJgaD+TMoZah7rBTp0G9bkVIl72nNsRbA9YLhszzRhUk8cSGmh3zLq6ZZXWGrBJTAiE771+6ItcLP/kpCX+PyDvDs9PBEUF+X84LsUx0taU8eIC/8qEJ6h40zLBwbV5wpvdFbdIYbjmMbm9pE/csyvRdfwbzZYF35MPSgRlySHCaN7+cvGwlHisIX6geZGgYTd9Plogn7EXTdYQIjP3R2sDed+unhKCTSjg2tyXkXb7YTjrMB8iUSZbwADKcHIjpRpgRzpQiiA9iJVX+q8NEHo6Akzhh26GvjKPUDOEBLwRzg8gwTkHfFStBKw1Suob3+p+ru0gb3nvrUOAX2Y3i3UMCuIDyHlG8tytUJvZVLI5KzDgGgDTMr7b41g7nkFx2FeJQkAKB7AubYifYda8b7UAfnFYllf7HEHafTwTtsj0BVrOxd80GtEGfpOvCWbCKUqnwU4/tVXeioIA1SS1gW95oVfrifog3osrNGb6aEGqKfHaA+COiFi2Kv80RvocrRQPLGkhOm85sCXI4KbnYAafIGs1uKnvpH6FejjiLSuxDt3UPlAeCeW7Owk2ueuMUiwlQGqBmj1bid3jQQo5kffn5k4GiNQ+fXEdeKtghajagUb5XmBfaoVk0GR58wGMyCmaqN5FmL9PV8lshwjO72a4yZmDdOITWjCZkX1IfXyfZw1igqnFmA0VR3KljRSheIKl11qqiv9uP4fZVze4wYcuKwmsUuUNawKXWjT2hft+GG/IZ3BxhAu60HRJJkeGDrqQFeJH5S4nm76cXPfodGZn4TrS3zimPTJSMWfHcW8HXhjF+HrW6MGMRiY0P3KmalDIeIHK5zdsPctNZluks4m4VHg+CQtIApupzCx1uvuEqYfPqtTGMXYxefYqnCQAESL7GmOBAqnRq7UpYP4EmYW8Ba3HCE1isCVE1ns3tGC9yoRnAYuva3R1LqgC2tr4FTzEp+7gspQjrjqq60tletyp18VfD0XSm7jtRZmr57qab5a+yX6NYN+ZiTGzL69xUgakO5PiyQsCbDNpsitQQxFE3yQBcN80Xfi10JSx8Gn+ZYbMV4GMaYILFRGgInJpae5C6rrl2T+zjHFGB5jRO7wBEZ82bD21fAO3UpamQcjKiQ02nhKPdOJkSnqKqPc/XH4GerXBoTpxuwOAFlQNpO5CsBVBj4iXM2TBa8Kv2WNCNY09V13gvff4JHf772uzvBxslCm4kQPSj/NSKBuV9vD9IZ3Q/sYAekuvxaTcwHra5oimojHSEdWB7SGUOP/45XN1wWHIxEQhCDyyxRbkYkqZc0wYU7htghuLiA1RgKMGtfA6ohO+2+cnOiLltG0yxtSw0l9BiI6vjMVDrdNIirDpUj0HHBi10wXc1QMlUILpqUc6WX/++zqTvXcarC7SNK4jG4C45/m2rJTAdUFG1Xp8e3SX/YuBJa2+W8e/8vlCoKXHqooubIuQxFZSBAJ2pAyTYhPyLa9KNBJcap/xj989WLkrJE6PFqIzrNABLYulw8Zf618nYNNH1aKgQVWwGhoxp5Y9Hl/2KgjbakpHVHKbwXUmwh8=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:07:09,146 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:07:09,146 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110709Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_5072d9fa61094e8b801f12059fdc90243ffd0d6|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_65a795e03bfd350ca973b439380fd9c8|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|rsanchez@samltest.id|_f4869c63cc2aa20167fe90ebb879148e|
2022-08-09 11:08:38,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:b2c03f5fb0a2832855fda942e515ff0d48b5779b01ba66d9d8075fffaab40cc3
2022-08-09 11:08:38,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:08:38,883 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:08:38,883 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://localhost:8080/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_80614f68d0778013a7b6e9b8e279cbbd"
    IssueInstant="2022-08-09T11:16:36Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://localhost/shibboleth</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-08-09 11:08:38,899 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://localhost/shibboleth' from origin source
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:08:38,899 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:08:38,899 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://localhost/shibboleth
2022-08-09 11:08:38,901 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:38,901 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:08:38,901 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:08:38,901 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:08:38,901 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:08:38,901 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_80614f68d0778013a7b6e9b8e279cbbd', issue instant '2022-08-09T11:16:36.000Z', entityID 'https://localhost/shibboleth'
2022-08-09 11:08:38,901 - WARN [org.opensaml.saml.common.binding.security.impl.MessageLifetimeSecurityHandler:?] - Message Handler:  Message was not yet valid: message time was 2022-08-09T11:16:36.000Z, latest valid is: 2022-08-09T11:11:38.901Z
2022-08-09 11:08:38,903 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: MessageExpired
2022-08-09 11:08:38,905 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-08-09 11:08:40,141 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:08:40,141 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:08:40,141 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:08:40,142 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_bf9e44e054d6493497e89f48f0978fdd44997bd"
    IsPassive="false" IssueInstant="2022-08-09T11:08:46.981Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_bf9e44e054d6493497e89f48f0978fdd44997bd">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>FitDuPFf4A6aYpGzNaCKhhbCB0CIlx3xaLGiBLaUitM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
HbVs9VG45Ve7t++QZJeSfr6cP9XQkKiUNsOjnwftz7JKGf/uP+wQB9334sAqT5f+r7c8301Us1wm&#xd;
5kpTfNOF6rB9La0rmWe3A6p2fGnTA72rzYWG6qZzf3Qe8P2qiEoihMJm1G3N3ZkAFd1Cx87Yw/Gq&#xd;
oGpU+uCt4qA52d7lHGbesb6CZcVFwKaFAI1J6Ji40e2+xMplFzE2/Eho+oyIv0wax62MYakWkaLF&#xd;
gFEgKTF0/QPTS9zaS50odLHi8bNbs6Nj+16b4Nk3D/ggFla+Zu2CtOuzugsjUV7zs30xsWkq41jo&#xd;
eSnfisDz1Zx5J4lgtYTjX2JSCeEyq72mfMM3gQ==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:08:40,150 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' from origin source
2022-08-09 11:08:40,150 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:08:40,150 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:08:40,150 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:08:40,150 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:08:40,150 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:08:40,151 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:08:40,151 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:08:40,151 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:08:40,152 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:40,152 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:08:40,152 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:08:40,152 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:08:40,152 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:08:40,152 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_bf9e44e054d6493497e89f48f0978fdd44997bd', issue instant '2022-08-09T11:08:46.981Z', entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:08:40,153 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:08:40,153 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:08:40,153 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:08:40,153 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:08:40,153 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 29392041739316831879909492263420809618356180272706027652343679098016282364414745216536632236600099715481081529744647645524003605122510817186315887517802452912643799162132870623358634804138327500912458001247256725586583530153692971849689848886777937538189618258798059356709972927743814711999393727110032489973264689064077963688570016506826594214907457503424024951351469455588099097161329401211827643012675421693008670801375297917537559379804376187770338075916115969654848155346928965046567907849079265565736568268190945123584854744386448963767726504663579103653226620589261606418333687915975781431485708245812900729641
  public exponent: 65537
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_bf9e44e054d6493497e89f48f0978fdd44997bd"
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _bf9e44e054d6493497e89f48f0978fdd44997bd and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_bf9e44e054d6493497e89f48f0978fdd44997bd"
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _bf9e44e054d6493497e89f48f0978fdd44997bd and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_bf9e44e054d6493497e89f48f0978fdd44997bd"
2022-08-09 11:08:40,154 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:08:40,154 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:08:40,155 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:08:40,155 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:08:40,155 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:08:40,155 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:08:40,155 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:08:40,156 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:08:40,156 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:08:40,156 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:08:40,156 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:08:40,156 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:08:40,156 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:08:40,156 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:08:40,156 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:08:40,156 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:08:40,156 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:08:40,163 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:08:40,164 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:08:40.164Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:08:40,164 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:08:40,165 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:08:40,227 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:08:40,227 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:08:40,227 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:08:51,490 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-126862-uHqlJeH9BsNFeE-q9LzGb7GKyrsHfA3D
2022-08-09 11:08:51,490 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:08:51,491 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:08:51,491 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_b5020857f1534672927f93e888cde579d490264"
    IsPassive="false" IssueInstant="2022-08-09T11:08:50.290Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_b5020857f1534672927f93e888cde579d490264">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>jCFA0af0gKHPTRJ3Riq1pKp+WLclPCEFweeMPtPp+Mo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
aWiwRu+cjR0ZRavR3oMPgm6Shj1Ckz888N4swNCequoMYVEwSXDnkkVMTol4gt3b5Wz3e06RfCPP
rJ6WMG4COHmrVJB+zYn1RuZc3N72AlHG1TKI6DkqSz59ZBP3S9Eq2jN46JcyRVUYiKo/20k3isT2
HlTTsliJ71f1T9XduLwrrQkqJBl6p/UbbEZ8+Fmd2vu0NX71jWxkbwPB0nclDnL1H5Gq38sj27f3
s/t3Jax1pmsrykMLvaR6vqxz7vTW/hcKmtW8LwgolJCgHDDbL1aGNFs2vavC1rx88o3l83XmKmRx
danSncAAeaFLyQCR1cxk7+oY7P79aa12ifzFAw==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:08:51,499 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:08:51,499 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:08:51,499 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:08:51,500 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:51,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:08:51,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:08:51,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:08:51,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:08:51,500 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_b5020857f1534672927f93e888cde579d490264', issue instant '2022-08-09T11:08:50.290Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_b5020857f1534672927f93e888cde579d490264"
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _b5020857f1534672927f93e888cde579d490264 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_b5020857f1534672927f93e888cde579d490264"
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _b5020857f1534672927f93e888cde579d490264 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_b5020857f1534672927f93e888cde579d490264"
2022-08-09 11:08:51,501 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:08:51,501 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:08:51,502 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:08:51,502 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:08:51,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:08:51,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:08:51,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:08:51,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:08:51,503 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:08:51,503 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:08:51,507 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:08:51,508 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:08:51.508Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:08:51,508 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:08:51,508 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:08:51,508 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:08:51,509 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:08:51,704 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-08-09 11:08:51,704 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:08:51,704 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:08:54,633 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:08:54,633 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:08:54,633 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1442427712::identifier=rick, context=org.apache.velocity.VelocityContext@5ce0f95f]
2022-08-09 11:08:54,649 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1442427712::identifier=rick, context=org.apache.velocity.VelocityContext@5ce0f95f]
2022-08-09 11:08:54,675 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session c6b43ca9db406f52860b455ab119edd24623b45e09cdb67db477c1bf4c7df5ac for principal rick
2022-08-09 11:08:54,675 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session c6b43ca9db406f52860b455ab119edd24623b45e09cdb67db477c1bf4c7df5ac
2022-08-09 11:08:54,676 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:08:54,678 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:08:54,679 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:54,679 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:08:54,679 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@792f51d6'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:08:54,680 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:08:54,914 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-08-09 11:08:54,915 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:08:54,915 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:08:54,915 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:08:54,915 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:08:54,915 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:08:55,508 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:08:55,508 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:08:55,509 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T110855Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579335509}'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@792f51d6'
2022-08-09 11:08:55,509 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:08:55,509 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:08:55,510 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:08:55,511 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:08:55,511 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _91520b7c8fba17169f09ed23ee4b5e0f
2022-08-09 11:08:55,511 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _91520b7c8fba17169f09ed23ee4b5e0f to Response _24aaa3d97f5cbf0d7b67c24893eb56e6
2022-08-09 11:08:55,511 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _91520b7c8fba17169f09ed23ee4b5e0f
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:08:55,512 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:08:55,513 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:08:55,513 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:08:55,513 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-08-09 11:08:55,513 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:08:55,513 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-08-09 11:08:55,513 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-08-09 11:08:55,513 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:08:55,513 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxy7cDq5QFF4HH2UXPtxKkHpPS1EaAAENeqzcN2hxMlwBb6y4gKmAg0q60tlr8Z+MYWx/uRMbwoylJhQDJjSWNt1v7CONUOv/f6FVA0byd8g2yT2FIwNq8RdxemMIQPjsODD0nnwenPf0Km62OwZZXFg+5Cj1abhs= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 161.202.27.215
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _b5020857f1534672927f93e888cde579d490264
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _91520b7c8fba17169f09ed23ee4b5e0f
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _91520b7c8fba17169f09ed23ee4b5e0f did not already contain Conditions, one was added
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:13:55.509Z, to Assertion _91520b7c8fba17169f09ed23ee4b5e0f
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _91520b7c8fba17169f09ed23ee4b5e0f already contained Conditions, nothing was done
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _91520b7c8fba17169f09ed23ee4b5e0f already contained Conditions, nothing was done
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-08-09 11:08:55,514 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _91520b7c8fba17169f09ed23ee4b5e0f
2022-08-09 11:08:55,515 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session c6b43ca9db406f52860b455ab119edd24623b45e09cdb67db477c1bf4c7df5ac
2022-08-09 11:08:55,515 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session c6b43ca9db406f52860b455ab119edd24623b45e09cdb67db477c1bf4c7df5ac
2022-08-09 11:08:55,515 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:08:55,515 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxy7cDq5QFF4HH2UXPtxKkHpPS1EaAAENeqzcN2hxMlwBb6y4gKmAg0q60tlr8Z+MYWx/uRMbwoylJhQDJjSWNt1v7CONUOv/f6FVA0byd8g2yT2FIwNq8RdxemMIQPjsODD0nnwenPf0Km62OwZZXFg+5Cj1abhs=
2022-08-09 11:08:55,516 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:08:55,516 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:08:55,516 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:08:55,516 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_24aaa3d97f5cbf0d7b67c24893eb56e6"
    InResponseTo="_b5020857f1534672927f93e888cde579d490264"
    IssueInstant="2022-08-09T11:08:55.509Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_91520b7c8fba17169f09ed23ee4b5e0f"
        IssueInstant="2022-08-09T11:08:55.509Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxy7cDq5QFF4HH2UXPtxKkHpPS1EaAAENeqzcN2hxMlwBb6y4gKmAg0q60tlr8Z+MYWx/uRMbwoylJhQDJjSWNt1v7CONUOv/f6FVA0byd8g2yT2FIwNq8RdxemMIQPjsODD0nnwenPf0Km62OwZZXFg+5Cj1abhs=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="161.202.27.215"
                    InResponseTo="_b5020857f1534672927f93e888cde579d490264"
                    NotOnOrAfter="2022-08-09T11:13:55.514Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:08:55.509Z" NotOnOrAfter="2022-08-09T11:13:55.509Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:08:54.675Z" SessionIndex="_b696f29cd98638cde2ecd8c5252f0202">
            <saml2:SubjectLocality Address="161.202.27.215"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:08:55,519 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:08:55,519 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:08:55,519 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_24aaa3d97f5cbf0d7b67c24893eb56e6"
2022-08-09 11:08:55,519 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _24aaa3d97f5cbf0d7b67c24893eb56e6 and Element was [saml2p:Response: null]
2022-08-09 11:08:55,519 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_24aaa3d97f5cbf0d7b67c24893eb56e6"
2022-08-09 11:08:55,519 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _24aaa3d97f5cbf0d7b67c24893eb56e6 and Element was [saml2p:Response: null]
2022-08-09 11:08:55,522 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:08:55,522 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-08-09 11:08:55,522 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:08:55,522 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-126862-uHqlJeH9BsNFeE-q9LzGb7GKyrsHfA3D', encoded as 'TST-126862-uHqlJeH9BsNFeE-q9LzGb7GKyrsHfA3D'
2022-08-09 11:08:55,524 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_24aaa3d97f5cbf0d7b67c24893eb56e6"
    InResponseTo="_b5020857f1534672927f93e888cde579d490264"
    IssueInstant="2022-08-09T11:08:55.509Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_24aaa3d97f5cbf0d7b67c24893eb56e6">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>rlhYsH6jZDpWZ3376Fj32eEBQp11IMYq6tOEdxMdo2U=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>RN2GX/uDmJ9OUz+xkL685kF34SNVieZWBzSMaz9ccBqUUgARHPTCiCx4Y33aNncSuXsAAuBk2HBplya/YsDh1cEbrSwELPnjqEzKzs6HQ7qu0RgwpLCF6ELzeZhq9WE2PTqwwd2qaLjFcE9XVxeqh8zwI572djSwX9P/f1ARvSAsKESS+v7sVbG3kB2bbEciR0RrdFgL8ovX7waqFA81/uXTz0Pm6sROeuic7ByNJpC3vIx15UFGImM8rXRDp9cldYdUV4u5e1/XcY+QrlWD5SE6uKZUrliGt9tXInlS+f6A12JUPrtMwGcFKJLSOWZtWogy3Yj/CZve5Cbn8zJO4Q==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_17350ce6af65dec28a4a1290a13ba0ee"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_015fe5bd1bf87829797deafe0f39a2ff"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>DiLrkyS0bLDYCtDItfZccy26WAG3H9Nz5hhOQGSuK7XQLQfKDKTe/qE6KEmu3yojIZdIr7ZZR8cpuoCPA/BiZs4Bsftapfb9QkJeWl0wBq5jr5E79dh6vrF2ME0V4KL2k4Eb+ULYoIpdaoqvQrf0aoVZ8if2nJoeAzxTl9m1NG6+bvBrIMo1j4pKaOuVF7QLknEJ0EHNcPwmu8bcXuNJ6ceVrE/GSOMZG42mXteNsg9gkfFrYBp9XTl51yE88hfhtXKKmOUcJwJRXuAf5WLnX3Gx/LMqKX67AHl32O8qBkgE97MZquJKxAAsBxJk2XXIotJp+CuodJGkzKmtj8d8cg==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>Z1wKJUK69wU4cgZM1g78RgFV5qOOtL2h9ajhGWjq7wXgA/Nu7gH9Z2IdkFM4cynvUttpUvbV0fYzHdRzYyKUqkgsI/YzLIl8kTho6b9lyc8S2gh25MX3qIcdujRV/18g8Wp3AgxYt+4p8saGuMZue83r/qk26iNcBUZ4rIgKseDLZMUsP79a+M/dGENAOSXdupaqfPwUQbln5lZsc9lhy5G5aiSOG3ujHFlem3Pgb1wMtmNVpeUpo4hlm2uMRnlqL9nNM6eJPfUvEoe5UeSGX+qM9iSo1AGxv7m4xPvgzO3FJD/z2znw9gfLdYRC3vQImnhddVGUN3xIG5rxybszN58DnkOMqHG02uefpk0C/qoloe21ksboERYNy79z5vn14tOXWYVJqh8jOe0cf1ZrvoPjB2vsjNoHgNfxMe9aOX2yDfYyhIJ5WOIPHA4Ya/tgJ4YK13Kxo2T5zHz4G3ouahM/lLNQIFoQmE+Pk0YGDmeD0kFQppNcLeNB51ntLpIRsDTtcn7FoPdvbS6xS7dRgSgC3OAf+tWp3y/SPw74FF4EqrEwTi53xkoNg2eNBi5e4yabCXuQB4BgfB5PQbHYtdMs08IbC/+vaXZB9SlDeaUp4l8z6EYgwQF6KiLyNPJtWgseiz1x6c4yLRD2u87OBjRdnWEopR53zcurT/h1GXuQ2mNQQwp21SaO1ktVHGHwL+v/+C2L7s6gKMf1Dbn4rCxHpJUHBeLl9LmoCbM4Ffbg0s6t9U3uCXnrzl7TMakecBBrwt3K9xgFNaCriAehz4F1L9EKtKlc6CkycxAt63Hjhz5JFly5Nz71evOYyD0xvKScKGXDXdyDzK3qcKWMkiA/PqxjsvwcVYIJN0tSypQ27QHia+4TBq/XU/o7vLuBltX8p1kNcXlmMingFSm1vpA55trpANbIRkOZL0FU6ZwX8/wPLqxKSur9cxF1MZGdYDzaebK1cceKf6NhotQ8lOEtusaho/TWPyAS6NKl5YKhz5ZprtXXfdYoI5XDJt64JzgQ0syZAOaVqmk+Vd0U6PX+eh/W1Z7MNZV4vutVtZMZ7H2ZFLLG//nyV4CvfsFHZvuCn3UajdHTFJQo5mhSZvUx4PnuhiWlkHB11U024pTgYx9QramVSXyaMQLmhZVbbbAKXDHhh+QyGHi2k5xCs59awijDiLZOrdlNHJUrk5DSLggOQmWBCXIN9t899AGI8EO0auhbbfcSK2TiqH083K+MMV4E+e6GSGFJ0sL16Vrk1g+Xv9+MdwKQRCQcE5cwWqOPxr9IuNqBOqIdA/zAhqy/I8zwLXM7QJ2o+1LYX1+vS/JiAIKm7Osn2xCqYOQ4P8OtW8JWf4bJeG3QvNIq/ZYJP7B+KeMUlDpaWZl9Bc03i/wUVgOPKULUHplLQ1UzblFsdvwyeStjEcvZ84JIWWbAs2RMizkNa+d0pnLzFn1P5QX/gu5fAitg2ug2XHqI8hAw68vTzhjAt57n3mMocAR6nKFXUoAEihEskLDvRsJgNHtlxr2TFAks2qgico614kijp1YNJQKR+462TkOrF8n/Fk3PNfZTvbKtxTRzN0FSKj5K5uJZnKwJyp1I/hcLCEt9LYqYDJWk5XVgX+cfD3J1xBhpsbj2ep6TQd+6Fvnaw8KaLH1ZVvqNy5cj7kG69IYN6CZSxW0yjuRcajif1Mq+fQ9XM7UenpRK7vLm2BqrM+Le/TRApqLyUT0domDAEGhN56QujHgbVlkLhcMjQhiZnZ32R4W9OUMAZ5WbLpXhVJFunV9k2BSYApkrDcjMVZXpbVL7t7FlnWRp9FjuYJRmOGO0zxug8UdrBcdLdrFXkpw0r/TqnjDME99GP9X4QV2x6NcrLh7ImTJlS3u2YeujwOwEEbQ+dSYOrv2fRAWOhUkqht5Kb41sJuHK1dr0FPWDclviwr0zTk+5RjCbhFUE0d7LdX2EqBb2kr36P0ezbbst/++WPyS+OTNCOFQlxm/P2G8xkLvRqtEcto4n4W21KVRL3BV1QxlXKGmU1VFvAZS+oD4eXwNQVb0LzE3KIaqXu/O/A6ak5LI0Bbs5C6Ds1geChKB4vfWIg5PfFwRMGHLTok3D/25GIc3zpXYXwcHgGLdUad6L1E9vEERiPFIOVmI9MXk50hB+latlDle36gBfcR5G6vaia9G+HqvbOlB17SMOOpOCoN9EdDfCGEJZKvss3MzVDy4E+vfeAGFhHHOM845xFmYbewXTk7h1I1tJfrErl3ClPrike6d9lVyUw7XGqMFO5zri2+MRDn4jByZyU6PO9o1I4Waw/nKCDAwj8c/ReHfeIJaiRHwaTcxdVv6Gb3Ao+HHER3u9f3DOoAtP9DkSSWC3NbtCmuP/NPTTaz2fvkwcedjHaKM48ayDkunxSheGQlQI5ReZeQNtef0NphwSBy9BBQ+wkYVcPKYD+ssYXmcakdAbmNPKJqtp+Q/zmn7k2Hkyjr1JGVGdCNf9hWCfzxGPT36jAP7P6HHmSjsm77/FcsqwSEyw86uFMY8KQBmP94uwBecOGnHqXxGCEs9/ycz4BGB3mQbZMIBZrlxltRnsps2S8JQJafOzE/WIszKg1H6OfX/QRcY3LCwvc8IvlEQ3mIV4sM1BbfcaguJ1llip5sNRT4Eq88OTaEV58b0K2VlzQpGUPyAWajOjLsFagzVchCpUVucq8d9HenK6psC7YaDFYkfRQ6UmhL5/d1HtOY/vOKTirzOaLwZ9UB5OLUdZ/cloLre3s1XVwEM4rVdCUHE2gFMr/g2tVd45RIeKCCb6z7LEA2FG6LeNZgKU02q2QZTugsGbY50FLMIPVyUQP17TItKzTnjEUsvxQmRA/KmhrqECkfLjHcWUvVarihsv/F29bAIaoOmfdE+lFEw8DtKPwLPmURA2AeRGHhzG5EhSMsk/Y5UMH1JlGKBE9MkWHJN15j1cO12GnCqBz9fm7N9YyJQReQi/QP6DXo05dqXKX7zHLa/iYwmfymW2AwqzDo2SOP/hMbqFOfSCJKfIvC97kT0c0l9TXtZImKL4jWHzOlUHARIttOLHbt57/ijRx5Fe78C8HT1VajpEhfhmi9IzjdldRV7gccpqDxCXq8u8MukwfTrCfsRk9KVBlW+f+yZtxmhzpFgGFHSLFHzEK+0ZE/p8f9HeKSqGuJ4eUH7Y7FRpVxb58zN4AKWBz5+auNTyWcT/mkluVn2ksilaL1Df0noG3kXu9jDkhzi/fdIU2BRypSuMsX/IdSSzS28qm2Jm7fXmu7P5Oad/eAJKhw90OZcQv6AC/xAZDmfzeYjpmNkaZHlMguBxXU6HcrJQ0di9ZcgkFqyUAqgggOVvttHR/ioc5ur0uXH1WDtyUx3oQqeXe9Ou+11oL1aH1KfU72ws76Uj+ZMH/bnj8Dhlf6z8w+G2H+pT6f2uKi3y1CtSEmXHtJBhDZKdEGby9nBgsDyaLm00hfilUJXgmPjYK4aRZptAH7lttwg9OZDOJIBgkOq9ZqmttXZqtOdGx4ZUwXkXR5oK5N6k3jAmWvF1S4Xkq6ajxqS1gx+9hwXmyorJLqMaZpsDXyotg6CBMX0EWKSgOq4Rm+cC5Lq2A4YruHPZ8q/gvhBBcxQw9IOU2ZN7EzDTB0obIIElVQw5rIIlGzYE6MLSUJ0P2+BNtIinyP52JMXYDbCKeqPEFS2VsvSErVWyik1C58OR53fuXj87/THICEvahC6RwFFuN7Ru8lWnBHXYxOlaadp9mYIPuNuHsuSj/RudPTcmHNpTC7JBhn7+iszjfztbxi/aTIizIHnIL8svOfln0pXWtayUdnSL7ol2crWN4uuKo0OqPyqhqLM0gCcGlOLgdc6CRFZNODBW1GazlNqXxzwmv3kbGwAlnRy7oRlQ4+BqN0hGAO7w08OJTTqTwEsilrfaNjWzbXSdnclyPWENdzXxcwoNMpMxxlFRR/jm6b4K4ihIUiXXQcU+bo1JhwyGmSqNJKbxkGK2XiYA8gmuN9QEMPfcmgwWkGfDxlE4ktLcmhzeA7KvqxIQ9VcfIs2dvMqWxAX1HciignlnFaPlDyuAlwEg86nsFJgQy7t9X+MLW9+wDquxtrk4r5yttu1O821enCUl1P/cz67A5fNxlxfJMYNyERyEL5yQMgT307920xj+VCgVn06y1WDGWPsz0at/yas3SpLQDEZOIm+kE06aCfJV+GAFgq+OQR358u4rAQXQfxD8gkVbHr/1prLpHwMMOkgWE4RFBWTVYMnsMe/d5sNvbZCIw8jbrsqRlgq5oA46EJeZaBIRXa7xOM2VvAqR0d2omzaQtEe3FrONyRCjRa6ZPjHYIBGp/v4TOcC15W+Egw/Xs97i8GIXmsQHissc2HmC3j+UT3yWWLU7ADYGRtkD7C9Qugd9TXIOUhNbjrdb15+arnnHtHZzww19PthSa/Z1gnJApuOGzPhUlSSaghFmUEvugAJBUn+r1zi8mk+3hO3ZNoGwPXh6fvyA8iQ1cBTDzRCpLslCi52qdQDPxdbDL1yGzlpnU4oGrObgku5OtKxrmTIFCRHN3W36eixUBmOuLWlZsY3s9IDdpdhn1sNvMS+nRttbIF3eLdpt99Jkca52q7Q09p85Za+DWSJV+hugBlObehV4xerN2b4d+ZyxyaGOs+z7t9io6Qcy1hGeexfNyw6siG4DkyGLQZr+yHdRthWFgFj1jYAHq9souutf4jAjMi7WiCwAQanWE3RY9cnN0MCUhhdvBrmMPrnuxVpX4S/lqpuYWVc0sNW2elTdqIetUEPiqEDrJI4Zzbftbk1RUPr4/E7qnErqfWn++8qn5oCsAP/jsXPE10W+ov0zNx4yNaG/TJ8YiCDG81PwjBdPQarjG/qhwuHyJI17/S3JIDnGsT60b6UQahWWpvqSw6EwyqIoSoGSV/Y63GfhrEp2JPHAR/nbkNhMSV1Yt2cYvOwV2DP2MXN4k9iTUDv2/WPt32XzEBIKXy9ZPjZW8iJgjHVXFCdU9ZT/Um8SlDL630EGyUG64SzwbRWBea4VNyCKd5AXaSV6kiz2fGMzAPKDixwwq2WqDpTzwMsVeLluDhnUF6oCMQT4nO0nfQ3L/6kHtQdQW4AvlIJ9J4NUf8xeR3FGPZOzgzOFEHm1gXm+9+ndF5a8VMCE6JEY0Lp381BpzUCZLC0c9bsYBo2NL15cXl2CILQJfXjylP7cUfwxF4pfkkUm9wUUVwPNHPM9uTAKeWI3nOHdS0CfY1DMflFRmI5M+wq0v6A6EthpsvI2/q/TQ5JThA==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:08:55,524 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:08:55,524 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110855Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_b5020857f1534672927f93e888cde579d490264|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_24aaa3d97f5cbf0d7b67c24893eb56e6|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxy7cDq5QFF4HH2UXPtxKkHpPS1EaAAENeqzcN2hxMlwBb6y4gKmAg0q60tlr8Z+MYWx/uRMbwoylJhQDJjSWNt1v7CONUOv/f6FVA0byd8g2yT2FIwNq8RdxemMIQPjsODD0nnwenPf0Km62OwZZXFg+5Cj1abhs=|_91520b7c8fba17169f09ed23ee4b5e0f|
2022-08-09 11:09:03,698 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-08-09 11:09:03,698 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:09:03,699 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:09:03,699 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost:90/bpozg/samllogin"
    ID="_248ae0e0-c82e-4a13-854f-480d1eb85dfb"
    IssueInstant="2022-08-09T11:09:02Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://sso.idutest.com/entity</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/>
</samlp:AuthnRequest>

2022-08-09 11:09:03,705 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://sso.idutest.com/entity' from origin source
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:09:03,705 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:09:03,705 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://sso.idutest.com/entity
2022-08-09 11:09:03,706 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint was empty, not required by binding, skipping
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_248ae0e0-c82e-4a13-854f-480d1eb85dfb', issue instant '2022-08-09T11:09:02.000Z', entityID 'https://sso.idutest.com/entity'
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://sso.idutest.com/entity' does not require AuthnRequests to be signed
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:09:03,706 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:09:03,707 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 5 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost:90/bpozg/samllogin using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:09:03,707 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:09:03,707 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:09:03,708 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:09:03,708 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://sso.idutest.com/entity
2022-08-09 11:09:03,708 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve encryption parameters based on SAML metadata, falling back to locally configured credentials and algorithms
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Failed to resolve EncryptionParameters
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolver returned no EncryptionParameters
2022-08-09 11:09:03,708 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption is optional, ignoring inability to encrypt
2022-08-09 11:09:03,717 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:09:03,717 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:09:03.717Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Updating expiration of master record for session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c to 2022-08-09T12:09:03.718Z
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading AuthenticationResult for flow authn/Password in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,718 - DEBUG [net.shibboleth.idp.session.impl.ExtractActiveAuthenticationResults:?] - Profile Action ExtractActiveAuthenticationResults: Authentication result authn/Password is active, copying from session
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Reusing active result authn/Password
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name established from session as 'rick'
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Updating activity time on reused AuthenticationResult for flow authn/Password in existing session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,719 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:09:03,720 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6ee56c7e'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://sso.idutest.com/entity'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@34da0085' with context 'intercept/attribute-release' and key 'rick:https://sso.idutest.com/entity'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:https://sso.idutest.com/entity' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1665126276477' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:09:03,721 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:09:03,722 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:09:03,722 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-08-09 11:09:03,722 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@6ee56c7e'
2022-08-09 11:09:03,722 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:09:03,722 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:09:03,723 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:09:03,723 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:09:03,723 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _e7bb8e6909c32b0883772211989b1f4f
2022-08-09 11:09:03,723 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _e7bb8e6909c32b0883772211989b1f4f to Response _77bb09cdbf5f94015e0c2b72ac15ad52
2022-08-09 11:09:03,723 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _e7bb8e6909c32b0883772211989b1f4f
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:09:03,724 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:09:03,725 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:09:03,725 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:09:03,725 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-08-09 11:09:03,725 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 217.18.178.74
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _248ae0e0-c82e-4a13-854f-480d1eb85dfb
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://localhost:90/bpozg/samllogin
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:09:03,725 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _e7bb8e6909c32b0883772211989b1f4f
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _e7bb8e6909c32b0883772211989b1f4f did not already contain Conditions, one was added
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:14:03.722Z, to Assertion _e7bb8e6909c32b0883772211989b1f4f
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _e7bb8e6909c32b0883772211989b1f4f already contained Conditions, nothing was done
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _e7bb8e6909c32b0883772211989b1f4f already contained Conditions, nothing was done
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://sso.idutest.com/entity as an Audience of the AudienceRestriction
2022-08-09 11:09:03,726 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _e7bb8e6909c32b0883772211989b1f4f
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://sso.idutest.com/entity to existing session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service https://sso.idutest.com/entity in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://sso.idutest.com/entity in session 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.AbstractIdPSession:?] - IdPSession 61c852d20bd3f3b97b719220403efc2ae184df337d1df86647d12ccb9f2f610c: replaced old SPSession for service https://sso.idutest.com/entity
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Removing secondary index for service ID https://sso.idutest.com/entity and key 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://sso.idutest.com/entity and key 5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE
2022-08-09 11:09:03,727 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Older SPSession for relying party https://sso.idutest.com/entity was replaced
2022-08-09 11:09:03,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:09:03,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:09:03,728 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:09:03,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAssertions: No encryption parameters, nothing to do
2022-08-09 11:09:03,729 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://localhost:90/bpozg/samllogin
2022-08-09 11:09:03,729 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://localhost:90/bpozg/samllogin
2022-08-09 11:09:03,729 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_77bb09cdbf5f94015e0c2b72ac15ad52"
2022-08-09 11:09:03,729 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _77bb09cdbf5f94015e0c2b72ac15ad52 and Element was [saml2p:Response: null]
2022-08-09 11:09:03,729 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_77bb09cdbf5f94015e0c2b72ac15ad52"
2022-08-09 11:09:03,729 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _77bb09cdbf5f94015e0c2b72ac15ad52 and Element was [saml2p:Response: null]
2022-08-09 11:09:03,731 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:09:03,731 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://localhost:90/bpozg/samllogin' with encoded value 'http&#x3a;&#x2f;&#x2f;localhost&#x3a;90&#x2f;bpozg&#x2f;samllogin'
2022-08-09 11:09:03,731 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:09:03,732 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response Destination="http://localhost:90/bpozg/samllogin"
    ID="_77bb09cdbf5f94015e0c2b72ac15ad52"
    InResponseTo="_248ae0e0-c82e-4a13-854f-480d1eb85dfb"
    IssueInstant="2022-08-09T11:09:03.722Z" Version="2.0"
    xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_77bb09cdbf5f94015e0c2b72ac15ad52">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>U+za4EPXRl7fHJ2ay590t0BMUSQAdvM2dDfFcsutew8=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>rbBqy8BES8hTFj7Jg+6naU2y6fAZSoOKWFNZAV2teJ6XE+gbOmsJWx9n/W7cEhWnZ0SXIbflg9SQw8X3MRZvaBuyGZnIWOOShnSlt3qEZ596mOHUp+ci/jjb7Hrn+LJqi6m7iLnSAajxd8g03e1HyAiD5AmxwGz+04WITrlwpOtlmngR6UVbhnRjEX/ROZkuWrxKqPbxHJsNBk24wyzVdgTE5OgTl83tNOOXxq33JscHrMl668zFIZpIasMX+gGRYr0HOOQDOaoomyjBqb46IbRj44BeFG+b8YaqRqFEnpj83wGPWlXbgF4nmlo5APsQfBOYo0FGnFOErjzX19NtmQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_e7bb8e6909c32b0883772211989b1f4f"
        IssueInstant="2022-08-09T11:09:03.722Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://sso.idutest.com/entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="217.18.178.74"
                    InResponseTo="_248ae0e0-c82e-4a13-854f-480d1eb85dfb"
                    NotOnOrAfter="2022-08-09T11:14:03.725Z" Recipient="http://localhost:90/bpozg/samllogin"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:09:03.722Z" NotOnOrAfter="2022-08-09T11:14:03.722Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://sso.idutest.com/entity</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T10:28:16.729Z" SessionIndex="_bb8e3fc42ead96247b12893d571ced89">
            <saml2:SubjectLocality Address="217.18.178.74"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:09:03,733 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:09:03,733 - INFO [Shibboleth-Audit.SSO:?] - 20220809T110903Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_248ae0e0-c82e-4a13-854f-480d1eb85dfb|https://sso.idutest.com/entity|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_77bb09cdbf5f94015e0c2b72ac15ad52|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|5KCFEEIBYZBL3IADBZ4XNGLQSIFDTXNE|_e7bb8e6909c32b0883772211989b1f4f|
2022-08-09 11:12:12,731 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Beginning to decode message from HttpServletRequest
2022-08-09 11:12:12,731 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.IdPInitiatedSSORequestMessageDecoder:?] - Decoded SAML RelayState of: null
2022-08-09 11:12:12,731 - DEBUG [PROTOCOL_MESSAGE:?] - 
SAML 2 IdP-initiated request was: IdPInitiatedSSORequest{entityId=test.com, acsURL=null, relayState=null, time=2022-08-09T11:12:12.731Z}
Synthetically constructed SAML 2 AuthnRequest was: 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest ID="_c1497706-0fb4-4277-ac39-0b3b21ae3d00"
    IssueInstant="2022-08-09T11:12:12.731Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">test.com</saml2:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true"/>
</saml2p:AuthnRequest>

2022-08-09 11:12:12,731 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Successfully decoded message from HttpServletRequest.
2022-08-09 11:12:12,739 - DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver:?] - Metadata Resolver FilesystemMetadataResolver SAMLtest: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=test.com]
2022-08-09 11:12:12,739 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved no EntityDescriptors via underlying MetadataResolver, returning empty collection
2022-08-09 11:12:12,739 - INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  No metadata returned for test.com in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol
2022-08-09 11:12:12,739 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No metadata context found, nothing to do
2022-08-09 11:12:12,739 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer test.com
2022-08-09 11:12:12,739 - WARN [net.shibboleth.idp.profile.impl.SelectProfileConfiguration:?] - Profile Action SelectProfileConfiguration: Profile http://shibboleth.net/ns/profiles/saml2/sso/browser is not available for RP configuration shibboleth.UnverifiedRelyingParty (RPID test.com)
2022-08-09 11:12:12,740 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: InvalidProfileConfiguration
2022-08-09 11:12:12,740 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-08-09 11:12:51,747 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Beginning to decode message from HttpServletRequest
2022-08-09 11:12:51,747 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.IdPInitiatedSSORequestMessageDecoder:?] - Decoded SAML RelayState of: null
2022-08-09 11:12:51,747 - DEBUG [PROTOCOL_MESSAGE:?] - 
SAML 2 IdP-initiated request was: IdPInitiatedSSORequest{entityId=test.com, acsURL=null, relayState=null, time=2022-08-09T11:12:51.747Z}
Synthetically constructed SAML 2 AuthnRequest was: 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest ID="_d183afd3-3bb5-4f9f-a479-f163639f56ba"
    IssueInstant="2022-08-09T11:12:51.747Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">test.com</saml2:Issuer>
    <saml2p:NameIDPolicy AllowCreate="true"/>
</saml2p:AuthnRequest>

2022-08-09 11:12:51,747 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder:?] - Successfully decoded message from HttpServletRequest.
2022-08-09 11:12:51,754 - DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver:?] - Metadata Resolver FilesystemMetadataResolver SAMLtest: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=test.com]
2022-08-09 11:12:51,754 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved no EntityDescriptors via underlying MetadataResolver, returning empty collection
2022-08-09 11:12:51,754 - INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  No metadata returned for test.com in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol
2022-08-09 11:12:51,755 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No metadata context found, nothing to do
2022-08-09 11:12:51,755 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer test.com
2022-08-09 11:12:51,755 - WARN [net.shibboleth.idp.profile.impl.SelectProfileConfiguration:?] - Profile Action SelectProfileConfiguration: Profile http://shibboleth.net/ns/profiles/saml2/sso/browser is not available for RP configuration shibboleth.UnverifiedRelyingParty (RPID test.com)
2022-08-09 11:12:51,756 - WARN [org.opensaml.profile.action.impl.LogEvent:?] - A non-proceed event occurred while processing the request: InvalidProfileConfiguration
2022-08-09 11:12:51,756 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:?] - No SAMLBindingContext or binding URI available, error must be handled locally
2022-08-09 11:13:03,420 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:03,420 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:13:03,420 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:13:03,420 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_245b908a165249a28990398f2df2a8adcaf0d8d"
    IsPassive="false" IssueInstant="2022-08-09T11:13:10.257Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_245b908a165249a28990398f2df2a8adcaf0d8d">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>eRmOSnmZDeoL93UxT9qgiWPi3Wys0ivP2mZ4/12mISE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
e+b4lkwDGU9T42Z9IEv313Ml2J7KB95QByhRgbQ2qYkTLgIow4n+wPP5zP+zdZathvPCzb1aPcB2&#xd;
Z7bwhoYA1QuIPlaSshd50a2JONmFGOCgGJ7S9lBjonJlrvakqF2X8/MldAB+Sp9fHeBB28MfMuHn&#xd;
WUNuhkvR52dGoiRPo4uPX/L166aD8K7F2OJ5HkVewSvgdzC9ROzKP0GmvT1kSqKRi86hgAwUOg7g&#xd;
crxgwQGGK2UxQVVG1YDIUo4Kx/b3N4HNfYvXxRUcoSeJMYBloWRkFUURKbYI/8X5EYyZULmZ7nCU&#xd;
KYiP20T0Vj7mrJWZag0PUrkrSdZf1WFjTCWocA==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:13:03,429 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' from origin source
2022-08-09 11:13:03,429 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:13:03,429 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:13:03,429 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:13:03,429 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:13:03,429 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:13:03,430 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:13:03,430 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:13:03,430 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:03,431 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:13:03,431 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:13:03,431 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:13:03,431 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:13:03,431 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:13:03,431 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_245b908a165249a28990398f2df2a8adcaf0d8d', issue instant '2022-08-09T11:13:10.257Z', entityID 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 29392041739316831879909492263420809618356180272706027652343679098016282364414745216536632236600099715481081529744647645524003605122510817186315887517802452912643799162132870623358634804138327500912458001247256725586583530153692971849689848886777937538189618258798059356709972927743814711999393727110032489973264689064077963688570016506826594214907457503424024951351469455588099097161329401211827643012675421693008670801375297917537559379804376187770338075916115969654848155346928965046567907849079265565736568268190945123584854744386448963767726504663579103653226620589261606418333687915975781431485708245812900729641
  public exponent: 65537
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_245b908a165249a28990398f2df2a8adcaf0d8d"
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _245b908a165249a28990398f2df2a8adcaf0d8d and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_245b908a165249a28990398f2df2a8adcaf0d8d"
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _245b908a165249a28990398f2df2a8adcaf0d8d and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_245b908a165249a28990398f2df2a8adcaf0d8d"
2022-08-09 11:13:03,432 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:03,432 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:13:03,433 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:13:03,433 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:13:03,433 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:13:03,433 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:13:03,433 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:13:03,434 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:13:03,434 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:13:03,434 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:13:03,435 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:13:03,435 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:13:03,435 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:13:03,435 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:13:03,435 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:13:03,435 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:03,435 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:13:03,435 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:13:03,435 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:13:03,435 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:13:03,440 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:13:03,443 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:13:03.443Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:13:03,443 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:13:03,444 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:13:03,510 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:13:03,510 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:13:03,510 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:13:11,806 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:13:11,807 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:13:11,807 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@479656595::identifier=rick, context=org.apache.velocity.VelocityContext@25448d9b]
2022-08-09 11:13:11,815 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@479656595::identifier=rick, context=org.apache.velocity.VelocityContext@25448d9b]
2022-08-09 11:13:11,816 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:13:11,816 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 6fc001f2edfd5d3d679cef7add1ebe36d29e40bc269384fb5675d551e5628796 for principal rick
2022-08-09 11:13:11,817 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 6fc001f2edfd5d3d679cef7add1ebe36d29e40bc269384fb5675d551e5628796
2022-08-09 11:13:11,824 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:13:11,824 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:13:11,825 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@42147d82'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:13:11,826 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'vdxlocal.visualdx.com'
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:13:11,891 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:13:14,072 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T111314Z|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579594072}'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient]' as '["rick:https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"]'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@42147d82'
2022-08-09 11:13:14,072 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:13:14,073 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:13:14,073 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:13:14,074 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:13:14,074 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _97fdd3155c71bf454e9e23c563081c78
2022-08-09 11:13:14,074 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _97fdd3155c71bf454e9e23c563081c78 to Response _3c4aa860a465dc7917b9786a68f14b18
2022-08-09 11:13:14,074 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _97fdd3155c71bf454e9e23c563081c78
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress]
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Checking for source attribute mail
2022-08-09 11:13:14,075 - DEBUG [net.shibboleth.idp.saml.nameid.impl.AttributeSourcedSAML2NameIDGenerator:?] - Generating NameID from String-valued attribute mail
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID rsanchez@samltest.id with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
2022-08-09 11:13:14,075 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 40.77.23.3
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _245b908a165249a28990398f2df2a8adcaf0d8d
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _97fdd3155c71bf454e9e23c563081c78
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _97fdd3155c71bf454e9e23c563081c78 did not already contain Conditions, one was added
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:18:14.073Z, to Assertion _97fdd3155c71bf454e9e23c563081c78
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _97fdd3155c71bf454e9e23c563081c78 already contained Conditions, nothing was done
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _97fdd3155c71bf454e9e23c563081c78 already contained Conditions, nothing was done
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient as an Audience of the AudienceRestriction
2022-08-09 11:13:14,076 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _97fdd3155c71bf454e9e23c563081c78
2022-08-09 11:13:14,077 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient to existing session 6fc001f2edfd5d3d679cef7add1ebe36d29e40bc269384fb5675d551e5628796
2022-08-09 11:13:14,077 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient in session 6fc001f2edfd5d3d679cef7add1ebe36d29e40bc269384fb5675d551e5628796
2022-08-09 11:13:14,077 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:13:14,077 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient and key rsanchez@samltest.id
2022-08-09 11:13:14,077 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:13:14,077 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:13:14,078 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_97fdd3155c71bf454e9e23c563081c78"
2022-08-09 11:13:14,078 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _97fdd3155c71bf454e9e23c563081c78 and Element was [saml2:Assertion: null]
2022-08-09 11:13:14,078 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_97fdd3155c71bf454e9e23c563081c78"
2022-08-09 11:13:14,078 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _97fdd3155c71bf454e9e23c563081c78 and Element was [saml2:Assertion: null]
2022-08-09 11:13:14,080 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_3c4aa860a465dc7917b9786a68f14b18"
    InResponseTo="_245b908a165249a28990398f2df2a8adcaf0d8d"
    IssueInstant="2022-08-09T11:13:14.073Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_97fdd3155c71bf454e9e23c563081c78"
        IssueInstant="2022-08-09T11:13:14.073Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_97fdd3155c71bf454e9e23c563081c78">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>EiNPEwg2jmuCQrSB+RjM+U9Tutk7dKPTH8K/lt0MuTc=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>p+Vocwc9CQVCgsHMQiR6Gx+VSQKUoUX5SVl6lWpZTMVHKwt+CohRInbtGh7zzuj/b2NaRLVsaNQgrmEIn1hLl/L8zv1vmPhTtpOwCN1uScUjrJwYXCFNpQLUVkk9XugepLJUDlTkCwgDwqbqWqvHZ1pzPvpS/Y5Z7Y02yTr5c3Yv8E6/pJ1nSaCKKjKLj0r18zEGxpoENrqKVXPCahWttFh+AUfoFpwOWPTLOJXY1S5MImL0nNyWB3EnOuxbkrQCEoUcTdeuTVVsi1E4jsEetR6divH95CWM1GAuvwL6uDYyP/ueettLFMFExsKrJreaOwj/qWOtuIsdxLiLVjK5BA==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">rsanchez@samltest.id</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="40.77.23.3"
                    InResponseTo="_245b908a165249a28990398f2df2a8adcaf0d8d"
                    NotOnOrAfter="2022-08-09T11:18:14.076Z" Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:13:14.073Z" NotOnOrAfter="2022-08-09T11:18:14.073Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:13:11.816Z" SessionIndex="_68157fcbf9acf674f4c5445e3cd99ea5">
            <saml2:SubjectLocality Address="40.77.23.3"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:13:14,081 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:14,081 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient
2022-08-09 11:13:14,082 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3c4aa860a465dc7917b9786a68f14b18"
2022-08-09 11:13:14,082 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3c4aa860a465dc7917b9786a68f14b18 and Element was [saml2p:Response: null]
2022-08-09 11:13:14,082 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3c4aa860a465dc7917b9786a68f14b18"
2022-08-09 11:13:14,082 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3c4aa860a465dc7917b9786a68f14b18 and Element was [saml2p:Response: null]
2022-08-09 11:13:14,084 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:13:14,084 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient' with encoded value 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:13:14,084 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:13:14,084 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient', encoded as 'https&#x3a;&#x2f;&#x2f;vdxlocal.visualdx.com&#x2f;visualdx&#x2f;callback&#x2f;VdxSAMLClient'
2022-08-09 11:13:14,085 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient"
    ID="_3c4aa860a465dc7917b9786a68f14b18"
    InResponseTo="_245b908a165249a28990398f2df2a8adcaf0d8d"
    IssueInstant="2022-08-09T11:13:14.073Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_3c4aa860a465dc7917b9786a68f14b18">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>A5nudY6sVeLnzYG613IN9RGtPgYAXMJrCl6n+6R1A5I=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>MkN/gWz9YGE+mgt/ftqaQw4K7R6LFIjS9FA2TztB0NhcImGmUMq6MiZG77ph/U2aySqmMaK4SwgryCJnMykpO5LPic4wefgaho56XOb/QD9OJ2EtdLxkld05+mC5BAMqTkuf5rxx0njlmaDTl7nI5VdkzNGI2JjyvxCUMBG9ogn6qT/vlpw+725gDFtuxaRQLDLLgJ8+ztAh/2dc31fjy0wajIbuvcRwqiMBX2XIITytOGjxGHNjJw2wwwL9qFcEr+sJr9suro1oOmWYKDhr7dDgNEm0WdDJcwMCeYq8bgic+pZW10mvCUM9+WWF1x5sA38sfJgIttf3K6b75QrJWg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_9b46ed12b76c80da153d59d2dcc0d1d0"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_42279f423f22ce7c0ab7ea9bc673772e"
                    Recipient="https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIF3jCCBMagAwIBAgIRAKrILoTQb5hfg5cwVhj1GRswDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlv
biBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjEyMDAwMDAwWhcNMjEwMTMxMjM1
OTU5WjCB0zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTE0NjIwMREwDwYDVQQIEwhOZXcgWW9yazES
MBAGA1UEBxMJUm9jaGVzdGVyMSIwIAYDVQQJExkzMzkgRWFzdCBBdmVudWUgLCBzdGUgNDEwMRww
GgYDVQQKExNMb2dpY2FsIEltYWdlcyBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEcMBoGA1UE
CxMTUHJlbWl1bVNTTCBXaWxkY2FyZDEXMBUGA1UEAwwOKi52aXN1YWxkeC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo1G8KWHflpDHy/hE1qeVQnuiyQTttSvVa+fsXvs8s9/g7
jAg0AgTvKSB4Z+8rcS2o/ZqIGbtvrDYDU/ePWMtDTT+tQgDc/I5R3hL2CNusOgLfLpwPuOdCIDyA
HTSJf0h3MXxZCS+AsVRU0cAQOmAYb7wjl+qbymv3a88fhKHqP9qKlmCcnVpCCZbpcWNymAtzRM21
4euNOQx8rbJOw32WMGQlKJ95Sph2tk41QMtgJKIZdFMSlua3qQEO4AJmlPqPM6LETVTTtOSRYBGd
Fn3DevVQNvxfn1v1HtBn76o/Mxfpe70LmDcJ89gqMJwsNmGC37JZ7hnu0WDEJiLwbxMpAgMBAAGj
ggHmMIIB4jAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUixLms64r
PE7O7p0aqReLUfdySyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUH
AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0
aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAnBgNVHREE
IDAegg4qLnZpc3VhbGR4LmNvbYIMdmlzdWFsZHguY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBObkHT
R69VW5zExyvxombx/00noMSvUPKeRuJJ+dXOQywlxG1PxKi1cAXvKmHLqh6hWS7Y1Sz4UNj0IMV3
wY0O0TWznnIgYquO1zeWcYnrGVD31+/xgog4P6m4ft3mlbdHpCyrfZiqSlQknvjzVQjY66+1/BrG
qYPEV/yXe4Zi2gzQjV+yCVbNuMFp83Mp2J3yCL+vO/0FcS9gjZVgHfAsNPgrO5Lxli4AytVs7Wpo
Ypo2MtQTHbZfx7PE5dsIruu3MXtxRWbtaKPfE3vsy9pCRrFd/RBvx7L38SyKhkSqG9ng92B97BAM
/o9WoUuak01x3KxK65iNQPrFhOrMSJK0</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>KQZ4K67/sIwNvCXNbIrefhfyxVETlyY0wyMj4iDyRBywYsNPYxnc0GlvoRvGqqETqIGf28ODEwdmfeYSM7VkGSYk8J2YdTtz8tfGdhx1BzNnk0+ZoBuE9ubhVP2mzDMU61sqpOv/uu7D3HzYO3h0/G48DECw0Yc9fKWsALSLv9uiH9qRsE3zL9B8kGy7B9lH/6me0lpa6PkrLvHWe98NvNyha93AYiFuYVzOQ0rfhVWFSxsOiSSYZcVqqnFrivwwQ5EKMfeq2spgNMulOBVatrzaVpMmSV0DEfCXbOnvjXARoFB1znbmnpfdsfW6Co5EbG4606db67yHf9qKFEpFHA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>lYPvKzcW+V3SNuF6T6YKVrpIJlAIpjrTJ8e4Q71N1hAZ3ueUi3ot0pIcYayEfJPw/pwRZ2r2umTmKAfhcmgptmP1tYVrwruNPIF8iIJP2w6jqhO+YECgDKQv9IiQhtgZxtDF0ZFMONqWPsTfvjqGoCSWqC0/GOhJ8aNGRH5E+AhytYy9mrrcCF75Sz8eNaID0khnCiZFYveuUAZD3Zsw36fgl1/k+k6hVnHnbkcJ6TjViF1eexTMTQ4pGD0POsiSMkpusqT7i+cpqz74HxGChkJQuY5IC4jS2ctFxsulWXQ8aWxmVbB+D7l9nrJXHnY7q1dcnLThSmiDqYe5u5k3eyhY/JyU8dhzg0HgD1AF6hzYdwcapoTkLkXauq16DRncH99DNZOOPKa8WFiot2dJjwcuDDwB3s7rOFjjOCYijfdVFSvMU7RyBahWDN3q9TkS8qwZ2axMUrHSy3n5X/rsYZl45/swAqXNTNC0sFn52zWsavVYZRXgjM7Ok/4SBfeKUhBbzysnv0kXf7OMiBC/y1IOcwDNcyIX3QcNAnTZTbHW5AvE4+b/odCTBe4T9RB90XuNtZKv3Bweug20e7fE345KKwdvN1lOyc1P6W/2hOIthoJq8ChYQgNcfsyW9yhA2KS5+HSCrF1wtLLuZTvgiWXbcWcMWyJOvFR1NJUvLeL+xN9p9KjaW0RJI2Vm/mvFzq2Hgg2sL47jUVb8Lvy+ORT0DW11KmNHxxWSLdAK3646DhvxJuMCC6XbDt47lfSN5PKmqDd1xIToxpEXEAeNiEvVSlpzBh2i75Hv/AvYWFE5FDLy+yTR1AHQR3FixcIOZSyAaxLHWcFVyJZ0CGzGPwPxeACbfK3PmKPfebViW0CzK1jyTrH9DjWHqNL9MyRRqddSm3779VXil5GGJpHXFe5ec2X2+gGY4YKrAUwzngE/4RrFcqTKGa5dSyhaJ8VMj3gWD2y10ugQgO9QnNc1A04M8vswSowcdX16lUsxT6ZgMQ5owlcV9SdMSXvXilKt4Yi8Deyt5fmhf0IZiOZtQJrNPE0aClGWvPLwnpTEMmcMnp5nfgaX6JZgnx9Jwf44zFgT2JGF5DwhdmLnZxsj0+HabMomeP+TpHjGVVNM5PFznf6Tkqoj8yBMQIa0puNbbgMhq6b0bFZyXM073m8Fqttd7YP6tCzVpesgG39m69tGvJKwDPmZkC5WROVZelNRvQ1xGBBLGXLLUnaehO3+2VhgWO4PGH+lcqzI3kloSBSY09TLP9idB174X52frstejwvVzlqMh1av9ocRLtbJZqmWiAOzMd+ZLd28c4luIJW2fAmGLvvy58daY6UOZxQNhSft7krX2SAKk295iWygeuhbJlr4aH8kO5OCXVVbmP03UsiE3NmqRGuZi4XfDsxeeefvNSgg98rQiwSW/RSjodWmECanEG/O7L63bGkD164Vk+QMLLcjsze+t2qAkzS2e0NuUiTcKltTqUTGaCnKs3y/lI6WQrz/Kt5OEIsh0+HSAstAAUeIxHv01sKxdt5cKm2jrvHyv2fL+VoUuKtMHJaWbst6iYVBTjUM9zJcXyIQLWZ5D5k9yzvjw9KvdyTRUWrkOl95aiv/x47XaHgeyAamv/NB0by2r2um8qf2tqL8S2ZH5m9A5UgOeKtp43DTYh9OqsdHA5t54j17NaGqVY5SHJeyHdd1WBWaa6loSjSFbKR8/zCYENdJd/NdYmcWqBRPwb4Y/e6qxsSTbBOp/koU94ER5cYVELTNuAyso2QKjAA/r+OUSmNKUz6m7V9YKbNoM5MPPmJ5w+lIcemZZfpEiLcCE+UrZRl/bzQLUkyHBcwWs+Cim6vAFhEFJyIiVWfe3PXav/BEcIB5tdVGxG3N06cEqbKvriUfeKnkp4hNyzp3177EDdtCMFLWrD1tOkRgE5yfROYJOUSvrSEIT1nz5j9pzoZb2dhmfK2dfZWZiUGXqOdmCVfNb/peVN7Q8D2Cu4RzRKJYdHRQKfVX2LRMYMSNbR7BXRZ8V9Nm7oJGcAyMKrBGjOXqA0odoc/9q1vF535SZoh5Di2hwm9ULVkrV9XVGwo7aU+7oK5+XsH4g+U600fVV6k7YcVpN4bN8zwS4o3I0KQ69mRckIo8QXPbqba5/EY/+ECIMJd82zt50N/bC3xVuLu9JGpylovWwMbGF9Sar10MbgEbkAdFsywyRJItcwMBt0HSzQ92gqGi3g5iaXO18bu+HtgCBP5fEKVG8hVMkaE+TGKSXKOW9pVZZxVp/ONXv+SiDqWdWvZEUxNkdPLRYsbLD2ebDOuyyveukAoXeFDKIUqv3rJF6borWzOmO9O+5B+Whu3TvIGLbLm26lwH95giOdvA08vLMSNwNFgvcfFQiJ22TrLnh+oDE4StdEgGPQS6r55O0EOgyuzmCj0kpqzoQM2nDy8F7wHm1yM47gxDu2bmKqSZICMqwr7Sko0ciHhCpds31wOiFejf8KqUknyyOY6gUVFdgIbj4lHhs53obq4YlF494rH2jX+O3AvZn5nLzTEUMWNhCmZMUUZV6iKJNwXNi/BvjqWLxcpLlZ6hacLbZasguq0UDis7nRAQSIULl7ljZUrUoB001oCgsIe1393WGXyn6OTy4fO4zVY6VFi0tIIEk7gIVUy68tAcGvE0FV3BaLZk9gH0luGiBEoBj92ka7UVHh9zUwsZSA/gJtu3Kn3WgItc2uCjtY96kFxHw3YuHxuay8hN0xqE2PbrbAwiOC3HoIPPlVKqLVXWkPF3bORitlmGocRn36MhUrgZEQTs7gso0w3dNEaCLdNz1DbrXpY4jxgIQyngPXRFlkQvWMFe3Bnh+S9miKWkWmr635c6NGYAobo5aPlC+Yr3IvOP4FU9TSHMk21HJRtTZgH5cbcQ92PYKIrVDrDd7P4ufx1d3yPIaGcwnScTcAqGHwgUvpYbYKM1DWXf/yrK/bnT2h4uztKNeCQoFSY+627KJqc8cZtv0kunCBSv86NXBzkaEAlF9B+ciEB3KsY4I8MH46BubeGfXD3bWKwdDRPfo58fn6eXR+34pHiJzk0gnkyB45E7swiP7G6ALxB9rP/NcUv5SPBeO/C0YuqzFblcdJ4ZNYSBlHfERKgypnxrb2t8F8MRzsuMnTk6s3I6iZ6NJ5AlCKjaBcqh3g2wMKuClBj/LKMC3LAO+LN7IJFEdL8cGUX32PjfpjQfNORk1WERYsb9UxIRxpm6/JcNyf/zeT3T5zIvZXul4vB3taW02BOv8zTbozKEzanNEP67NvooO2+C5Lf/OoUh4i9PsGjf14+Ya0UDBDN43eQNGfsla4Q+eAfp6RMnZV9wvNq/WYVatS7DVs9Z7EOBg/u5IRteA4qnn78gHZu17ndTFTvdhERyQAIjmnBhF5LuNX+2UoedYHbZIFuzVv7XbzVvx8PXZMnIHph/NkDk7NQlbFasO/yvaySZ2O/aUKL6ovLvp+Uv/d+tz/qiZ7vtf7B+YPyIAR2BjobRAE41vV2sA4jzfpGCSx1uAaBqam4+uO4+gyktaGVMYMj9hxkEfBimDIqRdAgHS1F54sNZTRgW0R2El8Ro7bDXXpzvkNxYVrvksrDuzI9/8i0SwFCF0PgCfn76/SpjyB4Lahavhhj2lJQ6zbLK5bZNoIp5uVKggV0+HfbbVyLTp4sXiWm9PMw6N/erDzqSXf/7dNTLf/4TLkkXqPYimHTArarsGDL0in/ZnaU6ecb0uUrAPU8BPZKZ65SIWP/ngE/TgibODX4HJG1Ax/9Z92xzm7eEruA3qXLTff5E8h+ejoplsFMZu2DIavEfcE4PUsp0gSNBVkgEHtsIsJevK2MC1ybC8i8EqOMUazT4Np/MOD0xSky9J1w0UzSW7vHtjUf8+1BpzPusdiXgpwqWIwEM6eW/AgpyEf/+39uyxHFd2JAKuC6id9Cu0L/CjhTlU7dQhUBiTcclnlcXTV2tcPj53zFADT2HX1hCc+Gjc2oevtyF+6LxBnr7jXSdHC8FAiN9BG0sVuMnTOd/atftSGN1MiljTDxR7yapKcV6yp7eFa+ZVplyfWYKFjkzrXW56FcZhewnvsswTLhaynMeR3LqsEkOB2dltuit6sYwhV5wJu6FMlIxh4bzAlB7f7Q7Fjb94wCGQ8Z3YtRXXW8PWcy0tZQPQpqGSupAkhmloPEZUiagKBJUBPwE/02vXgI2yExFO8nw3sJkmivrS9sBWSnhXtL1tzytLFprDtynDhl8kHC5mxincCEbIoKsdB2Dp1ReiNUGaKGzXX7TaXTQ9UCJG/AIrEZ5bie91EKjNiPI3oStxDIaRPnmCItUu1UwhHESWe+LirfOnwz+/GWvoQjoR3KeHmfRHb0qJZ8jNR+AQGBNDKDRHrq9rwHCTItqHfg9ZTZMDK44uvH8bC6ajRcz9rBO6ZogWGbn3lik+vVgxfBTMAaL6ZksmDyZ8cIUo+nyfFv5e3aCG7q1mZuUCsHioY63fhezIt4sWzzA6H8cqcXFLGJrlqjMbSk9bDOfYd4zslwPwv/OQeltVj8d8FIJqybAQsj8zfW3zQc7eLDdxoret0ZsLhH4dww0mJOMdHaD25jxwQ4pymNwKw8xvYUc7GZzZodD/39h7tGY/Hfefv5FPk+aJFkEWoGpZshf3cJTJumU7zEZA9Tn1o5YGjnTpGxtEwH3tNPRjvUl7rKkocwFm5qkE2WXUivCFJyinzEv0Dx1xhTBZ8NZ8VdPX0I/3O7K/Dpq+1Ir/5hL8ZGFAlNXboXfzAD/xYPWW4IJ+0hUAOuGY/eYUmTLBaFTXXrV7/P2mc5l1Y6+AgrM50HWsEP4Br6yLsDh0IhMM4tXpnGjHU0jQ1flttEo6s7jdDpIlbWRENsHmVBJE9BF8dF6ZoLd6fOA0CjY5APDd6FGlzFhULBZxMwib+hh4Uo+Cv//pSIkymnK8qXfdIpEkBYLvvQPwv6XGFYoFS65n6whfSbHUMisluncY/saBp87wbAJIDzUvpLl4cxtCA/5VRvT3nfYAFjrjEABYPuhoWjoVBy3u4halnWbFJHgKFZhIsYPP1JFT8FEeGjQD525Z1Eyz1lclcPpzwow02KnHrlJjUeio6a0l6tWDlC+uQ1SD/H/ZEx85fC5+JQNXxIP22bAMQ/rhLI3q65VmbdnQy47WtSKeIM/CfFbETaLma7bxyzqY0EB2r3ZIqG2UZcUGw1KKopAZsw0MaOKTfsw1j+uXA8tWzyYe9cLzV/fKhHtS2jgQuxp50xc3sHaN6XSyOMJzSvfdlQLRlWdVTwD3D0soNJJlIFRkJoyiwJ8pXP4Uh9nt6v+iASu6ZPGKVV51plF6w4tIyVm171wZ8NHVs1kbxab1LYam3iuFs0TW8Ymuafg0zqj+S0FIV2T2QgvNU46GFS2ZAhg9LglfIXuW2vy5kRDl3SUqWd7L+cxT8G0OLNQYDmReJGRg2Dxpz++Cr4k+N7cUwxApkwX6Rgsml4a9zkmw6DVxQ3VGXtySYE0qHmNqbeg00H8pidsi/Xpf3Nx5Y8FfnFc+H+FrS/yxfO39yp22stagndD376mUuf0vPe0RtNjNKZl33Z58NkH3u338tEbVP6Eu8QQZCZqj+G77tryZjpIikyWXBYlmDqVrlGM2h4sGUfpr6AFPTPuBwJ2zhimYKFmsxicNzpMhO4YWpQ/rHvU6xeANQg6PZU4l29A6ES31d9hjNHKEK4ZBBoZpplc2L1fpnNfdCnWC9+1jMeJky8oG0bft6egORi8YJX7dkx+MBfr6UWbq/tISKK5vG7ChFRZ1Z5RbhDCwCy2MDSc3c/v8eewggASJHmwiNeFwymn8GFURxXGEAkL07U6JkeBCs5hDpTAPJU4WP6MukNJk2ojaFsWVJe74UGrSXRu85nT9KESwLA7lWTi8nNDoxGxjbvK745rTYQmAUAUjiODRWNVCwczncGsdLfqiXgFdjHzvPN3eDWAne83dTGu9O0uQ1pItpmDcuUZSFrd9wThASJyCkuneP8kjSt0I1udAj7nvsVWvbN8G71581dz3ICOVM0wtxGokJF18zG0t/hmFbFqqpZ0U9zB+yl+hEM5WOgHM4KpDwHSf3XdiM08JvIcF5DB7HGdLYihOAi/dNCUb6P3Czs0bF8N7nD/CQt0NL2Op2xv7glnNk9xq6ChFL5SCFREGz8vMLFsx9QookhdWi26pJ0T+Q1a5LU8Pw/CjqPGo1mYqhUU2LeYX/flLneptqsTaKUroX/AkN9Q9nNQkwG8uwZuyBnixznB88LIsi17CHzW8DY6N6F1gRIbbMqbAcJ0iyFGYmz19OCXhanU7BGJc4VLqJRr0juhsGDozJOniyTQXFc36aAr8zIQc/6OGMtRqPcF0l/PdziFBXJY9IhvIjLpyEnJFRiVTxVpzFw+qrwOk511OfqIkW2lW8mFfYlPizmOv6/b8yYwqndniOyGtHxIDXi8YuTcP5nQ2FX+ZXziSGVcZK9+KYaovTUa5MIxFesJfYbWUTYbqv16kcyypL8i584FLY1kvK4LEIquItI0yNgsx6I3sS78WIXBSWzy5n0Y33x/+xXf9zaWPJ5IGiFNAJTwsaW4f4Kw+/fYsyM12RYwkl3k7Al4tejO2sh4g6P/59vFJ8S7BcIbSSEeEkKC85ONBiUWaL7Bz34CXGdi0SurrGGtC/qa34jRmfQV7XxyZFeKL845Xba0lUuPzs+tcouq42DTVm9VYPMRQC1le6qWrYxzO0fhyiwlHB+HbdWRH5UlyUcrNWSx5r1X3ZM8d9PFhejDD6GzfZO68G025nfzje0e29LgTs6yMb7x1XSIVLzDLam/I13OqQaAHT/ZVQx/olk+MdfjkfU2sJCIgD9k6g6gL2WM6jRtx6t4jpLX9kXelZo92OuVyUiu9AxfLaOST/ZkEddwUfu6h93DrKbg2f7HOMLi3cbwGKHX7OXfFiAmbWZpZ+eQlrI3I2aSG6qaT6gM73cAsfUnSLunn0NQbrxtT4Wfx2MrCAf7h5T+whsyfsC5WIfdD7CYPxKGNVq4CkTeWroNhz1QdHOPOXnHzFG3sbNt7btyIm9ltoFNAnW/isrc9eRW6ueW3l8wm2+RDJj9pJDU/FKRVlHSHK+S5V1Qbi84TKETbZEwhV/0bapJgxKJGtj0Qw+XvIckL9q5vSkaVZdQdBnrjnjgYdiFihQJD/I/SPyCD+qA9nOE0MZesb+kcDFi/gTZ6hoN2bpVXSvjY4LAivKy157Jq5waLlRXDfceIHPHg5avGSSQbJt02NW2LW8asO+c541LH2hzqDjrCnGpnLgz3H/ZOhBs4kKlQJ56vVZ/eI1amYAcORVlhJl6FZxkPfH6Aut03WDA/bCUm7CWbpMSit7L5hLIzlNtF3fgd4iq7bllo6V9ZQQiG0DFFQMbaBE24HPOhJHr22ksCJF+Qy8UZ65rqORbFwEWgU15VcC/kAGSwK2qxm6P1oQI0YshiCDuZxxOSaGfcEo+RXtnqDX1dYFd9lcAAG494k6koYnj76WTFi0z8AaDPcO0seTrj0ZS5/eVGbnzpBeMb5W4p1i6UM5L1boTOAD+miKTvZhWdyq0KwkhtlTBGWzm6HWjoh/4TZnCpBiDv39uxo1UWCagTKsYgnYN73Hyeq98oLLxAkkD2o7u3NQiOA7JLT1opNidYgSxYK7H07a0hSCF+MY67m5MehItK32oUUBG3bTDjZNZQIWKERZr7dd/4+gZP642PopdgvvvmL0lbv8oxkG2+s4FuyyQ9iHAP/u43Omwh91w+7Bo/EsqYFNkkOKRIn/ij24/x48z6RnnlV9VfQAcy65obg0IPRfdZB7YOtD2qlM0UODoC6rI1uFYqbHMoX1ZO4IugZ8fLJhwB1m/AsLPPljQ1ALnTCecFAFV6fSfNByBUVYTJCGfcB8lFS4upGHBOE+ZD4xn76I33eoDqUZkqvzTEN8edNel9LjzVUBMgFIp5CvbLtmuoYjKYKMR9Nvm7AFYc/71cS1oStSe1AeVKW+x2jRwGoZZroVVV+9aV8RwCx9pmMsQ/bWeXFskyaY7ud4F6j4SRdqdka0ilr4PJ7F1De5Ey7Y36uaeLVn0pOh7whNoQogbENTo2OQrAtKzw9+SS75kgqGiosatfCkhlHjj5Ej6/PGdDHfDfFoH/Aa3s2x7uKybWZ6OcU1+FZ97lNXsMqYVVrDI6lZyvH7YWtgDd86nqiY/Hxqd/EEzo/TV0jkGTbempdwC/iw=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:13:14,085 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:13:14,085 - INFO [Shibboleth-Audit.SSO:?] - 20220809T111314Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_245b908a165249a28990398f2df2a8adcaf0d8d|https://vdxlocal.visualdx.com/visualdx/callback/VdxSAMLClient|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_3c4aa860a465dc7917b9786a68f14b18|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|rsanchez@samltest.id|_97fdd3155c71bf454e9e23c563081c78|
2022-08-09 11:14:22,013 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: mkhwLeILsaStQhnaFSnSZXdA
2022-08-09 11:14:22,013 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:14:22,013 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:14:22,013 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://localhost:5051/Saml2/Acs"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="id56cffc441a664e48a45e190528d574a6"
    IssueInstant="2022-08-09T11:14:15Z" Version="2.0"
    xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
  <saml2:Issuer>https://localhost:5051/Saml2</saml2:Issuer>
</saml2p:AuthnRequest>

2022-08-09 11:14:22,021 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://localhost:5051/Saml2' from origin source
2022-08-09 11:14:22,021 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:14:22,021 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:14:22,021 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:14:22,021 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:14:22,021 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:14:22,022 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://localhost:5051/Saml2
2022-08-09 11:14:22,022 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:14:22,022 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id56cffc441a664e48a45e190528d574a6', issue instant '2022-08-09T11:14:15.000Z', entityID 'https://localhost:5051/Saml2'
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://localhost:5051/Saml2' does not require AuthnRequests to be signed
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:14:22,023 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:14:22,023 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:14:22,024 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 2 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://localhost:5051/Saml2/Acs using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:14:22,024 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:14:22,024 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:14:22,024 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:14:22,024 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://localhost:5051/Saml2
2022-08-09 11:14:22,024 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:14:22,025 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:14:22,025 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:14:22,025 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:14:22,028 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:14:22,029 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:14:22.029Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:14:22,029 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:14:22,029 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 0ef78a45f82d1aa1251624558a9b227f751be9a176c9b67241d99c9314f2cd4e
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Primary lookup failed for session ID 0ef78a45f82d1aa1251624558a9b227f751be9a176c9b67241d99c9314f2cd4e
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:14:22,030 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:14:22,044 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:14:22,246 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-08-09 11:14:22,246 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:14:22,246 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:14:30,710 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:14:30,710 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:14:30,710 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1081949772::identifier=rick, context=org.apache.velocity.VelocityContext@1c317f7b]
2022-08-09 11:14:30,721 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1081949772::identifier=rick, context=org.apache.velocity.VelocityContext@1c317f7b]
2022-08-09 11:14:30,723 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:14:30,723 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 3d0974fc477c57c7ecfb7b46447ea35c841dabeea31262a2143888edca4a6fd5 for principal rick
2022-08-09 11:14:30,724 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 3d0974fc477c57c7ecfb7b46447ea35c841dabeea31262a2143888edca4a6fd5
2022-08-09 11:14:30,725 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:14:30,726 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@972d168'
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://localhost:5051/Saml2'
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@427d4b9e' with context 'intercept/attribute-release' and key 'rick:https://localhost:5051/Saml2'
2022-08-09 11:14:30,727 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'rick:https://localhost:5051/Saml2' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1686397949444' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@972d168'
2022-08-09 11:14:30,728 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:14:30,728 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:14:30,729 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:14:30,730 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:14:30,730 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d
2022-08-09 11:14:30,730 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d to Response _e962320ec1cdd18fe046c5bb9db22c57
2022-08-09 11:14:30,730 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:14:30,731 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-08-09 11:14:30,732 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:14:30,732 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxShT4GaEpZQzgtH/oP47sLx6fVbfLVWKFQ6MAeH1RrwGAI8XBmFv8AW+7G7q95C5mpFLk3U26elTWhBh1mHftKtwf7Qls2yluE10Ge/RTsl8TdBYIRINRxFwYKyxNEAI= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 82.180.145.58
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id56cffc441a664e48a45e190528d574a6
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://localhost:5051/Saml2/Acs
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d
2022-08-09 11:14:30,732 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d did not already contain Conditions, one was added
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:19:30.728Z, to Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d already contained Conditions, nothing was done
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d already contained Conditions, nothing was done
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://localhost:5051/Saml2 as an Audience of the AudienceRestriction
2022-08-09 11:14:30,733 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _547d2e026ec1f66b7c8a5f9a95dc0e1d
2022-08-09 11:14:30,734 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://localhost:5051/Saml2 to existing session 3d0974fc477c57c7ecfb7b46447ea35c841dabeea31262a2143888edca4a6fd5
2022-08-09 11:14:30,734 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://localhost:5051/Saml2 in session 3d0974fc477c57c7ecfb7b46447ea35c841dabeea31262a2143888edca4a6fd5
2022-08-09 11:14:30,734 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:14:30,741 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://localhost:5051/Saml2 and key AAdzZWNyZXQxShT4GaEpZQzgtH/oP47sLx6fVbfLVWKFQ6MAeH1RrwGAI8XBmFv8AW+7G7q95C5mpFLk3U26elTWhBh1mHftKtwf7Qls2yluE10Ge/RTsl8TdBYIRINRxFwYKyxNEAI=
2022-08-09 11:14:30,741 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:14:30,741 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:14:30,741 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:14:30,742 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_e962320ec1cdd18fe046c5bb9db22c57"
    InResponseTo="id56cffc441a664e48a45e190528d574a6"
    IssueInstant="2022-08-09T11:14:30.728Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_547d2e026ec1f66b7c8a5f9a95dc0e1d"
        IssueInstant="2022-08-09T11:14:30.728Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://localhost:5051/Saml2" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxShT4GaEpZQzgtH/oP47sLx6fVbfLVWKFQ6MAeH1RrwGAI8XBmFv8AW+7G7q95C5mpFLk3U26elTWhBh1mHftKtwf7Qls2yluE10Ge/RTsl8TdBYIRINRxFwYKyxNEAI=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="82.180.145.58"
                    InResponseTo="id56cffc441a664e48a45e190528d574a6"
                    NotOnOrAfter="2022-08-09T11:19:30.732Z" Recipient="https://localhost:5051/Saml2/Acs"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:14:30.728Z" NotOnOrAfter="2022-08-09T11:19:30.728Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://localhost:5051/Saml2</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:14:30.723Z" SessionIndex="_877629a83ca6d57871cf30786cfe72c4">
            <saml2:SubjectLocality Address="82.180.145.58"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:14:30,744 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://localhost:5051/Saml2/Acs
2022-08-09 11:14:30,744 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://localhost:5051/Saml2/Acs
2022-08-09 11:14:30,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e962320ec1cdd18fe046c5bb9db22c57"
2022-08-09 11:14:30,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e962320ec1cdd18fe046c5bb9db22c57 and Element was [saml2p:Response: null]
2022-08-09 11:14:30,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_e962320ec1cdd18fe046c5bb9db22c57"
2022-08-09 11:14:30,744 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _e962320ec1cdd18fe046c5bb9db22c57 and Element was [saml2p:Response: null]
2022-08-09 11:14:30,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:14:30,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://localhost:5051/Saml2/Acs' with encoded value 'https&#x3a;&#x2f;&#x2f;localhost&#x3a;5051&#x2f;Saml2&#x2f;Acs'
2022-08-09 11:14:30,746 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:14:30,747 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'mkhwLeILsaStQhnaFSnSZXdA', encoded as 'mkhwLeILsaStQhnaFSnSZXdA'
2022-08-09 11:14:30,748 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response Destination="https://localhost:5051/Saml2/Acs"
    ID="_e962320ec1cdd18fe046c5bb9db22c57"
    InResponseTo="id56cffc441a664e48a45e190528d574a6"
    IssueInstant="2022-08-09T11:14:30.728Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_e962320ec1cdd18fe046c5bb9db22c57">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>t0FcU/3Ces6QOIaydB7UH29j2LhWD8/7reNE4QH02bs=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>XPj3/x6U5pNkli2slyOkBO0UZdZlshnLB8mTcdwrL2zaodW22zRWUcSl+/TVRQSIHbnvWk+uR4sgBvDa7n/s+akWeLS1BTugmK9Ovhd5csWZWFmWe7rlqGrkUFIVd016jxDf/EIUDRaOR03FeXZ3YvXTQyjXrVZww4U/r2BJuk8GtBEdAoh7imEwHd0f8bHDVMJ0FnqUYNQ/7OM1eRBGMFQ6NKO0/aF3ZmK+YLkfl/LzVSKNnM4grSVmdOtcb5N3l9c+PvlS41QKSUDBF3iFO0IGnX0bWJ0br70IN9TcNRDcMj5Cp6DyeoiD71Gwyp3HF9gk99/HFMh3MnJLp73Oug==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_d9c75690c1dfa9f633b56d0029d93001"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_502fe2bce1b226456acaac58e71ba068"
                    Recipient="https://localhost:5051/Saml2" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIDIjCCAgqgAwIBAgIQyl66X2NfPZ9ItR+QGeFgUjANBgkqhkiG9w0BAQ0FADAhMR8wHQYDVQQD
ExZTdXN0YWluc3lzLlNhbWwyLlRlc3RzMB4XDTE3MTIyODEwNDExMVoXDTM5MTIzMTIzNTk1OVow
ITEfMB0GA1UEAxMWU3VzdGFpbnN5cy5TYW1sMi5UZXN0czCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK3KOkmZiRCRh37yDqhm7YDpmO9NqcrKLqDr3PLcBa46sGNKcqOtJ75mHvBWcxnR
zs2aY2lidnHXYZu3Au5i2Isu/yC2gYTfnsSx8gTf9nfkD0IGc895cJyw9jmiTXY6N85yjVY0GFee
KxiI6GMQFN/MSh3kftRGF8ERcfjTV0GXByMAoo1xAUwHZeEF+nc5xp4nJ5bHDL48cWyh+NtuWhXg
o7Be3S0cJkW1gxwEuflBETR6S7+u7IB2N6LhSFoFpiXE6F53cLlYbxgaXoIfliGQBvryPAvpUIyY
ItZ8rDfg1x1SPEGsJBcTSUopoOGBd8DSP/Kx7eN7yqz3LlG/CE0CAwEAAaNWMFQwUgYDVR0BBEsw
SYAQuuOxcm4IHKU2M9sXyo4A9qEjMCExHzAdBgNVBAMTFlN1c3RhaW5zeXMuU2FtbDIuVGVzdHOC
EMpeul9jXz2fSLUfkBnhYFIwDQYJKoZIhvcNAQENBQADggEBAJbFk/8vvIzn/4PdOwqHIez9vDtc
AokXoEm2bJrwdAGnhZ6ThEgP+Bt0H1jtHQrpKqOEAG0bKyCg4WQBcrWXkIP+9WSerpPy7Y2d47hY
uQASkyinCFRbnjUtfLedCcp9uSl8pcGRFBDUdTi80Ht4D+BJEAjSugIMmeTwBm1U9rFASIjzXHJz
34RbBvECqBEe6LA7nH1UQd1K0IU05Y0kuj6Hdv+QVlzRrZaY6gMpigpHNJyWT4BO8c5glm/T/UKv
Jol8oVaxiKpVNFUQnPBPhcyTGjxRkKLqZOStNh9rDg0c4uM1smZaChE+mvH9yhT4yx1KZJqwIXxX
EPrtSfPj3Xs=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>C7EuAkv7DS3MfHRZoMgZVSU4VgnMGTROG0yQWAxjn1cyjIH9K/Ly42anLQVb7MdT3MMjMBYaUWRAxp3VrW/YUDMtWpYz60vkcQ4WPY6TbzKhBYelODfrzGz6v8VhUqPHixv/3sngL4QktwbPtWS8MswvR9hl8Ls1k+Ka3EhKY4vHHBGxoeJaamJf/AOAFXwYC2FBWe4aFfIVL3I7UMVBrrGU2gMLjDexeFkAp6F4WdMla9aBdJJqDIvSA88NBT9N0yZz8A+RxwKogBIhxEebY2R+d+g1IdblBVVpHx/2AI31/nSbRiAF67iNRIE/0t1NojRf7XuJg0fEOF+JULEGZQ==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>PWB5NAVSjoE4pja35eA6JT+MF2n1mp4mVkZoDXfG3JLIlBwN2njtsqUw6sIMzH1P2i1veejzkIsCf/0591a0RJYM6qmyb+e7xOL/+ALEyMIb9Wif//YbeejFrbTUvol/nvVYwgMGXAuyJBZ/KpRvi+bN42Gq4bxo/MlPIGlPyN3r6lR3uMuPdBmwZFfQbEqUXWn6F/fD8IMwZEpHUIxpdqMCiGI+F+n7fcEPnVR4c3MUFs0G/RF9CJHTKcBDHNawZWWsNOCj0NlRxdeuYxamE0NT+qYRi0bydRU4TSNBiKQ6GNHgMYfmj0sKd6pyXJe2Dynt70yTsMa7MMU2gNHwQg5XXOxl5UWlERx2zjQU1s4Od+cWZS6r/w811I4p2Nibwuh1E09LhtdBFAu8VuLLZCMDtBf63Ysg4TDw2SlkQjpQhAyAkDGaL2JZIkT0Y0AOxtwUxubhrzeamLXslnTFB511lB4XB3Bv0zjgQPjnI4kupbHdk7/t0121cPgZFd3z5z1NnTjloEx/hpQD7qN9fNe0B/lzAtBS7d8hJfcw79NfEUwXdVh4Q+M7aduyPJQUXA0kCou2gNNwrc700gOUjg4AoguuwSsNwCyMdQYlJPORzXxhhmOl0OdaQyHdddXAlu/NyUenG78OyafvDSAlFnaLg4qisKBbQvqq6dFN1K5Xwec9n4RL6NC99nFH1uhJW72BxmxVml8cXr+o5TGxsD9PZyjjrwHuUqZoW3C9AKqq/bLxmnnPB4Fax3gS3YLTCKwntXqHdE1XxN6qwHhNQYytTcT+7/88jF9s8ENJk3ma2jfn7/My86iOzA7NCXgzIBCU7Vv1jcOi+f2hE1kSBXUjq+J96u7k4YrXIh/2wbilTpRQCXiHFPLuAtB1tT8MKQspItDfxJggFNYl7185z8ppMs3z0GH10vEEpC5wvKVUEX9u+FZHZYwWBWCNqVZVa9cd292IagpaSV9CJL05K4PJ45RjOCtd5+ws6BQdgSd1WZLhO2wrV/NnBwGVVpZVN5hV1rEucMGtSF/Ul277oaZCF4v/Oc6plkmHLx44hXOUkOnjwHA/y44wPFb1f95av021C/ozuECdCUKbkdFurF+C/3SDG/QB2dL8eoDT8M8INpUZiUNvpVDlVpjc+ykpDC9Y0x0ZP7o9+RjYLzeeLrij+lJ7Lp2bxjP21KGWsbxRY5n3r6MkcLmJfE/mNkc40+s6Cp7Q2rQfDB62HPMgbp8Tfe6WKJS7/NpKMyKHix8glbQ9K3fF01h/J6X6c2c/FmvNxeUj0BnWra9Bp/h6HHBALR0UDnrsUgpokzxIZr0PvIPz/ZbPDq93k/wT0SOGXV/OeuxQs3tlcBY3pagAMI4ndBu7I9x5efK40nG029vHJE7l8+JiZSIza1ETHqbduM2ewBjxt6q/nYXp+xOgyZguXpGWCRHr4MXILSGKOET6hqgpjZ85abOns8dN+RiYdRl93xF/jyp0vw/NsLAW67EQ/FrpT2xJMNS6Vh8Z42kdYHIyBO6tBU6n1q0KPX/j/01ZtU3Sldw/qUcSH/xmklrJIgbSko8tZPZ5nNWemyjHMd6cQMlrnx/U0cCU/rFj2e19ENEKgNN+0h9XD0XAloQXVqP6FbWPBTtT3/Bs6F1H1xY7ds6nHWmyZuGkd4SlAIP86LfOKZD1fbgvSDISkcs+i+0Mm8st6WCNWxrnUHk/a7dYJ+cYJX9nMy2hPD5RZ8HRMe9qQ9jdyde98/hm8WuJ1jlddF9GFq7xtGwFffTYL+F1fj+/FMm7VOgThtJ+WsFvqcncnGqWpMg6dJnuSuE0oTbIKpqz01OHPKmEQCB6B3kXjUYF44ros7kIdMB2Cv/5BPzsKfsoGEzhrBuijL6E2S+wR+Ce+lv7Ix8gi/jojs/UdvfW9r5DaWyX8FRSyhel6rtOq8o2aT2b8GBVyfBAUR4eDR2yZKM9nt+BZYiTzlTDLUEuFu+X+nAz0n1202JSblr/f97YOS6hj3sTlxaM2InzN55FAoOeMDrXgnN+pkAwCHobBHcFW0mY/tjdnBj4gbtfoHxj13svK3VKuJ7CpO8LcoOMk8ogYFvjaBCK9w6NxIcCxgLx8MO67hy6esyW8S1K4Tflh12fsp/irorg3V9N0OFUpuTjAgsQjNNA0bR37tZhmuCijlQlG7zmNntojW9i+oRpjwbxAbXPdk4VJNs4t/tj9aqf5qjXqdOTJbz2wufK8R9TkgkdkoqKWFUSb5ZKHF4cUbr4msYnzGaavmIW4uZ2s5AyhMbKHxz2Wlbg3wmAsShAx7mqGYFJ7fEtN1OaFOxRG9DcctFgR54OzPRGsrzNCr6c7q9PAAYh4s6r2aqK6PGhzWIOvhg+OIr0zD7TBaICXMt5l2ZKW37b2keB1det3FkYRtogmxZ4ml0yF7uHj3l/grGLeItuVyBjdqtqGaswhSSkWIsUwOKdfNgTP83I91UBgeHdt1BG7oyNsRFRFGsaqisqv9kMa7SbaatXkM2k2RROhn9C2Oe4zF4Ds4K/NmxKRycVlv3V9mjIq1NKMf85RspZw/lqtOQp5V8R6LIcqEHvMF4W9PrrHMhoAR26x1Q7qwppgJZBr10UePrdI0I+7w/RknZ5z9fVvMITkoth1DCSbF9BSo6ySVtZHeYUznAgxFIzuSRNDnY17fRrru6U+26ycukWtArWCwCHut5N/2I0Sk7qVyiMsJ8KOgcGBKDO0V6vz4oqsvQx+yJ/Hx7zyhsVEtEJsW1P6H/yEKvahDV0+CgTivxgaU6BhhLHGheOVSHEUtn+CXC066OCNYPmPeFgzfVpSKZc5P5dTGbXnieRZbrnLg3IqUqfWmk+hbWuIpmtA6xm4wC5+l0GMYDVKzeykQ18pZdTx449BYlMtscotBDVVmf0HnV7ypaGA8Ma9GHbeUmYQs6WhosXn40SzkcoQfr26KxOz4LjyICqIuivvBbVKb0UPZ8cFs/MdUTViAvhJW1VkvXIM1w48QHzF8XhS7bV1d+XaZhPMlKZH5HgOjz/R936C6vq0iHy5e7eueicxsmDOdX9W9+hhMtUcIsuNjs/zPbYuhZHw40PuYAPKnYJ2R66WzBh64Iw+HAv/2S7AHq3XttV7Zre9XFW79NLOLjc00wL0FpbMvykIIUry7TGOhImAHAYJwONE1PHlYi24uRocjcZZLv8j1ueNYvwa+7rqzXTdobNrpksStff2CJ3kIsYDlurc8PVobPz6j9iksEgM/f+fxTndR3a9b1rQe+7v5RFZIOXhZ2gx/0JNDkohHgLUESPbv+iKKvmztcRpaz7qe13+ULKDV/q1iz7mi0ha1jVRyUSiqGohUcuo6tt3yuAHEF78E9ToZg0pKe9cBTpRRTetbcc9smeUQ/tJx7HkvswK/DywALpnDBbWXrZCBqn1SqG3Ees9q7KzSzzoLZD7A5lIn8FVhX1+7KoS3MWtiurTBMcwCrs2Q9lxLdlj8CDewcvFG1Hf6ncitgG3GDRaLgqq8vrPkKpZIo1SY9y+kuxXPJS4fQDYmOmRuAjC1Y4kxYwE3jg2cFjHCzLKFfR8+OBKBpISM3J+XRkcal5JxD9BZkTCgXGbOoz+LeMsj+npIdxauWqPlXnclpWhtMVAGSBNwlQ6rEQHiqZ+p6jXOD9GYQV8D/JVcwavAxBtIpk+89As4REq/3qaycFLt5ppG3RdzDawsWm51Pm99rjoyuDs968eXjW1YukbpK6ydLJNYsVeDsJOO31jxtktXux2fuV78M0A8a6I2XJGYMqzV4GuDGZKqVmsqTaJ6geQAbfJaRSfRcl+2rAK4M6ni460ix/WX7KyzHbYhULjeY6f0pcZe4K//1Bt6isuuHa9IToK00vXH1mrl5RT/Wmb0iZbJw4U3YS1Te/WlFMK20FYHAOF/mCIMwr6Co1klO2BFkA6CPILJsGzZubV9Ug5LiVVdS9Wwx+JWxhhj8DKJEYj8iDDYLHcgdMKjzkEvDYqLYZp32H1XOGKQNwXodtlta+Ll2gMmy8+ttotmql1higDmzymzwMrrvH9nQnA1tGgiwUW7O9fSqHz1kToWMrDwTP/R7NxpVQxhtWFc4r9j7ISMOTHyWufJwAswjMqyTox0W8CEDn0tI+hKlPlIWJPDqPiSEne1IqZmrp4DTSebC3oeglPUhVUjsOirAMJzC4MAw75to39SIbXvoqGs11RmL6yZTXXnMHXIc0/UF4aqmxKHnJZcHFwV8xy9uvoJn9QC5UB/To9joiPTyWR21Y754a6oNqvpq64s+EpuRH63K++QPOSVBXVM9TVcaQCO9gdjlkVVbXQ7vhsq4Ct0YFBmMz6ITTuyFTUCkGFcYQppqrhnsLrQ3MWzbFsWB7oPKJKu37PY96uYbhGbSKXR2w0k8AjkjpIaIJ/Ave5fh6ZizOXU1wFH7L5xCh6bjNFdUFq8ECa7N9LaHlLFVrG9uYmxkRiGe1nsfmIAnnodXMfHFTjkvbnLYW5FcNZElB0epvK285/Y2HT5vZkHuMWrubKgVE+VSxLCHaUzrnNiWeX+8uBD7DgYzJ++yFUe2ARah2xi7e9DDyVY88EdEv4rbCkw23p8cLog1c7Rlr3u0VVyGBqGf0DoXJ4+Dey4qmH8I6SglHAEDuBDJ/mhb2kZUzNG+hZqOcy7VXC0Umvjha2lJO4DyP0sojERscmMEi5fmS2uCLj4I1ND6Uuf/2drU7Q8fkw1HZ5bP7+XkgxGbOn7Fi1/V+vnKcljDPS+0ZbrtmH32hBObFaOoLMspokCZA5D9Mfv8LG0uBRzrweVKQCuXYMbirzF2E+nVkfJWX9hW+RP8N2wufmx4XMk+2LzfT0M9noVfQtWIRQSfc6xft4ZVxdcqg9/+pr+o6oxjHZRemcgosHLGrxel7rMoo27F7V8LjUJCz0mEyEkEUAXu6jq2+IAwBQTmtNhZ294jx291zoGCzRKGpQx8hp596qgp3WTid7uvngnETCtUWyRo4er/z2gRfrwgnFXyuPFgGxD2SVmiVKnTiB2di8+zwI4NTxMq6VbU0jhcQW3y9h0ugGw2F8axeJTeZqK1DiU7zgqPwcQk9/ISl171y3gOQnimKwUQ=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:14:30,748 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:14:30,748 - INFO [Shibboleth-Audit.SSO:?] - 20220809T111430Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|id56cffc441a664e48a45e190528d574a6|https://localhost:5051/Saml2|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_e962320ec1cdd18fe046c5bb9db22c57|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxShT4GaEpZQzgtH/oP47sLx6fVbfLVWKFQ6MAeH1RrwGAI8XBmFv8AW+7G7q95C5mpFLk3U26elTWhBh1mHftKtwf7Qls2yluE10Ge/RTsl8TdBYIRINRxFwYKyxNEAI=|_547d2e026ec1f66b7c8a5f9a95dc0e1d|
2022-08-09 11:18:48,737 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: TST-127052-BcCnQm9Ln2cGL1NjOwD0W1g1nzPNYGJA
2022-08-09 11:18:48,737 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:18:48,737 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:18:48,738 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest
    AssertionConsumerServiceURL="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ForceAuthn="false" ID="_ce89b21892444f79937ba6057966a093575b630"
    IsPassive="false" IssueInstant="2022-08-09T11:18:47.900Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    ProviderName="pac4j-saml" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer
        Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Issuer>
    <ds:Signature
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
                Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
                Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
                        URI="#_ce89b21892444f79937ba6057966a093575b630">
<ds:Transforms>
<ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>/EQBiq3U7mB9WgxiV7FZj4iyzAPw93ly1V2kYPKWYiI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
h3E43ZaInCMM3eVqocy5HoAbzPuEv2wqzAgZI6VbEZcDleRLQFgEAaf+zTtkGHUZnZYzaA9QpeYF
WMFlnEQMZSmH3+hP053F91qm9rG+HTPd38hik/uONojBuxHnBVjAC+aJNc5f/7A3hAhlnqNonoPI
mupBDChq/1V8FUZmjwhMycdY7OZ5ZtL6OzBmhENbKv88do3nPH0PCpCY2wLCs+ljznt0FKdKmWbB
WAAptMCkFBTF7UqKaglWMgwEG72NV21FToOB+smpsIgRK+q4wpuAXMvVgNJcfY3x3phP005xkoEe
SWhti8UYnu4GARV/5FnRm6lgmbPmm+gEZEs52g==
</ds:SignatureValue>
<ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</saml2p:AuthnRequest>

2022-08-09 11:18:48,745 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' from origin source
2022-08-09 11:18:48,745 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:18:48,745 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:18:48,745 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:18:48,745 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:18:48,745 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:18:48,746 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:18:48,746 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:18:48,746 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:18:48,746 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_ce89b21892444f79937ba6057966a093575b630', issue instant '2022-08-09T11:18:47.900Z', entityID 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:18:48,747 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:18:48,747 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:18:48,747 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:18:48,747 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:18:48,747 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 22369930965456962777956365464229513348642522997346232168756579494960232921839160861855035659931488634319872531144871061126230632628307245413595021979243298021162796817485323967323729520642838484019982422043583459948062010738622164914709867639613377292833748142293112152964032878748204294883029637581475838086809098230772052770316027052403485966861005767953228542833623261203559898877311870242866180023679569922778427571461205374691037046976908472105838884909059792855539563635818559033340161732234235499443992405690433660052891865469805202598340808784182407277136835204164356633476755720981662174335871428308052095271
  public exponent: 65537
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ce89b21892444f79937ba6057966a093575b630"
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ce89b21892444f79937ba6057966a093575b630 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_ce89b21892444f79937ba6057966a093575b630"
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _ce89b21892444f79937ba6057966a093575b630 and Element was [saml2p:AuthnRequest: null]
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#_ce89b21892444f79937ba6057966a093575b630"
2022-08-09 11:18:48,748 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:18:48,748 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:18:48,748 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:18:48,748 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:18:48,749 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:18:48,749 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:18:48,749 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:18:48,749 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:18:48,749 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha256
2022-08-09 11:18:48,753 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:18:48,753 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:18:48,753 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:18:48,753 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:18:48,753 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:18:48,753 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool
2022-08-09 11:18:48,753 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:18:48,753 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:18:48,753 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:18:48,753 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:18:48,757 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:18:48,758 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:18:48.758Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:18:48,759 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:18:48,848 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-08-09 11:18:48,848 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:18:48,848 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:18:53,294 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'rick'
2022-08-09 11:18:53,294 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user rick
2022-08-09 11:18:53,294 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@25236873::identifier=rick, context=org.apache.velocity.VelocityContext@4cd4c71d]
2022-08-09 11:18:53,296 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=rick,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@25236873::identifier=rick, context=org.apache.velocity.VelocityContext@4cd4c71d]
2022-08-09 11:18:53,298 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'rick' succeeded
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'rick'
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'rick'
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal rick
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session aea84ead2e053101a4c35720b91b03e838ad43b220ccf3105fbed4a37a236b0e for principal rick
2022-08-09 11:18:53,298 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session aea84ead2e053101a4c35720b91b03e838ad43b220ccf3105fbed4a37a236b0e
2022-08-09 11:18:53,299 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=rick)
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, uid, identifier, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:18:53,300 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:18:53,301 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:18:53,301 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:18:53,301 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@16ce5f12'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:18:53,302 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'rick'
2022-08-09 11:18:53,303 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:18:53,303 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'cas.traveldoo.com'
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:18:53,389 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:18:53,787 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T111853Z|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|AttributeReleaseConsent|rick|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'rick:_key_idx'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691579933787}'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'rick:_key_idx'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool]' as '["rick:https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool"]'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@16ce5f12'
2022-08-09 11:18:53,787 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:18:53,788 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:18:53,789 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:18:53,790 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:18:53,790 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _225ee73b64c6e30311c360e1a8c7cbcd
2022-08-09 11:18:53,790 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _225ee73b64c6e30311c360e1a8c7cbcd to Response _aad24f38af422c78938d2b26aa669ef2
2022-08-09 11:18:53,790 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _225ee73b64c6e30311c360e1a8c7cbcd
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value urn:mace:dir:entitlement:common-lib-terms of attribute eduPersonEntitlement
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rick of attribute uid
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute identifier
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value manager@Samltest.id of attribute role
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value rsanchez@samltest.id of attribute mail
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sanchez of attribute surname
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick Sanchez of attribute displayName
2022-08-09 11:18:53,791 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Rick of attribute givenName
2022-08-09 11:18:53,792 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:18:53,792 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:18:53,792 - WARN [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:74] - Ignoring NameIDFormat metadata that includes the 'unspecified' format
2022-08-09 11:18:53,793 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:18:53,793 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQxAx6uslJ8fgWnH5mMtT0tQOB7/MR6MKx2CnoEPGVvdE+F66c7TmGCzIXQFN9l95dTaHlsB4aGeNoE6emDIC1yC5ltrjfPJqpFRlcnsGbxu2UQ/4SCcPl28GEFC0zlRFcu6cHFb+UqfsJcPIPW1SaDWsOPsU8ctxM= with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 207.239.140.126
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _ce89b21892444f79937ba6057966a093575b630
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _225ee73b64c6e30311c360e1a8c7cbcd
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _225ee73b64c6e30311c360e1a8c7cbcd did not already contain Conditions, one was added
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:23:53.788Z, to Assertion _225ee73b64c6e30311c360e1a8c7cbcd
2022-08-09 11:18:53,793 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _225ee73b64c6e30311c360e1a8c7cbcd already contained Conditions, nothing was done
2022-08-09 11:18:53,794 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:18:53,794 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _225ee73b64c6e30311c360e1a8c7cbcd already contained Conditions, nothing was done
2022-08-09 11:18:53,794 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:18:53,794 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool as an Audience of the AudienceRestriction
2022-08-09 11:18:53,794 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _225ee73b64c6e30311c360e1a8c7cbcd
2022-08-09 11:18:53,795 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool to existing session aea84ead2e053101a4c35720b91b03e838ad43b220ccf3105fbed4a37a236b0e
2022-08-09 11:18:53,795 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool in session aea84ead2e053101a4c35720b91b03e838ad43b220ccf3105fbed4a37a236b0e
2022-08-09 11:18:53,795 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:18:53,795 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool and key AAdzZWNyZXQxAx6uslJ8fgWnH5mMtT0tQOB7/MR6MKx2CnoEPGVvdE+F66c7TmGCzIXQFN9l95dTaHlsB4aGeNoE6emDIC1yC5ltrjfPJqpFRlcnsGbxu2UQ/4SCcPl28GEFC0zlRFcu6cHFb+UqfsJcPIPW1SaDWsOPsU8ctxM=
2022-08-09 11:18:53,795 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:18:53,795 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:18:53,795 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:18:53,796 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_aad24f38af422c78938d2b26aa669ef2"
    InResponseTo="_ce89b21892444f79937ba6057966a093575b630"
    IssueInstant="2022-08-09T11:18:53.788Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_225ee73b64c6e30311c360e1a8c7cbcd"
        IssueInstant="2022-08-09T11:18:53.788Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQxAx6uslJ8fgWnH5mMtT0tQOB7/MR6MKx2CnoEPGVvdE+F66c7TmGCzIXQFN9l95dTaHlsB4aGeNoE6emDIC1yC5ltrjfPJqpFRlcnsGbxu2UQ/4SCcPl28GEFC0zlRFcu6cHFb+UqfsJcPIPW1SaDWsOPsU8ctxM=</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="207.239.140.126"
                    InResponseTo="_ce89b21892444f79937ba6057966a093575b630"
                    NotOnOrAfter="2022-08-09T11:23:53.793Z" Recipient="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:18:53.788Z" NotOnOrAfter="2022-08-09T11:23:53.788Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:18:53.298Z" SessionIndex="_3e0777be8d9025829e438b2d7f160892">
            <saml2:SubjectLocality Address="207.239.140.126"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>urn:mace:dir:entitlement:common-lib-terms</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rick</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">manager@Samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>rsanchez@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick Sanchez</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Rick</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:18:53,799 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:18:53,799 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool
2022-08-09 11:18:53,800 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_aad24f38af422c78938d2b26aa669ef2"
2022-08-09 11:18:53,800 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _aad24f38af422c78938d2b26aa669ef2 and Element was [saml2p:Response: null]
2022-08-09 11:18:53,800 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_aad24f38af422c78938d2b26aa669ef2"
2022-08-09 11:18:53,800 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _aad24f38af422c78938d2b26aa669ef2 and Element was [saml2p:Response: null]
2022-08-09 11:18:53,803 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:18:53,803 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool' with encoded value 'https&#x3a;&#x2f;&#x2f;cas.traveldoo.com&#x2f;cas&#x2f;login&#x3f;client_name&#x3d;SHOP_DEMO-demoPool'
2022-08-09 11:18:53,803 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:18:53,804 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'TST-127052-BcCnQm9Ln2cGL1NjOwD0W1g1nzPNYGJA', encoded as 'TST-127052-BcCnQm9Ln2cGL1NjOwD0W1g1nzPNYGJA'
2022-08-09 11:18:53,820 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://cas.traveldoo.com/cas/login?client_name=SHOP_DEMO-demoPool"
    ID="_aad24f38af422c78938d2b26aa669ef2"
    InResponseTo="_ce89b21892444f79937ba6057966a093575b630"
    IssueInstant="2022-08-09T11:18:53.788Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_aad24f38af422c78938d2b26aa669ef2">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>WGG0LORWaypJnbyP6knsGs6tThf0lKHhanlNm5dvvJY=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>nyEFC0EAOe+2b/cUwjIAnT9fsg37KOtmrEof7Ub9KkXt76/QApJOYPraEsHA00u8X7EHHvswjfjkqk3clnn+2kWvZdJSaxaSuhf4Qz9I2szEXFX4IGs0umTqCJUabR9FvYuRdI5MaWe5dqgH9M7ebLASWn6xOBq/BHmK+Y8rgHiYhmE2bpdu8Eyly2ODYXGuZ5FmN5ZgA5eU+ryvCIk2uf7+255vyN+Y3tNauWadyr3j1ekflf3Bk1YrqRmLl1bEnCa2vXCCEyQ+Gubcup2DuCQPWzL+YLhGdgpuWS1WjgDy6t9hu97Wu+fjq+v1TIbN7Z9iUEhhudme54L02SJ8VA==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_0abb9355e6df85a9dbff045d831f0aff"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_f526a7b4672046e79550fe9294e0613c"
                    Recipient="https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIG0DCCBLigAwIBAgIQJT05eT9C8MMLxPWjiR+NjzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEdMBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMg
Q0EwHhcNMjIwMzEwMjMwMDAwWhcNMjMwMzEwMjI1OTU5WjCBoTELMAkGA1UEBhMCRlIxGTAXBgNV
BAcMEExFVkFMTE9JUyBQRVJSRVQxEjAQBgNVBAoMCVRSQVZFTERPTzEcMBoGA1UECwwTMDAwMiA0
Mjk4OTQ5NjcwMDA0MjEwMC4GA1UEAwwnVFJBVkVMRE9PIC0gU0FNTCBTSUdOSU5HIEFORCBFTkNS
WVBUSU9OMRMwEQYDVQQFEwpDMjI5ODgyNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTQ4f7v+iIqvjQLCZQyJCiWK72jzbm1lNNsOGLMdNO736yJo0iUXEygaqJ4awu+Nf2Ase62f
o1hROHtOnixvceJN2rd9BMKm/j3BgeU+vlW3quq8AFkm9ikL7R4hBZopqT5deXA17EZ0tpQv6I2z
WbuoBYunvJomVoFZYRwDWFlHoQRBJma0LL8WTrPP7t4gvZMqYSpEqyeeyX2cv6FS4uCOXITFzWAA
Rp5rdIkL1YzU+Tr2thgVf/BvRYsVqaCj+94YmoJAR1/pMOLIKhfoWNxOKuTu0Rpu1LpKr72FYsZv
osn4NHBDoVJncq/crrxpaYF1FqorTjHw+054l0YxJwIDAQABo4ICJTCCAiEwgeQGCCsGAQUFBwEB
BIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNl
c2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2Vz
Y2EuZGVyMDAGCCsGAQUFBzABhiRodHRwOi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20w
LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgw
FoAUrOyGj0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAECAjBM
BgsqgXoBgTECBQECATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0aWduYS5jb20vYXV0
b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25h
LmZyL3NlcnZpY2VzY2EuY3JsMC2gK6AphidodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2Vydmlj
ZXNjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQq
6jjjeMXwQMpNNecEbqrEsJ9eTjANBgkqhkiG9w0BAQsFAAOCAgEArkOzqH9sUsz/QCwLRUKXqsYS
YjB9o9GmKorBERtR7WJQIxk1jZxDM9dR8LTOA6tKOQ2LKzaRl0RugagliM75Dkt4AdWFQFzZ14c4
o+JXsvCNmRtncFxY5KAJqpeIgOHigpnOb2qdS5c0U2tMa48SYl5DgTqs5nlyLTqPIsF7Am80lsTn
iNdbvyPjmyrqsaUtIJ7WpBhyt+k5TEr4b4XWOo0jYwJEutvrYXTNihmWMfobEiC11+qziyWmBrrv
dJyg1H/XGJKFZ0atOOFUCfvoqFZrc3cD9uiCkLX3ljeehKkWyvNbBoj8ETmRPjg2vXIbPS+jR82g
fhLtUJbE/zVWQCoVtKowZqlY6mMcAXkqhdHTG9jfIixHxMMqMr2s+Fc8ywXlZzmAI1ejP9/LX9bV
2b17e4QxQMKMH9f2sVRvo16n0KtKGH5Zy3j+Dwkt3iIsN1F8Lo7vymqtqSUZ3EyYKNY/GvvmrIc/
snB/mGw4vqxYIXlIwwpm80/NRBeR88OFR3PYlUYKxrf9HKVRP8HqHG9buYSQdDdVe7k56Af77pCl
88LDCL49/8hb/XzndJjqvSLbKsU6UWV6q2e/kkQ+UcF8bBUMfHWLLK8xALkzrg1EATC7dviFBnS1
JXLmWJjKwHfWUkBPJnZbMCiKfgyNK5vTXpzzOszUdOFBLRTbtco=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>Jh+JrB2bucLagyzTdfvOBh8uzt2goB6eyauRz8iomPWqoK/ebPgnKyrK+5KRYBJUW/lcPtIUvWVjBO9LWzaPWse45QTV9mklBq1EO9nwRZZ+wmHPm742l0NuWk2Tj3S9JtIxITbimvVpv8qf/XHBhIE59nuo4ZAGH2gw8L+G6HTrfFl4+NTWMHr+BJNe9TDUv6vXe51RoGJKum505/bYmQu9zHXubv/IMoYxOLF1p1p42Lz5Lrqn/iXdBIQvQYuFwdtWAyvzkTfjHG4SDpayG+SRNt9h6bcQX5GtI5yhX9fhqfyV+1xlb53wGQ4LbXoQLTSaao/htkjKHWuMgTtDPA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>Ls27LM0+ItlX6IJd+RkwBh+I0D9yzTF067wr+4VfxSbmmKEJf2TMmG1UP+vVkDCusQx5KusZhSek9bT1rMWGo2GPMhPLWbYp6FmH4MlriErP0sddLmF6UeghJ4CKHaD9byazftu3FLTMy4q2tpZi1Op5Al8hB0hQoFDXEF01a/ESxvv349CGZs/3O8KU3V4tAerMXLTUlwu29F7P/oq0DUkHJoSsgpSVCjQ32MIBQuUL7t//LZhVCH7fMPnCGsc+CyfnUtyFdsYGIuhkFsQAjvZdPsY5twWKQL1IIE0I3kJUUxM+4zYKPIPuRBTPzrhZUtud2LPRx59v1Q4gdU9zD5xoSyZFxxXwM+8fYvNh5qL91ICVqiuCUNXdn1PRuRcAxPiRPrqZE//E+VCS/RpNFUATkJVXZNxXlI/Vf6Ffy1ubtUnqsROWirlfliZat/0WoxVcf2+1Jza43Bnw+XgzSAwshz+ZamTNZryoqw2JyiLPhK/6J9kFZR45tBtBe1xHFqay2qZL+UkDdgZ+F+mBPb7fUD5irBaDDGY9fj4tG4GvBn0/zZFgqJImCF1vzHAK/J5oMliJioZ7Bm7FDzOQr4BPthIWibCb8AswPLcKohnuMPKM6gdcnzMcZqgqNaDXp/t5klpfjH3GbPml6pTY/PprOjZPTEQotZXOKva2PiBUabEiAcxoxhxyNhX0V7p17PaUnK9oRr+5jFLjfe695iwf0WP5JqV/uElOWgcq/PXcQvouDHNyUdxgZNXX6cmA9yfrxS6PcOKmR+0jw8HiROLy7+g2WfQfUZIA/2G2A3BX/xpu2Hxmt1abmfqYAB5AXHnyXyuHgGQwj3usaaRJtpO3akaSKqsSY7XAL8l075wnhV+oJ5MeuCREbCz2xbCGHn+dHybFNsXh01THmjiMruLtNoZg9fc+X94rZj0qRpIt/yLO+Z2cxeUXqEJNYOAb03c/LfAeTAG43wfTs+rKa/FVJqlqi1++FL7P7+gs3PKVSEUxYAeG6pj+wL5N1okEIVADjKrDcIDxUERoj+l+7a49Q+GjHHob8F4TMgEYQYFxQDJFWPMNm/+xIOo6Cl3LmSk+/7SdMtRLHoXcT45dVZIA/Dh5EhQSn9Ms9flfTD0SSqpVhq7reH1jif2q7IUmWDUTRq7H0fQWtqQHzEVGZivirxYTLdNDZqzceAeoCF1Tuw9DlV1VsM79zXFadV+P+6msCUQypjv4iBMrS0Yh5HpdqOI6TdK4zYhMRh/eXDs6jLmw32ZQdbxnaLEmqNHWbay7kp1lDWv7UN93lhnMGhIYDOi/8x7eWO2qwAJtXb411TzwoFT6FH88uMFqvuSvwbqQwh/VRNw41u6wZik8VyIQdLZpWjwS24Ah9MTzLctME+TQDMXyLBNkU7vNv1yg0jkZwIkDVwPBZgwSx3XD88+KzxIGzOvHcvs5RL93VeUOmk7B+XgGKhQ+Gc/qQd79kV5axJAIlbl+GY4n1dY6nv2Ak2ylfVRPakgY8uPkY8SJTySpS57wGNYdDxuWfnaLFy8r2ULQLM8VVhZ0HuuvB/9ojXLDmYsItTl6EpDcEg64shBtWC0IAHUgA6yQicwUN954sbXDE1xWnS76r7XoyfBnsTBLgEYE5vbmBN7ao4hfCAgonfReyOFMWVmzSfpjlw2jwSMoubRUqHyDpRDWGFmcegmna3Enduc6RL2eZhhNoDiT22k/4ZcKW3yrP0AXAHzQdg7em8stU7VVKkZgVsuj+/sOm2ifZi+bn0nkQiNHqg5i7PMCoYIxFgpV8dYRFchvVHjuLBD0xOXtju9PE1oiG8irId+KAvd9NGgflduFmsUpwp1ahie8p7blPuOyfuvYgx8eIJ8eA9xAMCgvQCPs5wXvmudnJtf+7YcYBLUAkoFhAxpdhUGhXqyHL4v309yzgFaZjg7ZXrV3dm3a/0CK+zz5Mue6ouKh0EqkJay7Vf/zuWGWOBrUMzyMibTbpqk7Q33gfid5bBVw2Oic7POLty0+2jv1Orx9Q7heqPeX/oCKRW1l2nbWsWwsmpw+ywuaRw45kLpDS70iO3uhkeXNkwqWgkxnCr3xIGYip0Ze1MjQCF/Z3wI668R4jlaDs/V71cpu2EcLCcbRhkTHEuLMuD4PbbF14tN6x/QYMy/JxIEB0aVIxe4YHdUyFxi6eGCBunCnOfO2bk+PeG4hqTp50ZEsQzKfwSME/53Vk2afhv03aRqwffKJr1mNVQPngkq8BI1LaGdijLy7JwVC+bb49UQIJcP27+I4fyHKBR/2YjXQE/ztHP+vCAfIbv7QN86j2wRN+UOrDAbiTExchDsnM0bNb/j/2ouy/RlTbEsLrOmb8Gnw8288ZwngTExq4QgJ98lVtVkar693HiYAsRu1CpAKZ0LKkKsYo0WZZ97TJJadlMUa4P0Lq7vRQzUK1xLxKZrhIZzfc3YRwSkuEPHoP45751wrC7sEFoRz+cnz+TzufPrql+b7jtcbv/frVY7Vin9fXTsHm7T8xHxmIVKsWaiaaBPBKOm8I44Dr7xHoqZ1pZZ5aaGIyx+JxPFEkdijNN34ll9lU941HFMu0aFyiNCSfdWSwAsG9adtt6UYJdFRa4Y5zWfS8UmFkS4Fwp+iogpLyyhXzsm+3wf3yKBdi6ov2kafy6XevNf54qscyuTn069+xR5xYZZqHhcmsR0QSpqq5JKBnMSKrWnWm8ds9PKHc1L/ALRChu4m5SsFr5NzIpiXqS02FQKPUe01JKG+mbyQPk3qyYzvKYyQ0jxSVSPk5nZzUof3ihWt3N1V8P2mIJDq+0kMfmPcZS5ceSGuoXNEdmRf+jTZHi5LaqC+7hsDivksqpqRAY8vmToW2WYdA20y1bssVx995eEHVmOktrIyZVG2iORF3s8tqalwB8y4fdPUMf/Dxg/5o/stJrDEQdW1kVA4GamVrJI84ezeqNod9jd0ceUkPCARIdbCfIXPS+RkQpyNVm1jRh1BqrPDjPCPKP/ezS2LM0/mF5rbAWF/vXWg5Qzql0AzuuIgKYEhGT2g+NGi4ACoYL2lZy1hmiYfT2UYwBJ38VaV3zeNkXLFqZp/2vIehYqsI9NNBiiEHmptRK0Tog4rjqCkqCKl2N35mCeVA5xhPEQRdw3hhllDrTbQkJWAVIrqhaGiwShJBseIksFQcKXVyzQCVXNHWlRZUeFd6mkL+ptaILB4qnx5pCUO/2EquXxyy51Y6tmqUqtx8Cr/zjDsMgLAUPK/gwhSwtJEk2WW/rE6mDe4qHkO0s0glGHNuTDfw/2VhLkl8Y27M4MUj/k89UiWo8GtJ6JxzH+konLBBgZz9Ktb1yJwjsI/Ru22VP7ySdQVpLp/xsmL1/2k7mzF26OKyT7IGaT1ckxWOJ+Zg1gAIirL73JWMvPMX6osvosEY6iil4DvNOEofCcSDFGP9+cQLoE9tqzPBZKIrXK+/fmzEcxKIvOcpnN/v24v+9TB0B0x1axtHGXADEFTjFdv7ujgLwq6fXTP9+w/EJBSeepIi1vFNuYCSW2v/pYRJl/A2ypXbpY/br814/KoMe8QZLXXfjIiyYTQLQUik6vDZZxTxk1DgqtBFKdGHECmeyLa2l0Gm6O+nqCyZ9Hyv61t59M7B3/kl6gBEDx8JTUrpynMjIawmi8EjMUFGIijQn51k/aaXCcoQ9N+Odb3pdumBnfKI+FBYNiQj0GW8SQG7gw4QyQ5XJyh9Ql+5Ph9Ab8KzRxiTncDBxSQ1l284wv09Lb99w2UWThiphQ9Rjlz8auYf1vYdXukhOZokre75u6feb/Ej5e1WFJUPZxc3QiFPKAcRzenp50kDFH8g+pjRxNIKpx8xykaOAxp81Vpv8QCII9DuubKcXPqrxI+67jqPUL2fP00n/9zut2Yukt3o1zrPh7hnHcqPIpGJgNuu2JIQpXIjPIYVXDdNHnkc6VtFHSovY0TBHxaCGFcEbO5UsgkPRSple+EE27p74g3xT05Ya5rNTnFWuUdHpUZHS2ivsNk9jWPrCV4SBT6clXyKAEeBgpl8pBRtJVi4HkygEKQjDAzBP+O3i8X5vOGWf7uud7vnNZaen0IhFTNnRpOON/WORvKsB9uPua07GAZzDsURXF5oCCDT7bMQ1moDkA9XS0z8cTD7YymqroptBOPw/JhYzHI1ErqlhcZNELLhhgezW4j5BLLvpLCJ5VYIR9GUbWXAjdcnoA0/i9QljHcx31Ny2YlwP5gOkYoad34fnpV5poRXgQKiZR4JHGl2EfjVFvWDKOZnwRgf5LHIJr+THCbnuSbxJ4MocqJNyckpbS8L07ZsjFFxD2r9chbceqfY/MEUTZp1gbNUKn3gmeKq33svGOPR/b2BEw7v7AovvIb/ERZL2Q5oS6oZUl++8UsPIqDjhtVTDW6ruSCVaTMUGg6zk9tNvEXYMbTXxDR75JoeJ9iCggyBHNONcbl6q60SxvHD9HnXChzQL0ptRd3NkK63oHc+cU5SI5FTmFBtdyLNpPJ/5WR7ohtJsXikfqv0nK4R9S8PF70HKFUyZpxbppc7MSuXoNzK5mv70PABzv3AFPXykY38z7viYj5KpLqh0AoNHeg2k3OkTFjtSurEhYKV2GTvw62zH0tJWZnisC1T36DFvvBSmopVeW7INyS+USlnnWogTpFaKTyUFXuzNuFq+F7V7VWsZoGEzK42vjhStnddiOzFB8cs8IWgAgqYNF/rSl+Es4BJb7o9OPGlM7nhjKT8RdMXUMgGKfeb+bZDaTkDklvab+n5clpcw318KcYO+pRUg0Lh09ZN+eRAmtqn/XwpQmE7AX4FYtqCFOiznZmo33eDi7dTkjKJkWBZ9RpZlc7d0Vjik44OeGj7Lz/UyM9Mp/cgRhXBkid+dCQuyA259aBHgOZ56Hz4EJseyYDs2VRM2XNFeElYlgU1QY6k0fn8vsqLlO9cn6P1CUaK07QYHLw5gfFSgmC/+mC8HoRDdnhx8WyEv3CL+MH/WtG7hnSlekdM8M//2I9S88tM0ACHIDTa2s6uDOP4gbjgdc4L7Z6q0zma6SlvNEcOHKg4n8rgp+75KwXizzOpOiAf0zIz9NgzDOEKvtcEP0E3vxd6V0BQ1a9/GEnE9o6WvPLbmBPOWxvnI/aSTYqOkumrAbRwF9DvZ+MfPjekGgXUzHBSBkaySSC1JR70Unqgps7pu+IalOxb4WeVgb188vvETX3xLq91SLJVHgob+fMwCqDrOVY1AhTK3Tk/NxMIM2m9u9xy4AI/2G2IKgHoONE7Q==</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:18:53,820 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:18:53,820 - INFO [Shibboleth-Audit.SSO:?] - 20220809T111853Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_ce89b21892444f79937ba6057966a093575b630|https://cas.traveldoo.com/cas/saml2-SHOP_DEMO-demoPool|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_aad24f38af422c78938d2b26aa669ef2|rick|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,uid,identifier,telephoneNumber,role,mail,surname,displayName,givenName|AAdzZWNyZXQxAx6uslJ8fgWnH5mMtT0tQOB7/MR6MKx2CnoEPGVvdE+F66c7TmGCzIXQFN9l95dTaHlsB4aGeNoE6emDIC1yC5ltrjfPJqpFRlcnsGbxu2UQ/4SCcPl28GEFC0zlRFcu6cHFb+UqfsJcPIPW1SaDWsOPsU8ctxM=|_225ee73b64c6e30311c360e1a8c7cbcd|
2022-08-09 11:18:57,466 - ERROR [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException:?] - 
org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.
	at org.springframework.webflow.execution.repository.support.AbstractFlowExecutionRepository.getConversation(AbstractFlowExecutionRepository.java:172)
Caused by: org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id '1' -- perhaps this conversation has ended? 
	at org.springframework.webflow.conversation.impl.ConversationContainer.getConversation(ConversationContainer.java:126)
2022-08-09 11:18:57,466 - WARN [net.shibboleth.ext.spring.error.ExtendedMappingExceptionResolver:?] - Resolved [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.] to ModelAndView: reference to view with name 'error'; model is {exception=org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows., request=org.apache.catalina.connector.RequestFacade@62a2acd3, encoder=class net.shibboleth.utilities.java.support.codec.HTMLEncoder, springContext=Root WebApplicationContext: startup date [Mon Mar 14 22:06:23 UTC 2022]; root of context hierarchy}
2022-08-09 11:19:51,356 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: /saml2/jwt/
2022-08-09 11:19:51,356 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:19:51,356 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:19:51,356 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="id-gOnUkCi5ytNM3ePnk" IssueInstant="2022-08-09T11:19:50Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4</saml:Issuer>
    <ds:Signature Id="Signature1">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#id-gOnUkCi5ytNM3ePnk">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>CLRFSKjm/PyuIxc/veSKKAg1q4WiuTjDmcCGIhqd3Mw=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>fR9ahlGuERl7CzVGz/GkovJnBkzSQrMvjJ6i/gYj1+jGO9MPJY8F4yGPc801Aghl
4n7g7PYUL3wO9fMcIAZkfy/pLy5ZnPGAk5SOwYiUUWN+MI9YS4J6XxyLVeIHuimw
+r7qnQ7bCvEfz4AzDgyzagavJwvi4umLXgS/QV2Cmg7rB+pQDy3oNL6VK3EDGBXR
hnEqH0VRBGU16gGq3np9jUOF5NoqBT5eQGSLTTAkedL3+DjjL2r1OHXiRmXGyPMK
6I6/Lb25q87PUS1zd+2IYDryPOMs5iDMl62CdxDcwt2xzd1FOH+qrZcDk4gXz4rK
eqngD277/lPg9lGuzT7SeA==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIICuDCCAaACCQCP6GcXfNKt3TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNycHQucHJvZHVjdGlvbi5ob3N0MB4XDTIyMDEyODEyNTQ0MFoXDTMyMDEyNjEyNTQ0MFowHjEcMBoGA1UEAwwTcnB0LnByb2R1Y3Rpb24uaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMryi5iFYA7zP6uwJEuzAGVk+drl313JeRW/OFTYbmFA4X1jjKTdf5SLRxIdDiIrLTLfKc/9Z18Acd4aSTBNLCMaJHpKwCa9ALM6E0/7N8KlB36wBnrQwe4SeOT5RRX5Q7K8o9HQgNrEK8O0y+zVYhlGplSrd+mwPdGo62MDGtQmT40Pl93upBXKTA52YR+7N/taVW5lnebOcPOSS4bGpAxg2Sx/oGmINhHGbf0QPeO2NI0QadRK1wsqw/6WpEn+GEluKehVEu6yMVgEF8MBO6nhTt6Gf5hbwuJjFgJHgvIEET4OVJ2jB7stOUHCRq+MXLnjTQ9j8Wvkr9QNoJnXI7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEArEfFdn1EVbjKk84OArjUL+cobbywnxyMzh2lNqs7EMX0Spysb0NiyqYJOrMjZpWM6yISL7Sc8L6qtEKeraoRujoHXf3G/+e9Dx+AfppI6E9YYgBb2YWt/Hf3JCUc0YIzPp+3ZJjW/3C9P4cB8H1r/4HtDmiju0BeFGWdm72SthiXoOcWs5u2yHg21V+RPgBrPxE2m6iAFC7+hfFKxWE/1aN16r3v1XJcIPhLJEnf9b5pLt/EXNYNqFQ07qsyNqEXtPlWU4C3rP94xSik52BFI6OLf0GRcN0ZX1zPv8IEwmX+WV8I84Ue9OGvqSKhoC8f9PGQ2oy2hL+8DViJXeY4dg==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</samlp:AuthnRequest>

2022-08-09 11:19:51,363 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' from origin source
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:19:51,363 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selected AttributeConsumingService with index 1
2022-08-09 11:19:51,363 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:19:51,364 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:19:51,364 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:19:51,364 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:19:51,364 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:19:51,364 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:19:51,364 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-gOnUkCi5ytNM3ePnk', issue instant '2022-08-09T11:19:50.000Z', entityID 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 25619741146304155236247692653801023529881785377825624882406330247906388727337884923734775946130977727632861768074484493057656687302896828104297571369771721216305953814997917180720049177453480549626185036630441315801981092559638858576306762697541333932774155000898199139879425514154317352028375602622268954902932678513581131324682073549192842948337646941490769289785001065956465411070693864094084247817385360209264413191151877848590570954980912399747190373069119500775190117392345331155808225076612427490832352000646743066757582659930653220567373000990999523284731213198836565990127157020606688322706213011815348511673
  public exponent: 65537
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#id-gOnUkCi5ytNM3ePnk"
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID id-gOnUkCi5ytNM3ePnk and Element was [samlp:AuthnRequest: null]
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#id-gOnUkCi5ytNM3ePnk"
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID id-gOnUkCi5ytNM3ePnk and Element was [samlp:AuthnRequest: null]
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#id-gOnUkCi5ytNM3ePnk"
2022-08-09 11:19:51,365 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:19:51,365 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:19:51,366 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2000/09/xmldsig#rsa-sha1
2022-08-09 11:19:51,366 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2000/09/xmldsig#sha1
2022-08-09 11:19:51,367 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:19:51,367 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:19:51,367 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:19:51,367 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:19:51,367 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:19:51,367 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:19:51,367 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:19:51,367 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:19:51,367 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:19:51,367 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:19:51,373 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:19:51,374 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:19:51.374Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:19:51,374 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:19:51,374 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:19:51,374 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:19:51,375 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'api.reptool.develop.thebitbybit.com'
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:19:51,564 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:20:11,035 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'morty'
2022-08-09 11:20:11,035 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user morty
2022-08-09 11:20:11,035 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1907467213::identifier=morty, context=org.apache.velocity.VelocityContext@2f79d836]
2022-08-09 11:20:11,044 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=morty,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1907467213::identifier=morty, context=org.apache.velocity.VelocityContext@2f79d836]
2022-08-09 11:20:11,045 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'morty' succeeded
2022-08-09 11:20:11,045 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:20:11,045 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'morty'
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'morty'
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal morty
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731 for principal morty
2022-08-09 11:20:11,046 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:11,047 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=morty)
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, identifier, uid, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 2 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:20:11,048 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@47636599'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty'
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:20:11,049 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is required, no previous consents
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'null'
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'api.reptool.develop.thebitbybit.com'
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or InformationURLs returning null
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or PrivacyStatementURLs returning null
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:20:11,237 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No Organization, OrganizationName or names, returning null
2022-08-09 11:20:19,127 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Extracted consent ids '[displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]' from request parameter '_shib_idp_consentIds'
2022-08-09 11:20:19,127 - DEBUG [net.shibboleth.idp.consent.flow.impl.ExtractConsent:?] - Profile Action ExtractConsent: Consent context 'ConsentContext{previousConsents={}, chosenConsents={displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}}'
2022-08-09 11:20:19,128 - INFO [Shibboleth-Consent-Audit.SSO:?] - 20220809T112019Z|https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4|AttributeReleaseConsent|morty|displayName,eduPersonEntitlement,givenName,identifier,mail,role,surname,telephoneNumber,uid||true,true,true,true,true,true,true,true,true
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:_key_idx'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Serialized '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}' as '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.CreateResult:?] - Profile Action CreateResult: Created consent result 'ConsentResult{id=null, context=intercept/attribute-release, key=morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4, value=[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}], expiration=1691580019136}'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Will not prune storage records, number of keys '0' is less than max number of records '10'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty:_key_idx'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.AbstractConsentIndexedStorageAction:?] - Profile Action CreateResult: Creating storage index with key 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.storage.impl.CollectionSerializer:?] - Serialized '[morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4]' as '["morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"]'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@47636599'
2022-08-09 11:20:19,136 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:19,136 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:20:19,137 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:20:19,137 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:20:19,137 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _0de2d721a2b564cf5ab96ff78888802f
2022-08-09 11:20:19,137 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _0de2d721a2b564cf5ab96ff78888802f to Response _297a528da3cde326c66989303585f7c6
2022-08-09 11:20:19,137 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _0de2d721a2b564cf5ab96ff78888802f
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Ambassador of attribute eduPersonEntitlement
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value None of attribute eduPersonEntitlement
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute identifier
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value morty of attribute uid
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5505 of attribute telephoneNumber
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value janitor@samltest.id of attribute role
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute mail
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Smith of attribute surname
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Morty Smith of attribute displayName
2022-08-09 11:20:19,138 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Mortimer of attribute givenName
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:20:19,139 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:20:19,139 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:19,139 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-08-09 11:20:19,139 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID WNDUP7URX5J5SWIROG5AVORK5F7AO5RF with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 77.65.103.161
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-gOnUkCi5ytNM3ePnk
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _0de2d721a2b564cf5ab96ff78888802f
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _0de2d721a2b564cf5ab96ff78888802f did not already contain Conditions, one was added
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:25:19.136Z, to Assertion _0de2d721a2b564cf5ab96ff78888802f
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _0de2d721a2b564cf5ab96ff78888802f already contained Conditions, nothing was done
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _0de2d721a2b564cf5ab96ff78888802f already contained Conditions, nothing was done
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 as an Audience of the AudienceRestriction
2022-08-09 11:20:19,139 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _0de2d721a2b564cf5ab96ff78888802f
2022-08-09 11:20:19,140 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 to existing session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:19,140 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 in session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:19,140 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:20:19,140 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 and key WNDUP7URX5J5SWIROG5AVORK5F7AO5RF
2022-08-09 11:20:19,141 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:20:19,141 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:20:19,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_0de2d721a2b564cf5ab96ff78888802f"
2022-08-09 11:20:19,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _0de2d721a2b564cf5ab96ff78888802f and Element was [saml2:Assertion: null]
2022-08-09 11:20:19,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_0de2d721a2b564cf5ab96ff78888802f"
2022-08-09 11:20:19,141 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _0de2d721a2b564cf5ab96ff78888802f and Element was [saml2:Assertion: null]
2022-08-09 11:20:19,143 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_297a528da3cde326c66989303585f7c6"
    InResponseTo="id-gOnUkCi5ytNM3ePnk"
    IssueInstant="2022-08-09T11:20:19.136Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_0de2d721a2b564cf5ab96ff78888802f"
        IssueInstant="2022-08-09T11:20:19.136Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <ds:Reference URI="#_0de2d721a2b564cf5ab96ff78888802f">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>h/9v+QDD+jubM9GoRf9cg1P045U=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>EY96plMrm+yQiqcS8mdiWghGLhOI7SfGYuFxUx7wr6VUtuGeZT0KMuBHJJjh6vZPf7EzxU57g8Ou6pMOqk0GsxxeeTAuUwtwk+DFJsCegJExekTYAzJqOBUwk38ZuhR7yoYkQVheLZUsJd3PR8m/X3Z46YZ8K+45evwsBrVxoFi/gsFl+vhx6N4dyw048gTBO2I56dBTRQNQSFxN6IR23bOH6uynuA8Hd6AESOXJYChBHz1xskWDBMQo+0p0tGOCxLl6P9Sah6+PoLv/j282cQJwUX4IUmgbL7ICuQ6sjPB8s9PEilyfH8g0Hef1z5dzMgRUcvY2+lICgim7WrGNQQ==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">WNDUP7URX5J5SWIROG5AVORK5F7AO5RF</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="77.65.103.161"
                    InResponseTo="id-gOnUkCi5ytNM3ePnk"
                    NotOnOrAfter="2022-08-09T11:25:19.139Z" Recipient="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:20:19.136Z" NotOnOrAfter="2022-08-09T11:25:19.136Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:20:11.045Z" SessionIndex="_c390907f71bde74fbf0489a5547896ae">
            <saml2:SubjectLocality Address="77.65.103.161"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Ambassador</saml2:AttributeValue>
                <saml2:AttributeValue>None</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>morty</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5505</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">janitor@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Morty Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Mortimer</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:20:19,145 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:19,145 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:19,145 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_297a528da3cde326c66989303585f7c6"
2022-08-09 11:20:19,145 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _297a528da3cde326c66989303585f7c6 and Element was [saml2p:Response: null]
2022-08-09 11:20:19,145 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_297a528da3cde326c66989303585f7c6"
2022-08-09 11:20:19,145 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _297a528da3cde326c66989303585f7c6 and Element was [saml2p:Response: null]
2022-08-09 11:20:19,147 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:20:19,147 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' with encoded value 'https&#x3a;&#x2f;&#x2f;api.reptool.develop.thebitbybit.com&#x2f;saml2&#x2f;acs&#x2f;&#x3f;uuid&#x3d;45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:19,147 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:20:19,147 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: '/saml2/jwt/', encoded as '&#x2f;saml2&#x2f;jwt&#x2f;'
2022-08-09 11:20:19,149 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"
    ID="_297a528da3cde326c66989303585f7c6"
    InResponseTo="id-gOnUkCi5ytNM3ePnk"
    IssueInstant="2022-08-09T11:20:19.136Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <ds:Reference URI="#_297a528da3cde326c66989303585f7c6">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <ds:DigestValue>5x4aHM6a+H7jL96gnU1DftC73gs=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>cym7lxpIIDS9xx1RAvr8WSW8AaXVTSxE/Qsv3tbidmfA5nYAYO65DQuUCaC+0lkpdREUCe6A43AJDxk/AG35ha2tU2Mh3Gb0VuSv38fwEQtCbtFhnzQBNlZU0EaAvW7VqQHPiGBvxTUDwF35MZQyIK3T1g7TxXX5aMPgLpeq9v6eaapu1JivkL5Hq4JvccFV+v/mSkjoS9EPFDUpk8D64TTlYY2jUxAJyjo+4OCuR/CJ5f7DDMPhzxiqniJC/4aTeAQgdFhTK5Nj/KEA1tZ/Sf/0IoQ5KXO0OSX9ABF8zCXvcYEh3M/5sbf9DzPc63WW+K028IZzXjnSA4fQ5M3sJQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_42f18fe78fa8b080d3ef893f5ea81ecf"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_654f0d8ea6ec76a7fc306a74927251c1"
                    Recipient="https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIICuDCCAaACCQCP6GcXfNKt3TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNycHQucHJvZHVj
dGlvbi5ob3N0MB4XDTIyMDEyODEyNTQ0MFoXDTMyMDEyNjEyNTQ0MFowHjEcMBoGA1UEAwwTcnB0
LnByb2R1Y3Rpb24uaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMryi5iFYA7z
P6uwJEuzAGVk+drl313JeRW/OFTYbmFA4X1jjKTdf5SLRxIdDiIrLTLfKc/9Z18Acd4aSTBNLCMa
JHpKwCa9ALM6E0/7N8KlB36wBnrQwe4SeOT5RRX5Q7K8o9HQgNrEK8O0y+zVYhlGplSrd+mwPdGo
62MDGtQmT40Pl93upBXKTA52YR+7N/taVW5lnebOcPOSS4bGpAxg2Sx/oGmINhHGbf0QPeO2NI0Q
adRK1wsqw/6WpEn+GEluKehVEu6yMVgEF8MBO6nhTt6Gf5hbwuJjFgJHgvIEET4OVJ2jB7stOUHC
Rq+MXLnjTQ9j8Wvkr9QNoJnXI7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEArEfFdn1EVbjKk84O
ArjUL+cobbywnxyMzh2lNqs7EMX0Spysb0NiyqYJOrMjZpWM6yISL7Sc8L6qtEKeraoRujoHXf3G
/+e9Dx+AfppI6E9YYgBb2YWt/Hf3JCUc0YIzPp+3ZJjW/3C9P4cB8H1r/4HtDmiju0BeFGWdm72S
thiXoOcWs5u2yHg21V+RPgBrPxE2m6iAFC7+hfFKxWE/1aN16r3v1XJcIPhLJEnf9b5pLt/EXNYN
qFQ07qsyNqEXtPlWU4C3rP94xSik52BFI6OLf0GRcN0ZX1zPv8IEwmX+WV8I84Ue9OGvqSKhoC8f
9PGQ2oy2hL+8DViJXeY4dg==</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>dc4qTjze4PdYuQLUGoTYUguK43RGJBwxHfN8CyMGIfE1aQiVeSWbaWEUSSGe1oo5fGa7XVBkLJzhs3voZGNJTvkhGGJFGkM6DjDSiPfP/bO1y3Qm6YW2RwyR/zFktYHPIsfusayQoxE9Ao39EMfVKM6n3t/DjQByZ+ae3wzt/3V1VSt6YmCleAHEap4+hAcXkmgsm0Q+3k4fVDImZkk8IXnm45Td/StAB9kuI6acMwmUy0h9/nyAhtkrF/cC5D4x/ybrw+sM1paDY7iMD7aHkbQm9lTZpOPQQ1bOi04gSMr/4/DMsWQCSo+aDHzA+H4W2aTcCu0NjJ7XzsicWLQ8gA==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>OG9nKzbz7IDl6FMZ6vP9TA0g0dxjOGKMii05hJJcwZrPkonZtlLpRTCoA8BRJEZjiEnI2RXYBE3qHj2lYJkslSQVQjHiUZLeWer+2tfkpZaJ7BN3+5oBCwZyDJEXFV0xidupISkEQvLRbrSjbd5dVWIh0PZqmlB2APGCHp7zRKxf8DXvO2EhjLChP+/Fvk+2yAfw2umNdxajUE6c+JqXTHmDIqTzUJP7YMBO4t77a9GvaaM2lbeH9iARLvByQstORP5wPekpOwgARbn8k467AO7rWaKjsa+7t/bm0Li3U5+gG1wsGRPg7iwfKDkf9nyTvQ5K53vgxKWj9YFGwIJM+VzwUagq5y7GEe+cH1C0ACdct8QU8/7sRCSLhCsbKEJyl3CkYEZy90fY7185vkcBEVahjXHXCpVWFjzD+4hCm7VD/r/YIettt3QoFf3CDGXdqK0ZoRsSIJ6d5CW3yIujQHReKedlptDGqFaAsnOBi/V/C+OCURZMfp236n5s8ywlV0Pw1IM/Ok0y3IoNUqYmzDknD2gCr77X7ZS9NXtN0fcmG1jItQapCdCKSDT5LMVI6VCSg0wWC9b++m0DxgImhLxcwXKUOGHlpw9UscwGaxs9+BL+gIlbbGqesnS/9gwVIrnTjeGYXWIyCetb4ragMEh179+rM6Uw8mrqKVuG+QQOUjq6JFQ+unQZPDzKxpWrXVgk/cymTetZE5HERm3fNOUGq03ov5WY+ZOaNolWfpb/YwcXJN7VyubUAEqsrKt5eEFQG+uyOkg70xkjerq1EsgVa5TF+HSnxbDmpJRSn8MC1CYg8NUUZzwWo9Oc1nYQwArCTk+j+O6OaJLsClDCg00DoVCiQKAgXyIqeyu2dyORbUUbeCeBUzjXQHTA/SCPVvtkEPwN4oDrtfuAUISfHFsG4Tkpa0DITyveMSbeBZ80nd+JVLBRrJNgTEAif7QGYy2s9RChwnlQL53pcmlkQ3m/SuKFFmwx0cRxhMwgbM7thr8Ld2MvSN6FAViaELVw3/4aFjPqjxn/Hn9NjdbmbnBjfTC6lCAp9EOldOYO7NVqBThbKP3GDJmVLK4wW0ofE7B396zpX9Qkox0vquTrRq0P0VgDN1GEQe+0VGuYk75RRM7tKh4iStUEWdyQrFTWeE+9hv41mu8U1FcrhdHE/k4bKEZNS6cZQ1gVwtnBjebnoOw1X4jPar3TaPfBIL/WsgmBYlgixPI4CAMmS0cvUvWPSvaSE3UZAwgSEhRMNm+I2YDhomg1wm2wHB3T/1cIyWfMUAqMFMmdDSrmH8znFjChlRlsYkF7h2CALdF89IfaisQMWW8VoFUaFLEY7r15uVhqCtuo5fIPR47C2fwH+Zgj6MVLCDbghb3NDUccz4Sgt4/rrIwpgaWgV44p7ZWLxXb0Stj/flExS6FeS5lGMxP/CQFqEaGJIMlmnW/fGyXN4gEaqz4RoB3mDDEq1R2DLQM93QQ9y8AKX2/5TlH5Lp0ZQEdZmb4MwiD8aGGRuxBsdfM1T+/1X83M5AtaRWSU7SEffCPc91B4aKeSTJjZnD7C+boZAnsymR+I4/jN1Ln62TK4P3ctKTnLEIn00o/rJQw38wiYWt4s7KIBNqk/ccft1lfxhpjqgEcVE7LKfJZ2mRjDJOr/jk/IipK5NPtsSEYDcWGY7WZgeRjYvePnkRLSGUXI6b8QrwGO2vGY1XfPLuIkC9Uur7gg/cMJOVWY8JlzsFuDRdYoh5vi99La/onwLfE8wQFPURoKlOp3PXAOR63hxzRxQe778gzZ4ILkmeW6ar6sjsjeGgfyM+TmsFLCwX/mFf+7RB6ol1NVBK7S02IUXNtQQLkKZ7uA47c38g8T3sGEDE33asjZMaLCnln9+/eLEq/fY2IZsoT8qXbHD80Krsmzgl9BKD9HKbytfdEXU0saEEGV5sJtmbZrxevvoDeWjqBzkrOfrvpN9ErfSfMMK/9Mqnfrhf67ctNFoYl0LstneG4PS9RTzwVLTFRkBzHnYFHWii2vBdCKYEMWhsTHl+/m+Wwul36EBAQaGkNSakjt7wHMWypa1tGKw3Nnw+buUNc3gjeECu7G7N6nZgzM+h0aTKNbIWsYo0ECi/7qUc+b9HsjpvdZhqSMgn/OPk6mwc7OqkZFhE7k94i3W6U1PduSrpkPcP7BaKyZPhKALPjvBZ+a7t9PjmmHi2VxJYkXdu/jY5rhXQDlCOZ22THTWeJH4/d3z7vdyyNKkPgHwoFhhCbTAzdZVhsVvv1xEkkXAh8pcp1MboMp7jukYuW9Sn+U+eLSZA+hlNCxJLKvn+0TYK//ZXGte0VJgdd01To5iMN8AAH44DdSLenEZ7+qr83A7TIEsof38U4BA/SCwi2v2zThUgdHNBx2dfuBoxv+xycMVIBRjiiYWckhkyDO0G55J/rYJ2G2YroNSu8hMhPPUhUZGfr/hpe7e6hSe1ht8J3n4LhEVXYGPTxaz6vON/anM1UHEAj9Ev4tYUAgU3a9gu2RDwfwTYTPHC8Hosz8eb5LbntiMRMCCPL5bvOy0ur6QvASM3foIP9KPSVqcmZ5EWHBPRZeXUmqCW7ZuzMpF/wxc7ycG+utgBh3y5zx56WYO+yfD0bzWj1PqPoxpThaC0US2+bYMAN5RV+dT6PftLKlwPIS+dIc5wyo9mdj/5hPXU2hmzjKBa2UqQLpc1hkpzbL7FRnsXK2GFRlVyTPEhOcHTyLLGmdmtaAjBB7BXrnuQjnW5oZa0Snj/5ZJPtqAZf4nSMMkX92xb/qFg9YHXIV9ZLTJjlWU3yrO4mBEe6jjzMA2QoW0zW7KfWgRvEHrZNzAPNWyJbRZLO+hai4uQtHZrtFiNM4yNbKCTc8F+PW1ITvClj9yQxFDFBZGNWp4uCy2dD8x1uAbg7pzBiy1crOmC6VVPVWfBFD2sYarr1yYiyuq9hmB6wJrM6haBLkyEZPS4x8hFlRPQJ4x2ICPsEoidxUzg7IoeBs3Yo7WiQ0nEpBkNEgfFTgo2i/SUNruurNr6MPyCp/Pwp7R3YTGb8UwbZZM0qu6AtfCy55G+Y9SwdAz71+GRO4nO6ILGHa4gUlVFIeL5gjZ6clrmvL4NFb7Ru6ndeIe019r/xT1M9D65OveS52sSK7d5B6b9WoQSLgpOQUZSCLhGQUQOKSbGWpUAAKDXPhaxVwi26wEWrkpTVfWv1lH1GXXudUZC0/rFskMD6V5fqMjc5kq3miA7iw7cYPnjhXAQBdnCILJJGYmB/v1oxOmTmyK8QKYKSKiEN6b0A3huRgW1U/7258RAFnMQl1VfbGWe9BgzDtT0sleD8vjKAp+ZorICzxmS4yy4FkwvslbfZy9cS/CybGYZC9zTSoGFfhoEbkvtN3zK4mJlt5SuREObZTQUS2PmXo5bd/qQUV+p3vunG35kuPRjF1dX1QQL+UD3GztMDgvylRzvxATzifCwUhTfBbbEozuB9Hxaq4iLmXTUKdxwZ8w1acIxEjMd6X3b+/vF7HnKwpEtbfv2PboYCB6eLmVQT4WY+kKOdqnxOpHpPYUIhxR2nZKEyiP53xwK4RQomM6Ko5diXO+mwVRzQeKxx4I4R9IfAeH+6cxRM77CdOjTgYE1C+yGYmkWnlTe1VWSA1lK7lcFETsbebZJmolzBP3mX7gLT8WDKGKwO8KF9sYQb+uoeoOBrqB3MErJmjXc5k6oEURnJoOG8YwjEyXDGuR3JSRandO/83EXnJjjBkCu51tQ5fv4zQgMT6C4Wsop1ivFQQxSdfeueQG1KW5s3av62nlvoobKY0FdXVhinZD0FfJFafzfZaioOC23MtRVltPtUM4gzv23NiVGdax5VyfaVDpa7xPEs/vYOjTAoTYeZN7M7dyW03oK1bT1sEPCsg1yyGiREA9AIL4UojfdALSEZfhrVzoaEJpQLdEQ2M1ho8XLIuaQBolGyVoQp2jdRHkKDDojO4acppnv+2NH70N7ftfEO8TofWym4n1rQ7iopP+wz351gZ0fZw2UaB8ft+KC14mNG1u6NTBEAK0UhxC8XcZKRgtKFU4/CuM8e5Rdd0tK0BHJyBikQkAzG6BKJAphivudSpMppnWCAIQwiW6ewsqKGpnHfHGhBCciv8030hI8ZLOPKcoP61j78C4wR1Bd0UeZ90Df5Y95vKNQVZdyj31R30S80NO4nf5SpbuSbPCaFSpJPh8YaXTtL+DXUd+Y4K8NLR95wv3UuLVysvWBmMwSpzSbtb9N6ryqGmgN9+yqajF/95tYD6Tlsy85hwjV5Gjf/IOPDzTREErEx7p+0aXw72dcTQnH4tXCLPTMz7C1LZUOuXpgAv4ftt82dPbauQe3lYSe+OBAIBPEwiD7VS9VuOMG8F9v18JjiCFwtDn9wNczM+GqNXJAgqfs2OLVAJSEmnIRAD4XU+aWbfVTgfqU/3YqHID3Uog/Z17oWDQRF0a+98qz5WfqvtajAKxxqPDzTlivKIpamj1qLlKjiNPUXDo41tAJsPkfqRuQ1nA/23kCTgfFfpkWzHruv3x42OXRpSMs9xUAa9YeltjSLJd2BzWvPkDY2NxjfsfAE9SCqTzgRW125p8ovTYGMqJRfmN/tUfazQ8i7DTfOm99F8ELEIS4b+HYcsC1H2TMiLyVm0brs+Or6fbNZenU1FslabxDZvo3cxCcxqafF5EQOb1Rp9GnrxFTueDtaia9gBDBypRMmKY0lrYveG0yz5euLLFqyns7kbX1kjkK/TwvsCreTJ8hnYCkuoX1QRs2EjcrhwuGCa5IUi8jvtzXgnaU23gLVOBparEFo3x5z9nFIKKG7IvwJn3alIWWvBX4B/nnHXOVQjrFplM6o8heSyFqzLHbjLqNouSsTvq1qNQ5sBNm68IvChI/BhRn8XPI0LWb7MQCySJeFuGPGi4qhj8lU/Jx82FpUCP+KymBM7vSwzw8dwrQ/HaYT/kgHUvDA053JYlYiVRP/cThKwFBMPJeesGnNkd/9n98V/iUHQ5sbg+qQN7WGg90/NTTqHrvQCq6bALmVWyYb7v+31IvNfLUA1rxY9GcWXiVVDX/n4rJ0O48c0waOdt8JJshHQAj46ZtEaaL4pAEBs/4AUphkM8EfIDkdPlm1VWNDU7QrFLJafp2Rl7oVscdKWxsguzgiOHahe7UYj4L7MBaOz9ZjZEckYKjbnE9r/UzRFeK0DI3DNLV8lJJ59cW3OzJsCT8/Wc+wHYMB2E9uMv1qMcdINAQTYocwuauUr6aQXkFdAgVEqqxeiflondxzUKrzu6D6uB/O8qOzJazXtkWgOoYae94w2G6e7UVPxLIYhmb/pZrhwW1YD1uovAtQS5OVXIn0wyRYonCesuAxxEza3kJYLyBF6Gw64J50xOnrAV20DQIgMSlKV7bUB+S5wVmp5TRh/dEcNSA6rPE2mek+tncKXTA6ibvpFAQ9xvcsoTAi7eSUpkGEfsuexcPP6i0q7CvoEY5S2mUYBhzsRLkUa3prOuLDfsiuxGw0x7Vg1WYYYPPvIgChzhXqdgph0sSXv1Zn5mtOIyKam6ffgXsclqovwL1W0fsDzmxzq+tbevnd2DMBorewlFC9rXNh7PTgn4fHBDGc6rZtf2rcBgE5mi2JFimscB8Ww607Ojsw+FhfrBcinm8knUtOjBRgeEzF8XPk6E6ub/4sR8ftHXyhCqVxSlp5jSvvzg5QmRgyNPnojH2tM45vPzJw7xDsDUEa5wwsjK6XTxg1rhmcyWgLsNKyvqzZ6JmLd4oiEfSQ9KN+j7MXoq7z1HnowhjDTDmjylW9pI3U9hUD0sh8Fmu+kGNfGyFWfpNVEuTuJwsanH83Sd36m1Ssm2/iF4Qu21iYk9VScj3qqemsgTHkG9JA7DQN6ym6LrMtEwclb1jx43D0swJx1WLdq+e77dCHUiEn7/O/hsvKeVDxHTCyoMZxFYcS8jeHN64aKLTqv8rqzoRa4AucRaV5L25Kx50KvyeQOMJODDj81OOk5UH0qU7mMLMijfrM1cCrvnLCL9dWVjEoTIJns1L2eZnI14GAP4z/Zsns3Yvjr+jqCDKUalfTQcPUgrt8wnQgiH9UhEoSBYbtXOgpfkxjNhnEFPRbWS7SHZ3dYI+xiC4/BbKKEsdnAyg6m1smZtcqR1+LlVf/XKpNHKG7ZBFht9IJlhPW3FXTHzNL6UZTqa26mgeg+r1pibPwVjH8GlHLu0GBz8eUBT8n/REaVhsym0GXlBtLXHw843kGiVRL/KQrfHc8mcMXGXjwnLnS8qjKpWp4s2mHuvAf5JfMWEGRar47j/iYC2SmmBcCWusqOnCfGJtmFBeXy2Go99sgFtd5QYc9yEY1vp+735D2nQWKw/xomssVIxpQPppzHUmxEcY6B3r1TJP5HO9U2Rh6hIBXCOJ7okW37dSZWnuj7nha61DwTNhz+BW73Fng6n31WK+NF4n8oPbGWzO+Mr7V2jf8ynq/+ThKJRqLL2kKNJ+FNdP1jkSpechuCOJZv6KPfqIGCfpPPNHZjbTBBHYqSBpLMJkdIeOYyUzWpqK54GZVontpQMOnfTEoPdqL1ztPdktbcLh63dkJMHFkserkY+Ynf5svOLrekrtCxGsE/mNebSZtqyvpOYRzn8T8aoBoWGhXO/e7ohy+qjrzrZVH8GJiADLeVIOylfKwUthpKoZEwE5urNOBx7xcm4cESAOdOL11An4zI/XQjI4eZNv36k2F8neSsspxmL0y3zNPw5SPkcJd0CjfS2MK3LPbTb8WkR5XZH6QUk03XvU2cXuFWw+E3N8LvPaRwaPYj0hsXmK6bfOJGXhlT3vX6MLb4vFlHBwjp2HojV3dxRqOuUPIqzKFlEjNivMLudAsdP6DrbGWGfYrD1pSztoZOAU/4gLajHCqh9K/2+MBnk6TZ9iEQEi8NvA23wByU3tdFfx5UgJVU4a+h5CiSyfz5A56xLPRvX1Z6SMvBa8z95SWDjNxO+C81pL2SGPwDE2icTKWjiWw8wMBpg1/628pd3W54u09SkZFzahLtuBtHpg1dl0J2BKPPGCQhuiqm/+eT3WSV3Rw/HLkOnzc1i5hZw+CSGiDzSfVwyi3S2w1umnVtuQwiiAW5zNmAJif7f0oMULL48k8gQgwNHPD1KfOjVbzVL+vsW2SKrgSMlnx9pexOdBPZKAcGOx83j62TzVadoX0S9DT93Bwqe73kreKc+MFLpBVuR2AzXtV3pTJS4jCscyaHYN/G62Q2rFEvTuO50igougtGLpNgD3Y+YOUWtl2pE+DZlo8Dsd/HLNNnOyEhm/eIOMts/dJ9r/JeiGeIJ37umILnn/Yo3beqvXdJmrkkkyZkGNvQZIo/Hq3kPOfQ+emB/Iks9kdhQRwMnIW5T0M3WiLh2pn75Htqp1kkhwccnfOENcXeZ4Y7QkmE4spnmisgiYr3rNJy2FsSfgLO97BAv/MWdyA5PNQVcwI/NMoiJjKu789TP3/JdFx5gWg8QSvbaU3Ocqz6mDY/WFeh9qychxSrp9jyUHR2EC7JABYeWHk8Fcg3gpOJMeYF7RMuzIZvEa42CDRjduH8ukr8Mf3IP4yaQ6xHg9JkSS+757Uxepzlj/TL1Y9T0GAvxdjDNDgIunbgT+vZbVdkqOkqZmT0oMeEUT3pvgrHgpWnYkiNv+TDrBKRzxz1OxJqJ9g1XRCu/gKrQtBFwUv54ShJWKZZ6VhIgN1BP48LFMEk2FE5GKGRPRi3T8Inwk6h9L90i9rS+u/5o9UPBmt8FmDr1EKp3JGnfCf53iPrmud6QqNlGfviegQN5iP2VoIiUf+erXdYvK2t1Ed10KXANDpI1BQbUre2I81aG2RVAgCJEfJO1ptmpTC59BGH/BH8u9aCIbKRcO66LwuBo7QNySPC9Xr0HGl/z9X97U9I1um//93XnN2LGCY2rVAi2iC+HaPlGxdre+5zgtvnJDSzEHpZ8U6gNszbJx7J1Sy9zyoWRecR2drO1wbHURUdK/P58a4FMNgJENf1rytznvFqcWFyptuyAXmD581dZgX+UpLfGMpeoD7qYWsz7bZYPWzqcjCQMvzHw+ARhcVj9aGxi4gc7APAenCDiVVZ9ilUrs+sReDKRAUYB25gXD7kgk5mm853CFH7dsuT+0KvR4SbbyZC47BQXOdYsw0Pl02fZbV9Ks7czI7NvIZy+PsksyKisVo5WIVtYkGag+pJfSiHkIAmx2cSDCv1KXo9OIvnUAzN0a2P4kWTtekR4NsPxWwbeQ9gCC3eam5BcY/br0xDNwK39QJEbbH7mUkT3lC7Tr5dQkC7hjlRgJxO2vVpRuvbbZAdd7TemlCm8HaIVsOamnLxk0i/bw98t3wgzqgnBAizK5vGOvI3AFCaeJMk/no=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:20:19,149 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:20:19,149 - INFO [Shibboleth-Audit.SSO:?] - 20220809T112019Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|id-gOnUkCi5ytNM3ePnk|https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_297a528da3cde326c66989303585f7c6|morty|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,identifier,uid,telephoneNumber,role,mail,surname,displayName,givenName|WNDUP7URX5J5SWIROG5AVORK5F7AO5RF|_0de2d721a2b564cf5ab96ff78888802f|
2022-08-09 11:20:28,492 - ERROR [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException:?] - 
org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.
	at org.springframework.webflow.execution.repository.support.AbstractFlowExecutionRepository.getConversation(AbstractFlowExecutionRepository.java:172)
Caused by: org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id '1' -- perhaps this conversation has ended? 
	at org.springframework.webflow.conversation.impl.ConversationContainer.getConversation(ConversationContainer.java:126)
2022-08-09 11:20:28,492 - WARN [net.shibboleth.ext.spring.error.ExtendedMappingExceptionResolver:?] - Resolved [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.] to ModelAndView: reference to view with name 'error'; model is {exception=org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s2' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows., request=org.apache.catalina.connector.RequestFacade@62a2acd3, encoder=class net.shibboleth.utilities.java.support.codec.HTMLEncoder, springContext=Root WebApplicationContext: startup date [Mon Mar 14 22:06:23 UTC 2022]; root of context hierarchy}
2022-08-09 11:20:30,820 - ERROR [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException:?] - 
org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s1' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.
	at org.springframework.webflow.execution.repository.support.AbstractFlowExecutionRepository.getConversation(AbstractFlowExecutionRepository.java:172)
Caused by: org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id '1' -- perhaps this conversation has ended? 
	at org.springframework.webflow.conversation.impl.ConversationContainer.getConversation(ConversationContainer.java:126)
2022-08-09 11:20:30,820 - WARN [net.shibboleth.ext.spring.error.ExtendedMappingExceptionResolver:?] - Resolved [org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s1' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.] to ModelAndView: reference to view with name 'error'; model is {exception=org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key 'e1s1' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows., request=org.apache.catalina.connector.RequestFacade@62a2acd3, encoder=class net.shibboleth.utilities.java.support.codec.HTMLEncoder, springContext=Root WebApplicationContext: startup date [Mon Mar 14 22:06:23 UTC 2022]; root of context hierarchy}
2022-08-09 11:20:37,287 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML relay state of: /saml2/jwt/
2022-08-09 11:20:37,287 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Getting Base64 encoded message from request
2022-08-09 11:20:37,287 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder:?] - Decoded SAML message
2022-08-09 11:20:37,287 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"
    Destination="https://samltest.id/idp/profile/SAML2/POST/SSO"
    ID="id-bLmnVlmm5YTLWCyNV" IssueInstant="2022-08-09T11:20:36Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4</saml:Issuer>
    <ds:Signature Id="Signature1">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#id-bLmnVlmm5YTLWCyNV">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>e5iMKF5mB00YkAasBoM0qxToyQfIicgzzs/PLTNx51Q=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>S3IcQwLsYZPJCXtI1h0tmj/BoovqOYPQ8vmCT242U9fGaOmDV4nY1ZqJHHikNuPF
9ojbtUG2itsaq1E2dxGeXQDp/vVHynO4A8EFo/w3vOrgP9zAZ9UFzpNUQLfen1U4
5TX+tFbCTVoAammMX92025Ow9LiHW/hPzK6ljEYkNOk1UAZAgI6UygLErhqq7LaN
UnuZp3QBRL3OL7ga/zc541rkZFbxN8pMrKOEHCSUu7sjdp9sLrMiqYupzhbQMxmW
DPqfESjHCNrWV9JIheELl//FjdPceSjeY4TVidhmT5aSKhotkU+3CqtXjdgNlUs7
OuJedIGp0F6BKqZ58PNmpg==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIICuDCCAaACCQCP6GcXfNKt3TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNycHQucHJvZHVjdGlvbi5ob3N0MB4XDTIyMDEyODEyNTQ0MFoXDTMyMDEyNjEyNTQ0MFowHjEcMBoGA1UEAwwTcnB0LnByb2R1Y3Rpb24uaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMryi5iFYA7zP6uwJEuzAGVk+drl313JeRW/OFTYbmFA4X1jjKTdf5SLRxIdDiIrLTLfKc/9Z18Acd4aSTBNLCMaJHpKwCa9ALM6E0/7N8KlB36wBnrQwe4SeOT5RRX5Q7K8o9HQgNrEK8O0y+zVYhlGplSrd+mwPdGo62MDGtQmT40Pl93upBXKTA52YR+7N/taVW5lnebOcPOSS4bGpAxg2Sx/oGmINhHGbf0QPeO2NI0QadRK1wsqw/6WpEn+GEluKehVEu6yMVgEF8MBO6nhTt6Gf5hbwuJjFgJHgvIEET4OVJ2jB7stOUHCRq+MXLnjTQ9j8Wvkr9QNoJnXI7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEArEfFdn1EVbjKk84OArjUL+cobbywnxyMzh2lNqs7EMX0Spysb0NiyqYJOrMjZpWM6yISL7Sc8L6qtEKeraoRujoHXf3G/+e9Dx+AfppI6E9YYgBb2YWt/Hf3JCUc0YIzPp+3ZJjW/3C9P4cB8H1r/4HtDmiju0BeFGWdm72SthiXoOcWs5u2yHg21V+RPgBrPxE2m6iAFC7+hfFKxWE/1aN16r3v1XJcIPhLJEnf9b5pLt/EXNYNqFQ07qsyNqEXtPlWU4C3rP94xSik52BFI6OLf0GRcN0ZX1zPv8IEwmX+WV8I84Ue9OGvqSKhoC8f9PGQ2oy2hL+8DViJXeY4dg==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
</samlp:AuthnRequest>

2022-08-09 11:20:37,295 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' from origin source
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:20:37,295 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selected AttributeConsumingService with index 1
2022-08-09 11:20:37,305 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,307 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/POST/SSO
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID 'id-bLmnVlmm5YTLWCyNV', issue instant '2022-08-09T11:20:36.000Z', entityID 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Enveloped signature transform
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.security.impl.SAMLSignatureProfileValidator:?] - Saw Exclusive C14N signature transform
2022-08-09 11:20:37,308 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Attempting to verify signature on signed SAML protocol message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - signatureMethodURI = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigAlgorithm    = SHA256withRSA
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - jceSigProvider     = SunRsaSign
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.XMLSignature:?] - PublicKey = Sun RSA public key, 2048 bits
  params: null
  modulus: 25619741146304155236247692653801023529881785377825624882406330247906388727337884923734775946130977727632861768074484493057656687302896828104297571369771721216305953814997917180720049177453480549626185036630441315801981092559638858576306762697541333932774155000898199139879425514154317352028375602622268954902932678513581131324682073549192842948337646941490769289785001065956465411070693864094084247817385360209264413191151877848590570954980912399747190373069119500775190117392345331155808225076612427490832352000646743066757582659930653220567373000990999523284731213198836565990127157020606688322706213011815348511673
  public exponent: 65537
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.Manifest:?] - verify 1 References
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.Manifest:?] - I am not requested to follow nested Manifests
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#id-bLmnVlmm5YTLWCyNV"
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID id-bLmnVlmm5YTLWCyNV and Element was [samlp:AuthnRequest: null]
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#id-bLmnVlmm5YTLWCyNV"
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID id-bLmnVlmm5YTLWCyNV and Element was [samlp:AuthnRequest: null]
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.Reference:?] - Verification successful for URI "#id-bLmnVlmm5YTLWCyNV"
2022-08-09 11:20:37,309 - DEBUG [org.apache.xml.security.signature.Manifest:?] - The Reference has Type 
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Validation of protocol message signature succeeded, message type: {urn:oasis:names:tc:SAML:2.0:protocol}AuthnRequest
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  Authentication via protocol message signature succeeded for context issuer entity ID https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:20:37,309 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:20:37,310 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:20:37,310 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:20:37,310 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:20:37,310 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:20:37,310 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2000/09/xmldsig#rsa-sha1
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2000/09/xmldsig#sha1
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:20:37,311 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:20:37,311 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:20:37,311 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:20:37,311 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:20:37,311 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:20:37,311 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:20:37,317 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:20:37,317 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:20:37.317Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:20:37,317 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:20:37,318 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:20:37,318 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,318 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Updating expiration of master record for session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731 to 2022-08-09T12:20:37.318Z
2022-08-09 11:20:37,318 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading AuthenticationResult for flow authn/Password in session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.session.impl.ExtractActiveAuthenticationResults:?] - Profile Action ExtractActiveAuthenticationResults: Authentication result authn/Password is active, copying from session
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Reusing active result authn/Password
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name established from session as 'morty'
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:20:37,319 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Updating activity time on reused AuthenticationResult for flow authn/Password in existing session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,320 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=morty)
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 10 attributes: [eduPersonEntitlement, identifier, uid, telephoneNumber, role, mail, surname, displayName, givenName, eduPersonUniqueId]
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 2 values for attribute 'eduPersonEntitlement' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:20:37,321 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:20:37,322 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:37,322 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:20:37,322 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@720f875f'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@57b14505' with context 'intercept/attribute-release' and key 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'morty:https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' value '[{"id":201},{"id":301},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1691580019136' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, eduPersonEntitlement=Consent{id=eduPersonEntitlement, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'morty'
2022-08-09 11:20:37,323 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'morty'
2022-08-09 11:20:37,324 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, eduPersonEntitlement, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:20:37,324 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-08-09 11:20:37,324 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@720f875f'
2022-08-09 11:20:37,324 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:37,324 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:20:37,325 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:20:37,327 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:20:37,327 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _5f505c99d206609132a7671e3325383f
2022-08-09 11:20:37,327 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _5f505c99d206609132a7671e3325383f to Response _3f7662ce75c9b1b8d1f5014475fbe3bb
2022-08-09 11:20:37,327 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _5f505c99d206609132a7671e3325383f
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Ambassador of attribute eduPersonEntitlement
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value None of attribute eduPersonEntitlement
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute identifier
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value morty of attribute uid
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5505 of attribute telephoneNumber
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value janitor@samltest.id of attribute role
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value msmith@samltest.id of attribute mail
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Smith of attribute surname
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Morty Smith of attribute displayName
2022-08-09 11:20:37,328 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Mortimer of attribute givenName
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - No object to operate on, returning true
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:20:37,329 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:20:37,329 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration did not specify any formats, relying on metadata alone
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:persistent]
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:37,329 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Checking for source attribute uid
2022-08-09 11:20:37,329 - DEBUG [net.shibboleth.idp.saml.nameid.impl.PersistentSAML2NameIDGenerator:?] - Generating persistent NameID from String-valued attribute uid
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID WNDUP7URX5J5SWIROG5AVORK5F7AO5RF with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 77.65.103.161
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to id-bLmnVlmm5YTLWCyNV
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,329 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:20:37,330 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _5f505c99d206609132a7671e3325383f
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _5f505c99d206609132a7671e3325383f did not already contain Conditions, one was added
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:25:37.324Z, to Assertion _5f505c99d206609132a7671e3325383f
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _5f505c99d206609132a7671e3325383f already contained Conditions, nothing was done
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _5f505c99d206609132a7671e3325383f already contained Conditions, nothing was done
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 as an Audience of the AudienceRestriction
2022-08-09 11:20:37,331 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _5f505c99d206609132a7671e3325383f
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 to existing session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Loading SPSession for service https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 in session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 in session 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.AbstractIdPSession:?] - IdPSession 6703635d856f227963fd6984ae01fdf3c9944dfafd70f163e9e7c651690e6731: replaced old SPSession for service https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Removing secondary index for service ID https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 and key WNDUP7URX5J5SWIROG5AVORK5F7AO5RF
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 and key WNDUP7URX5J5SWIROG5AVORK5F7AO5RF
2022-08-09 11:20:37,333 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Older SPSession for relying party https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4 was replaced
2022-08-09 11:20:37,333 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:20:37,334 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:20:37,334 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_5f505c99d206609132a7671e3325383f"
2022-08-09 11:20:37,334 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _5f505c99d206609132a7671e3325383f and Element was [saml2:Assertion: null]
2022-08-09 11:20:37,334 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_5f505c99d206609132a7671e3325383f"
2022-08-09 11:20:37,334 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _5f505c99d206609132a7671e3325383f and Element was [saml2:Assertion: null]
2022-08-09 11:20:37,337 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_3f7662ce75c9b1b8d1f5014475fbe3bb"
    InResponseTo="id-bLmnVlmm5YTLWCyNV"
    IssueInstant="2022-08-09T11:20:37.324Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_5f505c99d206609132a7671e3325383f"
        IssueInstant="2022-08-09T11:20:37.324Z" Version="2.0"
        xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <ds:Reference URI="#_5f505c99d206609132a7671e3325383f">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <ec:InclusiveNamespaces PrefixList="xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>w30QyWerbtIyvHch3ILkIAtBaBI=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>R7KLGfddWdYphcelPsUw+mKwyO+jTzLw4nLu9MSs8xLnlL7xRIQQMuD/ra0dF3Qyb4To4Kgl9ozhN8Uxqy4j60G3cb3FD9UlOSh24jR6Kygk3INRk1lE7PelFx2kJetdPuqRY6dpWBTV9VB6wT2TwJwCkdRsem1+Hfm+jJUT2A28QNFSt1kB1OENQhAgV1Z9hqVwfPwqzHJLrPYoroDNfJHvcTOnjbEMbsU64H8pnCd9FY2B0q5VmGKXRsZgFc/KRuD3Co9eDLyLsEs+DHLxDTA9FjAf0SO75U2YY5mQicPGml4YwyLL0phnDymoIkuB6A7wjUvDwzrU6EEGssRDwg==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">WNDUP7URX5J5SWIROG5AVORK5F7AO5RF</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="77.65.103.161"
                    InResponseTo="id-bLmnVlmm5YTLWCyNV"
                    NotOnOrAfter="2022-08-09T11:25:37.329Z" Recipient="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:20:37.324Z" NotOnOrAfter="2022-08-09T11:25:37.324Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:20:11.045Z" SessionIndex="_6b9c21164f011bfbcd4dd55cfa75cc92">
            <saml2:SubjectLocality Address="77.65.103.161"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="eduPersonEntitlement"
                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Ambassador</saml2:AttributeValue>
                <saml2:AttributeValue>None</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>morty</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5505</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">janitor@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>msmith@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Morty Smith</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Mortimer</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:20:37,339 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,339 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4
2022-08-09 11:20:37,339 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3f7662ce75c9b1b8d1f5014475fbe3bb"
2022-08-09 11:20:37,339 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3f7662ce75c9b1b8d1f5014475fbe3bb and Element was [saml2p:Response: null]
2022-08-09 11:20:37,339 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_3f7662ce75c9b1b8d1f5014475fbe3bb"
2022-08-09 11:20:37,339 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _3f7662ce75c9b1b8d1f5014475fbe3bb and Element was [saml2p:Response: null]
2022-08-09 11:20:37,342 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:20:37,342 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4' with encoded value 'https&#x3a;&#x2f;&#x2f;api.reptool.develop.thebitbybit.com&#x2f;saml2&#x2f;acs&#x2f;&#x3f;uuid&#x3d;45277085-4fd0-40b1-ad18-57744d81cbb4'
2022-08-09 11:20:37,342 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:20:37,342 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: '/saml2/jwt/', encoded as '&#x2f;saml2&#x2f;jwt&#x2f;'
2022-08-09 11:20:37,347 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="https://api.reptool.develop.thebitbybit.com/saml2/acs/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4"
    ID="_3f7662ce75c9b1b8d1f5014475fbe3bb"
    InResponseTo="id-bLmnVlmm5YTLWCyNV"
    IssueInstant="2022-08-09T11:20:37.324Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <ds:Reference URI="#_3f7662ce75c9b1b8d1f5014475fbe3bb">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <ds:DigestValue>m/xxMteGAXoNNq6iU+ZacnklAJY=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>er5C8dytReYNDS38flUMihvl6q/7eKgVQkYQWRQHfFcv/Jn1htil6h72UogXJfVb78+lNiGeMxx+Nj8hidr3brzLtCXxGmvwJLNubDyagfCT4xtbZrLynEvKUi1kE3kW4DzxXNQZV+I7Nyo/iv2+A8OWsA1GCODqtiOBHkIn96QX4G4mEyoL36JUcELyZgH8M53zQDsh5QJKFlFBPo9iFipX3JS2IqOejpi0SU75tguGSr+wwsUSuTRhv38uvOg9DA25WIcifwo4FLYdoyOe/ISamLpsLq4ZkigecWJhL9A0BckfE6CaNUkfBiI0A0sr4WSvDvagCQHrM1eKx61qKQ==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_7ce4bbe276c457dd728da09400409c72"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_d7dbade7abf27559495de66ad012d985"
                    Recipient="https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIICuDCCAaACCQCP6GcXfNKt3TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNycHQucHJvZHVj
dGlvbi5ob3N0MB4XDTIyMDEyODEyNTQ0MFoXDTMyMDEyNjEyNTQ0MFowHjEcMBoGA1UEAwwTcnB0
LnByb2R1Y3Rpb24uaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMryi5iFYA7z
P6uwJEuzAGVk+drl313JeRW/OFTYbmFA4X1jjKTdf5SLRxIdDiIrLTLfKc/9Z18Acd4aSTBNLCMa
JHpKwCa9ALM6E0/7N8KlB36wBnrQwe4SeOT5RRX5Q7K8o9HQgNrEK8O0y+zVYhlGplSrd+mwPdGo
62MDGtQmT40Pl93upBXKTA52YR+7N/taVW5lnebOcPOSS4bGpAxg2Sx/oGmINhHGbf0QPeO2NI0Q
adRK1wsqw/6WpEn+GEluKehVEu6yMVgEF8MBO6nhTt6Gf5hbwuJjFgJHgvIEET4OVJ2jB7stOUHC
Rq+MXLnjTQ9j8Wvkr9QNoJnXI7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEArEfFdn1EVbjKk84O
ArjUL+cobbywnxyMzh2lNqs7EMX0Spysb0NiyqYJOrMjZpWM6yISL7Sc8L6qtEKeraoRujoHXf3G
/+e9Dx+AfppI6E9YYgBb2YWt/Hf3JCUc0YIzPp+3ZJjW/3C9P4cB8H1r/4HtDmiju0BeFGWdm72S
thiXoOcWs5u2yHg21V+RPgBrPxE2m6iAFC7+hfFKxWE/1aN16r3v1XJcIPhLJEnf9b5pLt/EXNYN
qFQ07qsyNqEXtPlWU4C3rP94xSik52BFI6OLf0GRcN0ZX1zPv8IEwmX+WV8I84Ue9OGvqSKhoC8f
9PGQ2oy2hL+8DViJXeY4dg==</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>K9tEl634n0wD3WG0yS/ebqnvHXE13cJ943DfTxFJ2KpCPbD8CnjsLsnGSoW2Ra2Nu3mj3RrSBN9Ya5BC9v062mgAb3+gMBO7R1uhKPVDj8niZooWi0gcUEiA44Q+kx3RQp3RxyOE2apPDnfHfIRa6LFLYksztwvJ9NzF9i1M6z1gS7X8XlEyPvLr6w1h6g6Z/lBjoAKTyLY68WLcieXRnq+/tjxfVPIRoIJdDNXhpbKl5oqRl7va2eQYDZdV/uvgMRkYx/Ttd26/ydsitqhidNfcjnwABqR2n0IkVrA295WQnLLJ48GqkatIYFk4tVlvbVaRDJHUgKoU3wfth98ApQ==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>232sRBLTuhLMSehN41VvapHi7VfoIAVcOdx39YAETMlxWUMpTZ8e1Xt9DbgulOTwictSRZaje9yjX/h4cwpueHj96/XlyREAmk1VgQ4dn+YQCMr3xd0Z2yfuIhodb2W11PQtvK9vJlMhW6CheFMJR53PGbbmKJVYiGeQOZndjya9fFHw874Ss4+WAaOEH5YfLFg9O4FzSTLq8obvzTB+no1clLOyc3cwMKDukKRSGfXEVmpKyU/OEox5nzoOHRpykPaIplOGOodPoBYsSpGI+j3CEaqW04FKt2frY+yGMd7YRbhFseQY25Mqu7LhDx1nIFSnPA20tNytJfcDhQuLlSal62T5D+WkknX4cxDEFum/fRis1/aKERSqmjoVlViZFHWQf04RKIIpSb5X3z+TqhQwWuY/2WSzSTyiAS0tbeE5Cs8iCR8Lo2UZCRXh1CKIDXdf/u53Kc0UxTOST4pKUbYJsA2mGK3rU1+dUTt/X96XyzZQdKLOy7Ac9QHksMShNjXI3aAwDA0zxGTK2/1rMsjrsFJCaT853kmiqQpAa9SkJq4UjG2pQtPTrcNHiGNe2gsWm3I2Q1OpKU5Q7AaagX1ThP5Zu9DUEMPPQMIOkzM0QZmVS2JPcaO7d2cRB32i+hRGYAjB3aRMvceDArOk3tOnNocE8ZnYBMqozywEu63/HM1+q9NAFj4YEFjaUE4GtlKr4C+gHo6DmX4p8+5/pc4zbWBpSkx97kiFio8zRwpWwKqqwrC3XbcQsJbnOnfiwrmSQikMgrOAqXPuIPTg8I1DaSKBIvKNwDXQgZUTXIiWNMWEmc6yxNDaJpxe0DISzz6QZEvKrCCKqSL6FjzImtZVBdzH5Ru0HIFx7+chMtMk7tGDpRn34adVMXgG7WN1BUnxzfPe0TUNn49xhYisk7xYrXZkvJNqt7LNHrMBY+pryCo0paAXUYN5ua29A5alHlP3MByx7swJiI/CmddPzLHxvC38I/sgsd35oP3W3da8T18onk74Nz5vThDoQCHhlmORH9P5z2tZb8K5TRqBe9+43/doyJnl4bUm2+0PQkeOb2fZObZSISYyW1GTp9icAMc2pNagjUKxLGQ7GeiQNGMKda89UKBjWbCqx5jhLNL9+ZmJ81TGc0T/efh8VGaVVUHYKenFUxxmLDGM0jVJurbGVXIj72kbINqA2douii6LIZU7J/JN5dc3pPIClns+dEyu/q2zOLwN93XLpvT6cILYGE/0VtepYlLlibOb9IMMmmeWMFEY/bhIqA3zWuaUBkElhHEZ2CyKXlsvZXlZJHcwepg5RofQnHjxH9P1qyDLA9BXK3MOQ7GFjqyzu+Dfe8CF9Tma3VCxQTbXVc5+eqBJvkaLLctqeVsiZdeGYKqOHvlKS+uXNWbWb00gt6FZwqEwjkFH5RWp8/Cp/zEScEYKGqoV5ikir4tgZb2lrcDIYT5DhEsbsksRpOtc/22MiJRQtC2JYTGvyKkWpKTbB1N4GescHAH8MmuhMn0efYzHoHJMFa4edwEzuPqa1uRwq0ByVhBBmJ9VUGGKNikB/LdEN41Fnaxx9ivshH/82m4kUHrr1tYsDrp2CxUSb/QoQaDsS4Axm2vW4hyIcT/SCEpek+uvbKQ0OrBHWjam32NsoACr2xZ4rWv15VbPCvrLMbv/ij0pmsuQTtaxhjpKho6ESG2plpTBGVcyqgAz2GAzG8UZ2g3Tff+G7a/3eQBBCLBWp+W2grcAsFjQ0Xa+2k+QFXmfE4aAgH8wlvwcrck0ErikMiCAPGIrUT20/PSPsc7gj1nuUmYfDuIzF7HgRxnT76SvqNXCWp4LI+iPT6cvhwAf0o6ApiBHHyjiZQANQTT+yYmrtMciH/XNzieLonYaZaJGQV6+brPjxK1bzA1VqlnZM53kUr2quZkPeoVcoI+ACcCR1eX4M+8DbZTiUMTeltGKI2BBT7IxhWLZTH/R0NHY5mIDWiv62wAtzfj8iR9RQXvtyEib0XPpqJRvPUMDWWaoD6wg5/tHG/93eRwPvN45ZJhXYO/HDxaVZH7XlJF0N8+3VTwQs58PNXXxam+ctaWckUtHrXPHXp13dQMYOJB0kCNm9JZnMM2PJc7zC4i9IAlEKWQ0N0esjmQDWL1i0N4zjZ3iayJVIERBQYnrkX1MCIualfybN8MzsDWRMgy48GhhYDBvLortO8OpRf9jk80znApN16hMn20eZVVtYuE1l39vQoTkIjV2jhw6PltqR7n+Pu/fpNwfMDAzCOr+cyLFRKlL1cNBiVsfasiH0FKDAbKO6dzaOlH0rl9dYq9z6+CpJiP2Rh4370T4C3gathgGi7VmfSHdgDhKWo/8pqRCPy0eQjeB/n60IbFuf+L/pMRDQpgC1AUYBYuewNoGSQ6cAmybN3nWeH+0nLTU6K4MfzMcBb+XNOLtPfz4/yXvYzgTpQUxJs0mTQmerVxKq3q1RO/lk0IvGAEyyLqK6J5ZcYej2zlS11dkQodKy3WOu8Buy38v1Dgb5hnyjBPAuWwzEeFU/XeFngi8uzxtf/8IOxI2gFyzCSzrY6zOHZKTFUzK6lxtk5n4faROm90tI4urkhG+McbSsr/aTS6pxShsm4lOJ0v1v1rihVlOZwLlFdA3dLhmJHb9a7TQ6B6Gph06iNq9fTgH1xiOKacTYZ15OolG4n2u7BGmNsUAIQCpoXZcT9GHxhFFE3cVMtQyaeerv90xGO/rLn/QBNlGLrUcvPwIWVbA8Qbey55yT022njUNQPEPruTq94kOzaPtmcwoLW9kgHWDHEzBc2APafHCDYeblpRz25KmAVkRfWY/lp4iGGPpe98SfsqQfxV8Vcy8ifcBb8FEDFxElCHBpxD9D4ELhiRIRkTbAgmfo84UnJsqNVEuQ0eqqO4RFE+iR/KR6NrycZQxyy56pMOAdHvxmkA52Zu0VH0F3pN5MgVVWhSF2isugSqEqT2RaM4HEKrO/S5OFEGFp9ZAnniUKjOfEgkbQZhcvC+JLZ1o0wimY5e/rMw27qLWhLwtSYg8Etjfc+skLHjo418qieo4rqLVCHOpJY3PSo7BOYA1ihoKas6JwN5yAIJVBfjIgT6IGu8jUffCqitySkbLAzHr8Vz6FsjghXNdUWc6ox/oBdUx8nT9NfGz4Jzswas35EP+qxDiAThY90GRE4JERG/NjO3Nj+qWcui19p7D5caQfpK7aARS7eHfUg06M0nAgPo6UaN4ULRpmZf4Ayl06AthmL0EM+OqOf77ZZ47mESamFvaDRokwap5UPbB4vC5GbjIQ/rWSN7sPVEZhcW0irW+2gFSKs57mPesQtYAPc2dMPb3femsWM+nJyg4DBfyOmYvYhs9j0e4CAJz4vfcd4p90c1D3RthcjLSSGS0EgTn9XIh3aAM8Qwdn4H2UYQ7tMoAGisQ5JCojVtdYZr6fWifz2+n/Ul0HLhUseJSBMKCxiVvRjC2bFHH1h6DNTX/2luFtHXZgJjAD7pGG/MvXmOIyPr8nn4RnuvJ8gYwV4QNrGpsYgkkzW3l4FzeV9QmtUaZQ1XbVrFOomcvgTe3/hDV4D4RD0pz6UK975XTrZgNfooGXw4k4yeXPPs3JhcA0b2ND+wvAVIj0WLgUNY8EHTS5IVGFcNfBUL1flExqKiHIiihuKQpbAqbrZm7Em2jLyjqOOxant3EUFPW263WTwrZGshx5lOYsDgx+2s9XMCPvbR4yzIEDAHx8yLJamdN7nQ/O5pQKUBGY/qM7eGhIvbYfzxgH17ISQN2ufFZU42o7vpsokuKC/BRW1t9IfhbcJuH62gJJOY8IDzpR8wFeRnL56c5U+wWbR5jXUDTKAzXZR3JNN2i/hMezfe6AbWlNFHBvMsK5gO5nqljUntN3HtofBog/FYu4HWPOlahsAoVnjQKJs7G3PUzfJeso6rAxi/Gzu7DVW4Sp/9kFBbde0/fGCfMrXLq8WglnrbiN+QcsttGYCaiTD6e55chJEm7CEgZ50Sm2WC1msRoifjlWqzOFQI35OE41+9AQ/28fejZsIS51/l2nI6vjAdDCeGSA2r/avyojxyYX3hPRXdv0IgfSWvKLVnm4vLbNzAzGqD4C8lwSyF3LsYZG9b+DcjeHkWtm8UwHJUa1WXJAr9N/SIQVzMbq+1zL6dsydLuRPHH/t/b2CqLv5Ex5hbMDy5ykCIyZ3saN61EerUhfxWWEAVtM5jKFg+avWkztN/tA/aqp0QJObm+AuKN8ef0FCKBnIvM62R5NXH3GYi4SNMmjK7JaQhyOv1DY6a4psVd2wVZzXnsRXD2+i2LOGU55KPHaOxc/b1K00k5XX7kKJVrH+NCEZhzTlDNIOTE1NWRAP/2vw85ALsJX2jpFbtI7bC/rGo1HC1g8SRQaYOaXnY5s5YD8wfAHDo7cS5c41HiqtIyvvZk2vRl46xZcmzwOg4cWoZygEpjKVqikX2WPSUu+LoBs7CgxFIPFdxRUeAFBuTLTZC47WwLJeBW/Vod6rtL44QlryltgcPPRBcCVELGl4AsxDoV458KXIeP/vNWoOTa1YgIeRHXUiQFcz7u8/3IWumEJeJIBz1I+qs3uUQ6G2AqSlH8kTj8EMGLVXrR/h05vxeIknnR9II2pyh4vEDWlmk8Xsy4CxgvnY4dB0tTelXgV2HwAsARxp/zYY7Zg0YGUpnl86YUVulZuAe0S7kNfYi0UaQ2mrYXmYAIGGQJ56QEiJ7gIaeqIjvZzQlBe1FfwnsAHJJTF9y1L/0MoRIthS6RDp34KeGa5UnKaXo4QW0WkWdRiVVVTrwE0C/x4pjUnrMe2iWVUqrUK7qv5eIFIjFyvESAdT+wjY6BNf5/k64+VC/My5q2phIu1i9+gcq5Y8XW58kx6Z8UE7HeTDG99LiSihGczs+TPvKt58tLMrn9aKgLZRVTXYzvoqyfyApGDHKyYysd19PN1bfLYHtimgVic2Z2KuYLCZNj5fOugnk0OPExzp48CkfqrXXI4vmeWwN/9a0EEfKNbhpu4O2nbliAY7TRGy50CFYYksS5gke2rZODCklKjZVFJBsgVHC3Dfq+k6eq5X4VcAg5t/lZttSxG4nI1ZSJHlT7FTL2ZIC733vO7T+NdZD7MysnVAWQU2EhnRymP1sEacoWrR5jbtXbm8gzffjYxhsATjt4j67+ys7O/QSXRe1a8M+pECm5AekOlrS+32S5sVzIwxhI+ywIncSKEbauczZWzBAfo1Iok9xhFpEVHHb+jv6wCoLo5AbJF1wfXooB69ak1QJX4MsoEKHsKeU9D/SrBxzmUNffU/KViJCSJBlsiaYTvB8+1bTIlEwqWrOK7etfqQ7xvKFOa+bMLy59uKCc0Yp6ZKhMTj3kFvG36SdTjMnrFlzuK3Yh2JlOxjmeNMQmizPNGW5LNcyAI8MZ2w+/qEIda5ZFnz8JokvWYHzPwDJA9+1MCeRPBdofhHCYRg4HCd439F2iX7eCSItAiQvb2WOYf2jAzGRI2Z9++2Wgzu5XbUsPrhlPJibPkLByflC+vZQ+B1+cXC5qfC8VARJ0w2w5puP3TEYIlgJZ+xo47V9bOnLhj12ZlcDztaCWSmhUixyYTh12jsYS8zyc5qKa5GbTWX0QoKQWTBTlGHiS+Qb/yEKT0KuDD/sAYVNcfDsBJ8xMEE9ApgVJkucFe2WGT0y2zr+71awD7nB0qpA3UNnTBPxlf6BygS9PiSyCWEeSkWNK9Hg0IP6kq2MKYMrnkNnPNbvrOK5shcfnR9eAG8LvGQ42xsvO8eagJc0FXW2EabvmU1zdQYuawjYItQFX4RrZyiSHgoADh4Nxcu11DP/ApA4jA9EULqWfDBwt5L4jXtg2neszKhzX+W3jlEYqpM9fwVhg/gGZWOzAypeFQJ2J/Lh7OiUxlliLkY/fyQFttjKxf3WC+WnNp9fsn1OvOQcLIimnEdDAGEf8g6j9AU1pwNx+p+8OikXnEMIYozW+NK7L82I/jyxaGXoOvwg5Bpwkgx41IS3hy5NKU3H7+bNkc1YnXXn5AxEuDkjTFLWBgCDnW1yqaJXCGkKaAgEDNTZ+pk9mwmiBIkao0kKpeLF3Oa2+cZDBKeCZstxO3Th3cm3Wz7sOxowU485H8yYbiF/RDtOmJbMqVyxI+JTIVz1puP09LVdCUoUUawZE45aBMq1uZApTZZ5J50ZZzCq8Sz0bMlnUcelvcPvF9F3ekycoAueYHgnK7EiuUirURgwfkliYkYrwWyVneSPKqImsP4Zq1UG4lLcuJuR7xspHZfXFVIvkcGbIWgUw+gIeT9XZDFsOjcvLhUvFL8wKoaF+A5IrgeFlm1RW+gN3bHU/qq4sWzxns5/eM5EOJC3ujbGmzKeb6PWvNMrxTfde3vdwxwTxnObYQ0q+24UWNNNZV4OTN7sw8Xs7iEp6E/BZKuewRA2rBPGhG5UxqvlP8mwhm77tFxN5MJaECLLjjdq/SpfIT6PVvZQeJaBFCRPNiJ6xhif1MjTYIwku8++B8/JCjLkX0CZ2VpKlC9u0YzyUgsa+W4p2WhWB80IMa20E1INbXv9D+MY/SehOg+uvoS6lvY5OhYzfQcFl8v9T6a242UHsRytIYYBR/5A1QjLSayZxPpWH6QVg3jI8uYQiVb7YVbbR3nvJXpIsy8N2rmx0JmuiXvk1KysubwFzHY5ZJFMiyHSaTVno3ND4Nd5WvTi4NFnRBAVyXTyG9WM53YChy3rUBluSyauMm4mEWacW1CiXuIUK1iRP+XPxZ3i7v1E3/DRqjl8pOE5tyC9ZTlKfzs8vwJ8KScD0yxPBf6X0yC+E+yQjWAV8i1DNyuako3i3Y6Olqow9t8H1ZB9wf/qRyxpLIE0r2tTCDVvGFpIqpyI0bMK7XXMpPBrTz2zuiMgB+1JVG4I/9Y3ltM2zF7Kh9htYE4BqRs+qJYU87PxDKaTujtPMMg0ycYu81ITbwcbO8/UDQaheXOMMGW8+28e3nR9BZ8qHCFkDfOMMC9h3mFmlyIg7LWDcdR+pZRzZDx0jqC6wk8BOV2a8XJTvFlTKi8L5OBC3W6vRMNPNaBt8X8WlU0C57K9At/MUFsCVD+pLf5YdUM6R26G6BgMRI4yBmiuuzi2mhWCFr5VQ9PHH7cuFwinIZ4+C74Q2J+KZ4n9UWwJmREkMVwiTLBdmCLYDAZJY061s8NhmdQ6SQdg6Ahj60NotN21hS6jj8Qx0CyjRg3hbdFEKb/AussjOCkdhQmoVZLkZ7pptveBLVVMsxoYpaZwMMVU4J2aXLQOthQLuUFnVkWJKvSmWPwkc8y6tIpdnNmVZ6MM4LCZhJqkcONGpj1h+RdHqIecG1SzBl6XESzDn3Y/7jw+vUCykhThcmE4LUIHJmoY+y3TVz1cFpl1g4Roc6BCjZ1jv5Ri1hJHJV4iC8MhAAoy37lKUbXCGXCnnmE7vc+ZYp8aD2sJT8ZG5iDFuy2kZaexRYFHp2KKoEWtjz5iBp7uyE9ZnhasugJBuM4KuIQMF6d8rS9Aftv35/INctaSboUi4SRR18GDi0oaDCZXxSrvVGNTtXdl6hDB8GulWDfGEQq66pQxAlqfGtGNlhf8JebB9bsU/+1bWbdxJ1gi33L+B0I78tpbqqrFyh3tKkKKjnIV/m3JaQf8U2feArPwe0dwsmfGRwUGBCVqG48+FoqSzhWrvS0zqG9Ds+uovZ60VIs4y4243i/3DaM6EONj5ECo7llUCXMbbJw9YFs3wUvJjE/dPZR/LeQDxOFWfJizE7ROwx4UfTlCe/SN0jJ0UGQMadgLmvf7vhzY2mXokBeHbFSq7CrHX6yjc6QupPNbssEASfdoNoij8ONbn6EIYaBfstzBWUTwZSIszHbyJb7mzsJTWP3MY1/oUS1fFq+7ABtLAAtH8Bo1HMBSXxtGFXbZE9djXg9LJ8j9UWyLWTS5H9A8iZIovOSom/c/QexC+SINfo5qVXXcAl5ReXjIuNk/L+8aH7Wrsf3vJ4ka7NrNABTgArq2ruKPmq9Cy0G7ETGvBcg8jrto0RkAmSV+88L1IYvjpVmeOPyeXH2CrPFLt+R2nwzWqYN6lmQML96OaJ/MJpXeCBpwyH3Ng+akABn5jypMsLUV02+BrLvp1sFdadBzTsOITq0Dw5WJgTnr/Ywm+aT2f9bFQpxeaz+kJ9jhpZKoiILSdGzeUHSDV3s/Nq0Hn3YDEDSHfVrgOTCUHPe5YBJAeZmeD5YsgzDLN0ruSqezQ3onloouRrRkvbsMNe4ggJHgIyy81t//YkUAcuS/+V/iuILZwDWPFKSDWQ8NCv5m8G/Xzl9bNtc9yM4fDpO/ntY5PLYCBabScyOJWp81iY9WV5q6RkCsjdwHkL7/IMoQUz7KLVbJaiLo=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:20:37,347 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:20:37,347 - INFO [Shibboleth-Audit.SSO:?] - 20220809T112037Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|id-bLmnVlmm5YTLWCyNV|https://api.reptool.develop.thebitbybit.com/saml2/metadata/?uuid=45277085-4fd0-40b1-ad18-57744d81cbb4|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_3f7662ce75c9b1b8d1f5014475fbe3bb|morty|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|eduPersonEntitlement,identifier,uid,telephoneNumber,role,mail,surname,displayName,givenName|WNDUP7URX5J5SWIROG5AVORK5F7AO5RF|_5f505c99d206609132a7671e3325383f|
2022-08-09 11:20:48,558 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: null
2022-08-09 11:20:48,558 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:20:48,558 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:20:48,558 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://localhost/SamlConsumer/SSOLogin.ashx"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_be95c11fac24075d86a1" IssueInstant="2022-08-09T11:20:47.857Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://localhost/SamlConsumer/</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="true"
        Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"/>
    <samlp:RequestedAuthnContext Comparison="exact" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
    </samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

2022-08-09 11:20:48,568 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://localhost/SamlConsumer/' from origin source
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:20:48,568 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:20:48,568 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://localhost/SamlConsumer/
2022-08-09 11:20:48,570 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:48,570 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:20:48,570 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:20:48,570 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:20:48,570 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_be95c11fac24075d86a1', issue instant '2022-08-09T11:20:47.857Z', entityID 'http://localhost/SamlConsumer/'
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'http://localhost/SamlConsumer/' does not require AuthnRequests to be signed
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructing signed content string from URL query string SAMLRequest=nVPBbuIwEP2VyHfiJCoLtYCKglZFYrcRye5hL5VrD2DJsVOPQ%2Bnf1wmk4rDlwMnSzJs3896MJw%2FHSkcHcKismZI0TsjDbIK80jWbN35vNvDWAPoowAyyLjEljTPMclTIDK8AmResmP9asyxOWO2st8JqEq2WU%2FLyCvdDkaZbLrK7ZDSU4x88JdHfvmGoCEDEBlYGPTc%2BhJIsGyTjQXJfpinLEnY3isfD0T8S5WfqR2WkMrvrc7yeQMieyjIf5M9FSaJlUKIM913rvfc1MkpbTT4kYiWpkjUNArZKA22ZMroBqRwIT4vimURzRHBt%2BcIabCpwBbiDEvBnsz4RBj5tBdd7i6EkMPfAtn5td8rEHPdHcvKYdcrdhbnXNfG%2BPZldbzahF%2FT9Pn8HvtUyt1qJj1v2%2BdO6ivvv0WmcdhElB9sOyqDiSs%2BldIAYzNPavi8ccA9T4l0DhPajna8MZHdzQYaH4003t7BVzZ3CdsFw5ML3Tl8SL3QwcgPbW3y%2FChNMtNQhnIfn3TrZnmy4HpCl4wZr6%2Fx5Nf%2BbZ3bKfWPHV%2FbyX84%2BAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=cuchBWPLhj0JQfG2%2BUAqTuhPz9268E2Lmp%2Fzk6qjXLUv2QNZqdzVh%2FdxyT5gnrP7GuEm3fDZ9F3%2FO0UXOR4BdlH3UfRzR1DU0o5F9ocB18UKaRd%2Fcu4qhhl2XuqU5ynk1dMjufchVszp0Ll5tE4UiShd2k4nEptmb4dUoJkxvLpzR20Gvk35Wcxv2PA7E3JDpyjNSdOQeq387B2Kf%2Fgc%2FmI85ISNdUScyWsx%2Bk4DR%2F1yApjODrsnInDEmFt%2BRpOAAoVuC5h68SpRgEBGz5k2S2ZocvK0ZLq6SOn9iNpRl2egAskTngrgVKz1S9R7uy9vkz8Rh8bzT4%2Fq1fsxyGH1%2BQ%3D%3D
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler:?] - Constructed signed content string for HTTP-Redirect DEFLATE SAMLRequest=nVPBbuIwEP2VyHfiJCoLtYCKglZFYrcRye5hL5VrD2DJsVOPQ%2Bnf1wmk4rDlwMnSzJs3896MJw%2FHSkcHcKismZI0TsjDbIK80jWbN35vNvDWAPoowAyyLjEljTPMclTIDK8AmResmP9asyxOWO2st8JqEq2WU%2FLyCvdDkaZbLrK7ZDSU4x88JdHfvmGoCEDEBlYGPTc%2BhJIsGyTjQXJfpinLEnY3isfD0T8S5WfqR2WkMrvrc7yeQMieyjIf5M9FSaJlUKIM913rvfc1MkpbTT4kYiWpkjUNArZKA22ZMroBqRwIT4vimURzRHBt%2BcIabCpwBbiDEvBnsz4RBj5tBdd7i6EkMPfAtn5td8rEHPdHcvKYdcrdhbnXNfG%2BPZldbzahF%2FT9Pn8HvtUyt1qJj1v2%2BdO6ivvv0WmcdhElB9sOyqDiSs%2BldIAYzNPavi8ccA9T4l0DhPajna8MZHdzQYaH4003t7BVzZ3CdsFw5ML3Tl8SL3QwcgPbW3y%2FChNMtNQhnIfn3TrZnmy4HpCl4wZr6%2Fx5Nf%2BbZ3bKfWPHV%2FbyX84%2BAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Attempting to validate SAML protocol message simple signature using context entityID: http://localhost/SamlConsumer/
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from metadata using entityID: http://localhost/SamlConsumer/, role: {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor, protocol: urn:oasis:names:tc:SAML:2.0:protocol, usage: SIGNING
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Retrieving role descriptor metadata for entity 'http://localhost/SamlConsumer/' in role '{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor' for protocol 'urn:oasis:names:tc:SAML:2.0:protocol'
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:20:48,571 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:20:48,572 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Simple signature validation (with no request-derived credentials) was successful
2022-08-09 11:20:48,572 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Validation of request simple signature succeeded
2022-08-09 11:20:48,572 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Authentication via request simple signature succeeded for context issuer entity ID http://localhost/SamlConsumer/
2022-08-09 11:20:48,572 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:20:48,572 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:20:48,572 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:48,572 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:20:48,573 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://localhost/SamlConsumer/SSOLogin.ashx using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:20:48,573 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:20:48,573 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:20:48,574 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:20:48,574 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:20:48,574 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:20:48,574 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:20:48,574 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:20:48,574 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://localhost/SamlConsumer/
2022-08-09 11:20:48,574 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:20:48,574 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2001/04/xmlenc#aes256-cbc
2022-08-09 11:20:48,574 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:20:48,574 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:20:48,579 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:20:48.583Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: RequestedPrincipalContext created with operator exact and 1 custom principal(s)
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Leaving existing RequestedPrincipalContext in place
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:20:48,583 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Specific principals requested with 'exact' operator: [AuthnContextClassRefPrincipal{authnContextClassRef=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}]
2022-08-09 11:20:48,584 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No active results available, selecting an inactive flow
2022-08-09 11:20:48,584 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Checking for an inactive flow compatible with operator 'exact' and principal 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
2022-08-09 11:20:48,584 - DEBUG [net.shibboleth.idp.authn.principal.PrincipalEvalPredicateFactoryRegistry:?] - Registry located predicate factory of type 'net.shibboleth.idp.authn.principal.impl.ExactPrincipalEvalPredicateFactory' for principal type 'class net.shibboleth.idp.saml.authn.principal.AuthnContextClassRefPrincipal' and operator 'exact'
2022-08-09 11:20:48,584 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:20:48,584 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:20:48,758 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of 'localhost'
2022-08-09 11:20:48,758 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:20:48,758 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:22:13,319 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: cookie:1660044131_e655
2022-08-09 11:22:13,319 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:22:13,320 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:22:13,320 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="https://services.sheerid.com/Shibboleth.sso/SAML2/POST"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ForceAuthn="1" ID="_092b44f0dfcddff081591ecd41e9c425"
    IssueInstant="2022-08-09T11:22:11Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://services.sheerid.com/Shibboleth/UK</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-08-09 11:22:13,327 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'https://services.sheerid.com/Shibboleth/UK' from origin source
2022-08-09 11:22:13,327 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:22:13,328 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selected AttributeConsumingService with index 1
2022-08-09 11:22:13,328 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer https://services.sheerid.com/Shibboleth/UK
2022-08-09 11:22:13,328 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_092b44f0dfcddff081591ecd41e9c425', issue instant '2022-08-09T11:22:11.000Z', entityID 'https://services.sheerid.com/Shibboleth/UK'
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'https://services.sheerid.com/Shibboleth/UK' does not require AuthnRequests to be signed
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:22:13,329 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:22:13,330 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 6 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location https://services.sheerid.com/Shibboleth.sso/SAML2/POST using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:22:13,330 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:22:13,330 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:22:13,330 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved signature algorithm URI from SAML metadata SigningMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
2022-08-09 11:22:13,330 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver:?] - Resolved reference digest method algorithm URI from SAML metadata DigestMethod: http://www.w3.org/2001/04/xmlenc#sha512
2022-08-09 11:22:13,331 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:22:13,331 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:22:13,331 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:22:13,331 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:22:13,331 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:22:13,331 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: https://services.sheerid.com/Shibboleth/UK
2022-08-09 11:22:13,331 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:22:13,338 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved data encryption algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#aes128-gcm
2022-08-09 11:22:13,338 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Resolved key transport algorithm URI from SAML metadata EncryptionMethod: http://www.w3.org/2009/xmlenc11#rsa-oaep
2022-08-09 11:22:13,338 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:22:13,342 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:22:13.343Z, isPassive=false, forceAuthn=true, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Retaining flow authn/Password, it supports forced authentication
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Potential authentication flows left after filtering: {authn/Password=AuthenticationFlowDescriptor{flowId=authn/Password, supportsPassive=true, supportsForcedAuthentication=true, lifetime=3600000, inactivityTimeout=1800000}}
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Forced authentication requested, selecting an inactive flow
2022-08-09 11:22:13,343 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:22:13,344 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:22:13,608 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService 'SheerID Verification Services'
2022-08-09 11:22:13,608 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:22:13,608 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Returning name from AttributeConsumingService Student and Teacher Eligibility Verification Services for Global Brands
2022-08-09 11:25:27,473 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:274fadce261b87199f6413da3f0e64c4838f23cffc8a73e5854e17868b0f2d20
2022-08-09 11:25:27,473 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:25:27,474 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:25:27,474 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_42969072081479070c1e8ec1c1524320"
    IssueInstant="2022-08-09T11:25:28Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://172.16.40.74:8008/mapguide/diffos/saml/metadata</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-08-09 11:25:27,480 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata' from origin source
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:25:27,480 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:25:27,480 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://172.16.40.74:8008/mapguide/diffos/saml/metadata
2022-08-09 11:25:27,481 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:25:27,481 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:25:27,481 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:25:27,481 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:25:27,481 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:25:27,481 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_42969072081479070c1e8ec1c1524320', issue instant '2022-08-09T11:25:28.000Z', entityID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata'
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata' does not require AuthnRequests to be signed
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:25:27,482 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:25:27,482 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:25:27,482 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://172.16.40.74:8008/mapguide/diffos/saml/metadata
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:25:27,483 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:25:27,483 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:25:27,487 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:25:27.488Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 8b7a1ec66931b8bdee304eedfba23762aab86c0b7c496d106dd7c9be6cb20131
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Primary lookup failed for session ID 8b7a1ec66931b8bdee304eedfba23762aab86c0b7c496d106dd7c9be6cb20131
2022-08-09 11:25:27,488 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:25:27,489 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:25:27,671 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of '172.16.40.74'
2022-08-09 11:25:27,671 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:25:27,671 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:26:36,613 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded RelayState: ss:mem:431bea785774a74cb2305e9cb24b5ae4e72bb7349ea79d25a635ae596a6d4ea2
2022-08-09 11:26:36,613 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Base64 decoding and inflating SAML message
2022-08-09 11:26:36,613 - DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder:?] - Decoded SAML message
2022-08-09 11:26:36,613 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
    AssertionConsumerServiceURL="http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO"
    Destination="https://samltest.id/idp/profile/SAML2/Redirect/SSO"
    ID="_ed8647f9b80fb910834ed11235000ff8"
    IssueInstant="2022-08-09T11:26:37Z"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://172.16.40.74:8008/mapguide/diffos/saml/metadata</saml:Issuer>
    <samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>

2022-08-09 11:26:36,624 - INFO [org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver:?] - Metadata Resolver LocalDynamicMetadataResolver SAMLtestFolder: Successfully loaded new EntityDescriptor with entityID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata' from origin source
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 source EntityDescriptors
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Resolved 1 RoleDescriptor candidates via role criteria, performing predicate filtering
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - Attempting to filter candidate RoleDescriptors via resolved Predicates
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver:?] - After predicate filtering 1 RoleDescriptors remain
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:?] - Message Handler:  org.opensaml.saml.common.messaging.context.SAMLMetadataContext added to MessageContext as child of org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  Selecting default AttributeConsumingService, if any
2022-08-09 11:26:36,624 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLAddAttributeConsumingServiceHandler:?] - Message Handler:  No AttributeConsumingService selected
2022-08-09 11:26:36,624 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeRelyingPartyContextFromSAMLPeer:?] - Profile Action InitializeRelyingPartyContextFromSAMLPeer: Attaching RelyingPartyContext based on SAML peer http://172.16.40.74:8008/mapguide/diffos/saml/metadata
2022-08-09 11:26:36,625 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Checking SAML message intended destination endpoint against receiver endpoint
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Intended message destination endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  Actual message receiver endpoint: https://samltest.id/idp/profile/SAML2/Redirect/SSO
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.ReceivedEndpointSecurityHandler:?] - Message Handler:  SAML message intended destination endpoint matched recipient endpoint
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:?] - Message Handler:  Evaluating message replay for message ID '_ed8647f9b80fb910834ed11235000ff8', issue instant '2022-08-09T11:26:37.000Z', entityID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata'
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:?] - SPSSODescriptor for entity ID 'http://172.16.40.74:8008/mapguide/diffos/saml/metadata' does not require AuthnRequests to be signed
2022-08-09 11:26:36,626 - DEBUG [org.opensaml.saml.common.binding.security.impl.SAMLProtocolMessageXMLSignatureSecurityHandler:?] - Message Handler:  SAML protocol message was not signed, skipping XML signature processing
2022-08-09 11:26:36,627 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
2022-08-09 11:26:36,627 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  HTTP request was not signed via simple signature mechanism, skipping
2022-08-09 11:26:36,627 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Evaluating simple signature rule of type: org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPPostSimpleSignSecurityHandler
2022-08-09 11:26:36,627 - DEBUG [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:?] - Message Handler:  Handler can not handle this request, skipping
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeOutboundMessageContext:?] - Profile Action InitializeOutboundMessageContext: Initialized outbound message context
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Attempting to resolve endpoint of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService for outbound message
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Populating template endpoint for resolution from SAML AuthnRequest
2022-08-09 11:26:36,628 - DEBUG [org.opensaml.saml.common.binding.AbstractEndpointResolver:?] - Endpoint Resolver org.opensaml.saml.common.binding.impl.DefaultEndpointResolver: Returning 1 candidate endpoints of type {urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.profile.impl.PopulateBindingAndEndpointContexts:?] - Profile Action PopulateBindingAndEndpointContexts: Resolved endpoint at location http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was resolved, won't be able to determine delegation requested status via metadata
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - No AttributeConsumingService was available
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Delegation request was not explicitly indicated, using default value: NOT_REQUESTED
2022-08-09 11:26:36,628 - DEBUG [net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateDelegationContext:?] - Issuance of a delegated Assertion is not in effect, skipping further processing
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing enabled
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.common.profile.impl.PopulateSignatureSigningParameters:?] - Profile Action PopulateSignatureSigningParameters: Signing not enabled
2022-08-09 11:26:36,629 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Encryption for assertions (true), identifiers (false), attributes(false)
2022-08-09 11:26:36,629 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolving EncryptionParameters for request
2022-08-09 11:26:36,629 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding entityID to resolution criteria
2022-08-09 11:26:36,629 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Adding role metadata to resolution criteria
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Resolving credentials from supplied RoleDescriptor using usage: ENCRYPTION.  Effective entityID was: http://172.16.40.74:8008/mapguide/diffos/saml/metadata
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.security.impl.MetadataCredentialResolver:?] - Found no cached credentials in KeyDescriptor object metadata, resolving from KeyInfo
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve data encryption algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:26:36,629 - DEBUG [org.opensaml.saml.security.impl.SAMLMetadataEncryptionParametersResolver:?] - Could not resolve key transport algorithm based on SAML metadata, falling back to locally configured algorithms
2022-08-09 11:26:36,629 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters:?] - Profile Action PopulateEncryptionParameters: Resolved EncryptionParameters
2022-08-09 11:26:36,634 - DEBUG [net.shibboleth.idp.saml.profile.impl.ExtractSubjectFromRequest:?] - Profile Action ExtractSubjectFromRequest: No Subject NameID/NameIdentifier in message needs inbound processing
2022-08-09 11:26:36,635 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:?] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2022-08-09T11:26:36.635Z, isPassive=false, forceAuthn=false, hintedName=null, maxAge=0, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, initialAuthenticationResult=null, authenticationResult=null, completionInstant=1970-01-01T00:00:00.000Z}
2022-08-09 11:26:36,635 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.ProcessRequestedAuthnContext:?] - Profile Action ProcessRequestedAuthnContext: AuthnRequest did not contain a RequestedAuthnContext, nothing to do
2022-08-09 11:26:36,636 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:?] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2022-08-09 11:26:36,636 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Performing primary lookup on session ID 8b7a1ec66931b8bdee304eedfba23762aab86c0b7c496d106dd7c9be6cb20131
2022-08-09 11:26:36,636 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Primary lookup failed for session ID 8b7a1ec66931b8bdee304eedfba23762aab86c0b7c496d106dd7c9be6cb20131
2022-08-09 11:26:36,636 - DEBUG [net.shibboleth.idp.session.impl.PopulateSessionContext:?] - Profile Action PopulateSessionContext: No session found for client
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:?] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:?] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2022-08-09 11:26:36,637 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:?] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/Password
2022-08-09 11:26:36,638 - DEBUG [net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth:?] - Profile Action ExtractUsernamePasswordFromBasicAuth: No appropriate Authorization header found
2022-08-09 11:26:36,830 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - Found matching scheme, returning name of '172.16.40.74'
2022-08-09 11:26:36,830 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No UIInfo or logos returning null
2022-08-09 11:26:36,830 - DEBUG [net.shibboleth.idp.ui.context.RelyingPartyUIContext:?] - No description matching the languages found, returning null
2022-08-09 11:26:50,627 - DEBUG [net.shibboleth.idp.authn.AbstractExtractionAction:?] - Profile Action ExtractUsernamePasswordFromFormRequest: Trimming whitespace of input string 'sheldon'
2022-08-09 11:26:50,627 - DEBUG [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Attempting to authenticate user sheldon
2022-08-09 11:26:50,627 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolve user=[org.ldaptive.auth.User@1431435700::identifier=sheldon, context=org.apache.velocity.VelocityContext@25a53c2]
2022-08-09 11:26:50,638 - DEBUG [net.shibboleth.idp.authn.PooledTemplateSearchDnResolver:?] - resolved dn=uid=sheldon,ou=People,dc=samltest,dc=id for user=[org.ldaptive.auth.User@1431435700::identifier=sheldon, context=org.apache.velocity.VelocityContext@25a53c2]
2022-08-09 11:26:50,639 - INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Login by 'sheldon' succeeded
2022-08-09 11:26:50,639 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:?] - Profile Action ValidateUsernamePasswordAgainstLDAP: Adding custom Principal(s) defined on underlying flow descriptor
2022-08-09 11:26:50,639 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:?] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2022-08-09 11:26:50,639 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:?] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'sheldon'
2022-08-09 11:26:50,640 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'sheldon'
2022-08-09 11:26:50,640 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:?] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2022-08-09 11:26:50,640 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:?] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal sheldon
2022-08-09 11:26:50,640 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Created new session e05d8a0819a891cf85c4138de47dd9be6070cc1288e84cbb1ea0fbdeb47f4dd3 for principal sheldon
2022-08-09 11:26:50,640 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving AuthenticationResult for flow authn/Password in session e05d8a0819a891cf85c4138de47dd9be6070cc1288e84cbb1ea0fbdeb47f4dd3
2022-08-09 11:26:50,641 - DEBUG [net.shibboleth.idp.attribute.resolver.dc.ldap.impl.TemplatedExecutableSearchFilterBuilder:?] - Template text (uid=$resolutionContext.principal) yields (uid=sheldon)
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.resolver.ad.impl.PrescopedAttributeDefinition:?] - Attribute Definition 'eduPersonPrincipalName': Dependencies [ResolverPluginDependency{pluginId=myLDAP, attributeId=eduPersonPrincipalName}] provided unmapped values of []
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter'  Beginning process of filtering the following 9 attributes: [uid, identifier, telephoneNumber, role, mail, displayName, surname, givenName, eduPersonUniqueId]
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'uid' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'identifier' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'telephoneNumber' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'role' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'mail' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'displayName' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'surname' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': 1 values for attribute 'givenName' remained after filtering
2022-08-09 11:26:50,642 - DEBUG [net.shibboleth.idp.attribute.filter.impl.AttributeFilterImpl:?] - Attribute filtering engine 'ShibbolethAttributeFilter': no policy permitted release of attribute eduPersonUniqueId values
2022-08-09 11:26:50,643 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:26:50,644 - DEBUG [net.shibboleth.idp.consent.flow.impl.InitializeConsentContext:?] - Profile Action InitializeConsentContext: Created consent context 'ConsentContext{previousConsents={}, chosenConsents={}}'
2022-08-09 11:26:50,645 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action PopulateAttributeReleaseContext: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@7fdebd92'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.JoinFunction:?] - Result 'sheldon:http://172.16.40.74:8008/mapguide/diffos/saml/metadata'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'org.opensaml.storage.MutableStorageRecord@198578c6' with context 'intercept/attribute-release' and key 'sheldon:http://172.16.40.74:8008/mapguide/diffos/saml/metadata'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.storage.impl.ConsentSerializer:?] - Deserialized context 'intercept/attribute-release' key 'sheldon:http://172.16.40.74:8008/mapguide/diffos/saml/metadata' value '[{"id":201},{"id":117},{"id":"identifier"},{"id":"mail"},{"id":"role"},{"id":106},{"id":116},{"id":"uid"}]' expiration '1687597467501' as '{displayName=Consent{id=displayName, value=null, isApproved=true}, givenName=Consent{id=givenName, value=null, isApproved=true}, identifier=Consent{id=identifier, value=null, isApproved=true}, mail=Consent{id=mail, value=null, isApproved=true}, role=Consent{id=role, value=null, isApproved=true}, surname=Consent{id=surname, value=null, isApproved=true}, telephoneNumber=Consent{id=telephoneNumber, value=null, isApproved=true}, uid=Consent{id=uid, value=null, isApproved=true}}'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.logic.impl.FlowIdLookupFunction:?] - Current flow id is 'intercept/attribute-release'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: Read storage record 'null' with context 'intercept/attribute-release' and key 'sheldon'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.flow.storage.impl.ReadConsentFromStorage:?] - Profile Action ReadConsentFromStorage: No storage record for context 'intercept/attribute-release' and key 'sheldon'
2022-08-09 11:26:50,646 - DEBUG [net.shibboleth.idp.consent.flow.impl.PopulateConsentContext:?] - Profile Action PopulateConsentContext: Populating consents: [displayName, givenName, identifier, mail, role, surname, telephoneNumber, uid]
2022-08-09 11:26:50,647 - DEBUG [net.shibboleth.idp.consent.logic.impl.IsConsentRequiredPredicate:?] - Consent is not required, previous consents match current consents
2022-08-09 11:26:50,647 - DEBUG [net.shibboleth.idp.consent.flow.ar.impl.AbstractAttributeReleaseAction:?] - Profile Action ReleaseAttributes: Found attributeContext 'net.shibboleth.idp.attribute.context.AttributeContext@7fdebd92'
2022-08-09 11:26:50,647 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.FilterFlowsByNonBrowserSupport:?] - Profile Action FilterFlowsByNonBrowserSupport: Request does not have non-browser requirement, nothing to do
2022-08-09 11:26:50,647 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractResponseShellAction:?] - Profile Action AddStatusResponseShell: Setting Issuer to https://samltest.id/saml/idp
2022-08-09 11:26:50,648 - DEBUG [org.opensaml.saml.common.profile.impl.AddInResponseToToResponse:?] - Profile Action AddInResponseToToResponse: Attempting to add InResponseTo to outgoing Response
2022-08-09 11:26:50,652 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAuthenticationStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Attempting to add an AuthenticationStatement to outgoing Assertion
2022-08-09 11:26:50,652 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Created Assertion _e2eb0d9312079dc1dc26d8e563d71418
2022-08-09 11:26:50,652 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAuthnStatementToAssertion: Added Assertion _e2eb0d9312079dc1dc26d8e563d71418 to Response _69cd1f9bdd921f6aa1427753d2981289
2022-08-09 11:26:50,652 - DEBUG [net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnStatementToAssertion:?] - Profile Action AddAuthnStatementToAssertion: Added AuthenticationStatement to Assertion _e2eb0d9312079dc1dc26d8e563d71418
2022-08-09 11:26:50,652 - DEBUG [net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion:?] - Profile Action AddAttributeStatementToAssertion: Attempting to add an AttributeStatement to outgoing Assertion
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value sheldon of attribute uid
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value scooper@samltest.id of attribute identifier
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value +1-555-555-5515 of attribute telephoneNumber
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value employee@samltest.id of attribute role
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value scooper@samltest.id of attribute mail
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sheldor of attribute displayName
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Cooper of attribute surname
2022-08-09 11:26:50,653 - DEBUG [net.shibboleth.idp.saml.attribute.encoding.SAMLEncoderSupport:?] - Encoding value Sheldon of attribute givenName
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Attempting to add NameID to outgoing Assertion Subjects
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.logic.AbstractNameIDPolicyPredicate:?] - Policy checking disabled for NameIDPolicy with Format urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.logic.MetadataNameIdentifierFormatStrategy:?] - Metadata specifies the following formats: []
2022-08-09 11:26:50,654 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - Configuration specifies the following formats: []
2022-08-09 11:26:50,654 - DEBUG [net.shibboleth.idp.saml.profile.logic.DefaultNameIdentifierFormatStrategy:?] - No formats specified in configuration or in metadata, returning default
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Candidate NameID formats: [urn:oasis:names:tc:SAML:2.0:nameid-format:transient]
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Trying to generate NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Trying to generate identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.AbstractSAML2NameIDGenerator:?] - Generating NameID AAdzZWNyZXQx/wlJppsuwBQ8QZfKtQGliXQlU7lIdZ7dMgIuOExyB5k3fLsOHVU+qHfF4eXjnKT8rmz/JtVbIjLfjyI6FMppGaCR7bxfa0WVySHl+Q1Zyfyzu9+NVt3lMNu3ycLPmMUl5gY2qdAcsIuEv6ov0CEd2C8SBB+KMpF8i2wV5g== with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.ChainingNameIdentifierGenerator:?] - Successfully generated identifier with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Successfully generated NameID with Format urn:oasis:names:tc:SAML:2.0:nameid-format:transient
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:?] - Profile Action AddNameIDToSubjects: Added NameID to 1 assertion subject(s)
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Attempting to add SubjectConfirmation to assertions in outgoing Response
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Address to 77.159.242.106
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data InResponseTo to _42969072081479070c1e8ec1c1524320
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data Recipient to http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Setting confirmation data NotOnOrAfter to 5 minutes from now
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.impl.AddSubjectConfirmationToSubjects:?] - Profile Action AddSubjectConfirmationToSubjects: Added SubjectConfirmation with method urn:oasis:names:tc:SAML:2.0:cm:bearer to 1 assertion(s)
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Attempting to add NotBefore condition to every Assertion in outgoing Response
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotBeforeConditionToAssertions:?] - Profile Action AddNotBeforeConditionToAssertions: Added NotBefore condition to Assertion _e2eb0d9312079dc1dc26d8e563d71418
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotBeforeConditionToAssertions: Assertion _e2eb0d9312079dc1dc26d8e563d71418 did not already contain Conditions, one was added
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Attempting to add NotOnOrAfter condition to every Assertion in outgoing Response
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddNotOnOrAfterConditionToAssertions:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Added NotOnOrAfter condition, indicating an expiration of 2022-08-09T11:31:50.647Z, to Assertion _e2eb0d9312079dc1dc26d8e563d71418
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddNotOnOrAfterConditionToAssertions: Assertion _e2eb0d9312079dc1dc26d8e563d71418 already contained Conditions, nothing was done
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Attempting to add an AudienceRestrictionCondition to every Assertion in Response
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.saml2.profile.SAML2ActionSupport:?] - Profile Action AddAudienceRestrictionToAssertions: Assertion _e2eb0d9312079dc1dc26d8e563d71418 already contained Conditions, nothing was done
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding new AudienceRestriction
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Adding http://172.16.40.74:8008/mapguide/diffos/saml/metadata as an Audience of the AudienceRestriction
2022-08-09 11:26:50,654 - DEBUG [org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions:?] - Profile Action AddAudienceRestrictionToAssertions: Added AudienceRestrictionCondition to Assertion _e2eb0d9312079dc1dc26d8e563d71418
2022-08-09 11:26:50,656 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithSPSession:?] - Profile Action UpdateSessionWithSPSession: Adding new SPSession for relying party http://172.16.40.74:8008/mapguide/diffos/saml/metadata to existing session e05d8a0819a891cf85c4138de47dd9be6070cc1288e84cbb1ea0fbdeb47f4dd3
2022-08-09 11:26:50,656 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedIdPSession:?] - Saving SPSession for service http://172.16.40.74:8008/mapguide/diffos/saml/metadata in session e05d8a0819a891cf85c4138de47dd9be6070cc1288e84cbb1ea0fbdeb47f4dd3
2022-08-09 11:26:50,656 - DEBUG [net.shibboleth.idp.session.SPSessionSerializerRegistry:?] - Registry located StorageSerializer of type 'net.shibboleth.idp.saml.session.impl.SAML2SPSessionSerializer' for SPSession type 'class net.shibboleth.idp.saml.session.SAML2SPSession'
2022-08-09 11:26:50,656 - DEBUG [net.shibboleth.idp.session.impl.StorageBackedSessionManager:?] - Maintaining secondary index for service ID http://172.16.40.74:8008/mapguide/diffos/saml/metadata and key AAdzZWNyZXQx/wlJppsuwBQ8QZfKtQGliXQlU7lIdZ7dMgIuOExyB5k3fLsOHVU+qHfF4eXjnKT8rmz/JtVbIjLfjyI6FMppGaCR7bxfa0WVySHl+Q1Zyfyzu9+NVt3lMNu3ycLPmMUl5gY2qdAcsIuEv6ov0CEd2C8SBB+KMpF8i2wV5g==
2022-08-09 11:26:50,656 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptNameIDs: No encryption parameters, nothing to do
2022-08-09 11:26:50,656 - DEBUG [org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction:?] - Profile Action EncryptAttributes: No encryption parameters, nothing to do
2022-08-09 11:26:50,657 - DEBUG [org.opensaml.saml.common.profile.impl.SignAssertions:?] - Profile Action SignAssertions: Will not sign assertions because no security parameters context is available
2022-08-09 11:26:50,658 - DEBUG [PROTOCOL_MESSAGE:?] - Profile Action EncryptAssertions: Response before assertion encryption:
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response ID="_69cd1f9bdd921f6aa1427753d2981289"
    InResponseTo="_42969072081479070c1e8ec1c1524320"
    IssueInstant="2022-08-09T11:26:50.647Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <saml2p:Status>
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:Assertion ID="_e2eb0d9312079dc1dc26d8e563d71418"
        IssueInstant="2022-08-09T11:26:50.647Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <saml2:Issuer>https://samltest.id/saml/idp</saml2:Issuer>
        <saml2:Subject>
            <saml2:NameID
                Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
                NameQualifier="https://samltest.id/saml/idp"
                SPNameQualifier="http://172.16.40.74:8008/mapguide/diffos/saml/metadata" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">AAdzZWNyZXQx/wlJppsuwBQ8QZfKtQGliXQlU7lIdZ7dMgIuOExyB5k3fLsOHVU+qHfF4eXjnKT8rmz/JtVbIjLfjyI6FMppGaCR7bxfa0WVySHl+Q1Zyfyzu9+NVt3lMNu3ycLPmMUl5gY2qdAcsIuEv6ov0CEd2C8SBB+KMpF8i2wV5g==</saml2:NameID>
            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml2:SubjectConfirmationData Address="77.159.242.106"
                    InResponseTo="_42969072081479070c1e8ec1c1524320"
                    NotOnOrAfter="2022-08-09T11:31:50.654Z" Recipient="http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO"/>
            </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2022-08-09T11:26:50.647Z" NotOnOrAfter="2022-08-09T11:31:50.647Z">
            <saml2:AudienceRestriction>
                <saml2:Audience>http://172.16.40.74:8008/mapguide/diffos/saml/metadata</saml2:Audience>
            </saml2:AudienceRestriction>
        </saml2:Conditions>
        <saml2:AuthnStatement AuthnInstant="2022-08-09T11:26:50.639Z" SessionIndex="_98eecdc9c0755540f8bd0821c986f946">
            <saml2:SubjectLocality Address="77.159.242.106"/>
            <saml2:AuthnContext>
                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
            </saml2:AuthnContext>
        </saml2:AuthnStatement>
        <saml2:AttributeStatement>
            <saml2:Attribute FriendlyName="uid"
                Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>sheldon</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute
                Name="urn:oasis:names:tc:SAML:attribute:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">scooper@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="telephoneNumber"
                Name="urn:oid:2.5.4.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>+1-555-555-5515</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="role"
                Name="https://samltest.id/attributes/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue
                    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">employee@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="mail"
                Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>scooper@samltest.id</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="displayName"
                Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sheldor</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Cooper</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute FriendlyName="givenName"
                Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                <saml2:AttributeValue>Sheldon</saml2:AttributeValue>
            </saml2:Attribute>
        </saml2:AttributeStatement>
    </saml2:Assertion>
</saml2p:Response>

2022-08-09 11:26:50,680 - DEBUG [org.opensaml.saml.common.binding.impl.SAMLOutboundDestinationHandler:?] - Adding destination to outbound SAML 2 protocol message: http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO
2022-08-09 11:26:50,680 - DEBUG [org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler:?] - Message Handler:  Checking outbound endpoint for allowed URL scheme: http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO
2022-08-09 11:26:50,681 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_69cd1f9bdd921f6aa1427753d2981289"
2022-08-09 11:26:50,681 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _69cd1f9bdd921f6aa1427753d2981289 and Element was [saml2p:Response: null]
2022-08-09 11:26:50,681 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - State I can resolve reference: "#_69cd1f9bdd921f6aa1427753d2981289"
2022-08-09 11:26:50,681 - DEBUG [org.apache.xml.security.utils.resolver.implementations.ResolverFragment:?] - Try to catch an Element with ID _69cd1f9bdd921f6aa1427753d2981289 and Element was [saml2p:Response: null]
2022-08-09 11:26:50,684 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Invoking Velocity template to create POST body
2022-08-09 11:26:50,684 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Encoding action url of 'http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO' with encoded value 'http&#x3a;&#x2f;&#x2f;172.16.40.74&#x3a;8008&#x2f;Shibboleth.sso&#x2f;SAML2&#x2f;POST&#x2f;SSO'
2022-08-09 11:26:50,684 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Marshalling and Base64 encoding SAML message
2022-08-09 11:26:50,684 - DEBUG [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder:?] - Setting RelayState parameter to: 'ss:mem:274fadce261b87199f6413da3f0e64c4838f23cffc8a73e5854e17868b0f2d20', encoded as 'ss&#x3a;mem&#x3a;274fadce261b87199f6413da3f0e64c4838f23cffc8a73e5854e17868b0f2d20'
2022-08-09 11:26:50,686 - DEBUG [PROTOCOL_MESSAGE:?] - 
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response
    Destination="http://172.16.40.74:8008/Shibboleth.sso/SAML2/POST/SSO"
    ID="_69cd1f9bdd921f6aa1427753d2981289"
    InResponseTo="_42969072081479070c1e8ec1c1524320"
    IssueInstant="2022-08-09T11:26:50.647Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/idp</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_69cd1f9bdd921f6aa1427753d2981289">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <ds:DigestValue>v9cEOIbMTjJvNGhp1D5DTPkD4aejqroxUjHtvnXbbjA=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>P6ig4qCdj2O3qJbRg0G73rHgh2udvCMLdWqaBHHSVFKsbxDnjqzveh1WGDkfdvZlR/3dTjer4Xxgl9TEpgJLkBgPurzHHyvj6Eb7nfB3jWNjNKLgMMrfjQbq7sR1+mvGVRibS/Uz/o9re5uKlKcLX/Pek7z+TU4Ej45FYnGdYrx51+T9DLYtJNR3oVx8liEiFbd6Lik//5CE3TyyqmKD8LVb+Y3jrVTeMpbZoVcXdTfu+n6KPahvDsufWy2NXfSKnGsRsexzMgLFnFkSK7/B+choN3Wo3ikUiNb1H6EIBVF7ZUvTcvyznqAk/onCkjHiEvRT1evvGa3gS5zhh/m6fw==</ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDAS
BgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIG
A1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFK
s71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyj
xj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVN
c1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpd
Va54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3
MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE
4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lk
cDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3
YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiL
ArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/we
P3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcci
NBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA==</ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </saml2p:Status>
    <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Id="_ef4b63ceb429c8ec8deb0a6132666a13"
            Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
                    Id="_b7195f160f6423168b16a18936623b3b"
                    Recipient="http://172.16.40.74:8008/mapguide/diffos/saml/metadata" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <ds:DigestMethod
                            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    </xenc:EncryptionMethod>
                    <ds:KeyInfo>
                        <ds:X509Data>
                            <ds:X509Certificate>MIIDEzCCAfugAwIBAgIUemfnxiRYamiS9qnYP9YcllOLcrwwDQYJKoZIhvcNAQELBQAwGTEXMBUG
A1UEAwwOa2FydGVpcy5nZmkuZnIwHhcNMTkxMDE2MDg0NDU2WhcNMjkxMDEzMDg0NDU2WjAZMRcw
FQYDVQQDDA5rYXJ0ZWlzLmdmaS5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3n
Se8DzGNFM0RL2phfoWCK9EsBdJjL/3eATHDMMza2XV08Ln7Kn2zfj5S2XG0wj4P+7g5ipe/X7xA6
3rtx5xALIQ2o1d2IKOH2B6Kb44QeMpfuwmnG7ne5qJj0qhSdftas9xe3Bw323ZXPPT4+JN7PpVT4
pix0aEzqGBd6LVHQUMw3rNGPdn23esmHH/7YOxxOplkY1fUOw274P+ek40yCSpNUiABRbtP9GeRT
0TH5MlvEXZiLQGZEAQ8H3xLI5NVFXbCT1UefmdDmXcmHGmqigTpIOEnnbYFHKJAgA3NNwlChmuX1
2ZX41JmhDWs/Mb7f6hoVZiJpAgbkYXkKKfECAwEAAaNTMFEwHQYDVR0OBBYEFJBUdIMUlP2mCg8d
r9yAgnbKSw06MB8GA1UdIwQYMBaAFJBUdIMUlP2mCg8dr9yAgnbKSw06MA8GA1UdEwEB/wQFMAMB
Af8wDQYJKoZIhvcNAQELBQADggEBAG0kwqSyk8spR2N31RhmDxoHUgPF2sTOShGyShep4mrPDxNB
ED/FNDB08kohz9qTQ4OnIcNAON5iWJSpK1xMfyDzrN7oM7FDNTmzdKIDiO9PSdXet5ZaiozMpoSF
955GDtYvc7fyJHsqlxZXCzJyjWhHPNde336E2JoAzx+YSLyE1Jjf2dJkwTOVMROZAOboH54CX3er
tdcBXv1y3GU0TcS6QfmvcbY+0FILdADeUqhPGwoboEGQnJEx2G0Ns/JD6BmYHTHA6Ua8XA8tCjNK
tiu2zFo0EgNrW6goOEXCm1uC3apIJNHrQ3RpqAqLa8cn+SlgsUGLZdZNU7gKRY/yhcA=</ds:X509Certificate>
                        </ds:X509Data>
                    </ds:KeyInfo>
                    <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                        <xenc:CipherValue>Z4op0afdED99GQg1vRlGa4C6qsUD9W2RXwgqu4aEzC5h8mWiP1StUFvRwMEPv3YvUCaB8TU6jp+nXhcF11A4xHBrvh6TZYQuStJPWJlpTXydGH5sZwDiJ6XE6tErwtecUhUetJtuAKsZ1I7nsD8gylYawVXkFsZQlgOA+n1IfH/E0rFehaPjgFv75pYW325CvtokBJUD41gvEaais6Emg/js49iWrVPGnt6BoNNrnDHSI5txnjv4c0a968K6/IM4iCLN46EVXk51UWb8eRCHmlTJ55UJFDqAteJZ1Nv80kEtbmpC6JqSveIWW97c++dpwj4XG/GVka0wtT1NKiDxpQ==</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:CipherValue>nalYM1kAjDDAcPwg5p6bHM+6n/ffDojvfGdOinrl06C0YaDMZJu7TqNYZuHCUGKzsqVTGaJTMYSlva59ryydSHOWDm8FojEUcAgEQaszGgS2jvT7dmjtoYrimTsxTAYXQxyI3ut/zU/R9TnP66PYWdUkrhSIOm0FnL+ZCDCDmAJ0atkvcsSv9oNL7R8OEpdW6pemDaedCbYjbHxtcsE730zsgPh9rRQ4+x227G1+tGek1g2WrMncTlcBTyDcl5EKrx7PhoeO7dHE6WJAv5kXaAwNt405Sc8pksfMxSvhj9/9tRlxNqXYjURYcr17Ml3QQ7Y/WfdurrIWn2v620kgcspkXduwvX+9NISPu8p/ynfZuqzP4+REw/Lmws+TDqSk5cfiN1EUg/4OoepOb+YNmPD6GFy2MlWSwRuxdWOgvLv4oPICsNY+9EXYNV/1oJkDTIM6gZ7ijFHQ+uyzZhU/ERw74qyQo0gugWJ6HYLDDR4tgjDc+mP3PEIz8UJ14YsVpRTy+Bn1hVR6ajNkvK/qFpA6cCPqGKYMkZlPbNCQe/OYUkWvX9Goh1amkyvPMAFrgwVivDmhZ0at9FQpaz4vKmZVLe6qk8NnoGg1a828kq93tuKIAxK4dXSao5k3UKkDyiSfX27ZBKlvx8dVj349dAKEOyk3DCRHpdshWYEWu8H/61ozHJuVvIah9K0Eehrffe6io9mdAHP53usbSSZyKTVquiRHI+FcYrb5RHIDNoF2GCPzTwIM1x74rX55MO46N3CqZ/usJ78RHqIa4jv+3LLGnnG2FjeZ1nY2Gqc5YBqhzVHEi7ODWxtYt9pYDxecrER+ZkmJ0sjpOLloYOBRdeB+WRtRUjHPaAH3TsB3dnzfD0T4yrgpEG3kV7d6VtMx0fKFvDrPrp0BeWORReCoR2+T5OC+CQuz6Vky4/19ck6WBVSClCtX0SdwyTEDlWjoeBmR1vrS790z3BJUHb6qxaWcJInbfiyDhqWoQFIs675Nb/ACVxDLlH5P6Ykun6YaelFDtoCY4xghxXytAeHijJ155P5jGNohEwur4qa5TrIVmiYE9HFy/RImv5O+oJ6QzwpT2cTd32cHsfbM6sfo7yWmqa/JNHyLSY4wuPRu8+XHQclkTCuE8ADW9q/2h7ET1XjZQXUgjIxuYe4n25JHu/SfEB2RZcdaWCglrc1XRE7qUZ3iInPowN/ox6OQBXDDAkNAPQrbNVxXQgyjQFC79k9/GL0aEvgWMue/z9IWBA3uRwYly/XpkIV098HyZ9hZi+7P+jTIXOvf1+jERppQpaGPMKMXYS0biJK1Xi7SvXofvI6IeIy/2MLMn096GVbkoz5G6khhzejXcbS0DevRJdCVuqF528tDEMhW/Cm2SVBXVLXin7UnX6jNQbnxXfHe53+a+HwcxmvokPF7hqWNJMvBnyQXoEKy26U960jzGrF+aOUEpDt4Iyp4/GrPhyTdR6s1Sy2uo+zeBkz+ZKngG4ypl714XpC7CnphnPrBN2tgi5oSqGki1uryd8hkZZq5h2uzvozCeMAtFP2sTDHWU0ZO5a4taH9pkjlTPOvfIFlcGxK80q7xZ+ElAUgCxj2yOT7UV3ZbfeNVGDYf0iGcNKBTB01Z0wftP/4ssYBbwkKsxFdeLcrWKErjK5OUNBsBNxCPR2mADANN4wiqhigywQICre1EDDpLRn1zrO2EquZ0LCimmeiSibjjJancjeHZpzVpd3N3hNdzM7fXx4XFpkvnx2XuQ46sXjYcghFoCw5WDPznO+GXOFITcdXdiWAXXgnFQq1rj5v8G5KIu/jWDmSwRwTTU36Feegj3AfNijWO4lK2kUz9tX1/+4tCKxrK7roi74V3GEKBhK28dxW8X6g1kIfa5lhUfiBG98XGGnVxF/h8pUvfM4LdyjzooZp+7T5EQhMYuqFQle1Emhr4jQWjg9Z28X1T+3Smb5pteaFHbWlnKaI6tezPl4U7YPLyKryslsMyZ5tKkwyYGcFPm/IOHzPp5kmSJ6JmY0R/RBVpPb0m3reZXq2W1A04KO2nP6VKPtY5iSCn529OnWU8cDXTgtAfJDSl89I2xyN8nlAxvtmUbOenbb4ej9OgzwYyfOLcPMXznl+tpjqRhr9J4g+qWPAKCqKVsZr20cPN7HbFQpd+79GxfkXNQrCOSxlho6u8/tHPouPNPZx17IHULK6I2pP4qHlUXIzX68kdQGwF8Qu3ghmvskLDJNWUKBOxugwK3vzIghqI+uCitElg94zzr8sfvdhLLalWEroVZ00WV5A8Ywkx2e7aP9SJIrE7Bpu2p6XC3UwJ5skZz+TNZz3UheUAfN7Qm0AlcwrLy4PwCRwlCLpa1kKE+aD4y0iYTA4txL7SgjWn0eQFWjSxK638L5Cfh2CkwfTw4nstP1ovIjybLEXZyan8MDsLz9K3nVOOQyyHwGBExmpq2IX/cHqaxU3ocltbclWpvQ4xXHx8ndPgbKJmDQNqvlMKkykx5X3rTB8xCojN8AAJtpZ2qmPXhm5xM0vMOGTJpoeLW086vLeoKh3lLZqHUYQjVxtxFiTffI7GjRD9hCsiEyNxR1MTHZgZRW5hmTdyUrFxEGH/4yBTs/6+g/TkVcKB68IDbZ8EH4D3R2vopdGYNAsgk5Ca779cY8aFHCeN6HrpMy+kXjkFhkkfwVFS4flCOxvDAllcq1zYej0rJPAFhb9PaSUS3VoW8Vv7Qh9nNo9r72up0RbI7qJIWQbm1ShjQ6E0Uvy8en04eVasHtpfeiLFPso1e8QoECJzMNg+M4OXiYoSfvl0Ui1PgVh0F7FoxDzFfg9J3itX9HPFpflmmMr9pTboeKVFtK9E7Hdyh+HtJUikK8rXNeiJlO5mso/cdM7jFWTrU9W2yCRleHyx0Lkshp5Lw/dLFvT3KNJq0lZs/F0eWRh174qjSBjtDIVytEdKsMTBBDXBCLGk1xw0mF2oT10e+u3B/7HZsS0FcpiniOzC1cGhCZt+bKjx+qsNzjGVoX2kdP3T4ZRnbk0BZFiys71go3bv0XxSjkt81SsH5RNlKmAcSrlF/SOj5Zo/HSsWVRnzBTjH2apNl1oihymgc0U51RfS884jC3lnzvqP+F+8P5qC+q8PE50N6YJcpewbvOgyvLeOSxlK53djlvUXDci/AqIxUyXPbMhwAZvYDERgSGtjyS3ato5WyCotNRFnENtM5YF08lrerWhEWyG4FDqcQ4cZrBS0YmFb4msMbIHC+kc/3E7bG2v0Nrm+VOH7hL5w/jrpqLyTqP/Z3M+Ro/7NwOL/25cZU8MlSA+ZIGk7iyV7SocgoaXAjuo6w5pAYj0I2H5CThhnXGm8KNiHbOAs3HxxEoh2AcsjbOTZATVKehnSG0YwmsC3fxmR0e2WAod4S2xXgw/JUNv/C7yc83x3TLtui7KX9CgtS7npzYzfqZQd9mLg/PuA6UFOsGVpAJC7vHQuLZBWuXNamJs4+HKOASiEZj5skJZry3occkF0RegajX49g0klkn0K6LY77sFvbaeDrBYwcFdeLRp3plme7loQ7W14+JF3Lbdh79MrxIhyhrZ2R/u5bpUjEBNFOZ6YBpfl5rx76+o5UtS2JamwGErUAlmmVFU19Zrv7MAmRwLtPkHJJ/7+S3x8xFUC+pCY6zUvlqMIxd2rlpaO7uyKf/VeD0UGariqbWeg1KrZFHUzKQ+sQBro989oh/f97qK4PoNc3ml3O/bLNJjalWlU/nnloNigSvSVwNXTciLIbb0au9kP3/hT3ZUfSr4B1NoWyKEq42P8Ru/pkMx9uhzXMX3J5pemUm3LmxK1wYvGLQ2KgY1g7WTjNdBtSBYx9Pugs0nXHBFpxrNO7RPE3OVZ8khyUJuNmsCZJuvRy1RjvzXEs88RJHqpV9YAYkuLm3eVBg/U8+J1z8GY2/j+qmxtNk+B/N7muDFexEZC+q910qgB3xqiLHr8L11T0ajNQaEUmFs+ZVAskYcghIMpOkaJR6ybow06saAMXqUH971b2/DSPVqJvm/t1xVT+72eFKGsOK+8tkYcR52KkSLwoT/Axc6WjxgjH/NfyFO/YlRwMzzWw5OZNfTfg8SyWNrod3pzlYZBcZB5pJ0L6uEEDiviT9hxc3Rcszhr+HXSZvd8fephS80VyjfOjWhhwsJvDxVpI2DgbPxDGenF4mFCltrEHDtOMkNYIDfSRLOWzQzgmUL0Jvyn1DphhAffSdEbSs0iTJ10B2ZZbxBEEAlsxJPHcprK69uC2Y+Wb9qKkCSuVSFQWwkIxbywTA1BBpn4urLhAHYZUAnFwvkhMyoVs4ry0gyWcmJHWWtyb1QzqDeh0huAOQQZ9CnAc4gs1ywFzgYKFpv3h5ZUVFIuuKze01l7KuZMBm2unCTQFUX7MCQt3YYRdBipJgj3Lb/0TkIIXnkfZVJrpluvjWTChokCDUANn9xVJhJKnr036PCUUq81rpQa/IgUCvnJSrYwf6jdl6O5JeN0DqPY5QzST0b0FYNdeWu/iqts6jn7ksvrY4PJgsvxYhffF6o7rLHOBIhZ9cKt+9IP/bYCgYwvzVvw59NFTJs2ArMZ6ekzfJOeSQoptCRMIbWLJCNAeC4xTKBHd95lpVC0d1yCrOdQaWJBChsIrj/vBH3Oy3xUu+bC/dicXGvGcvcfn5JWl/T8ZL0FtUUHqke00iasGXHkSzOmQqGj7kf2+wCVzyfswMROUUcUCj6/DZEQIRrRnSF7x7UfYsNR3zWM2dhTVAvcsSHPhgvrHdge2jrmPl6t/YkejsSdTY7NFof4JTO6ItbwJudh4sMRKj2sHuHTQs1+2rrb9uEOU6mMFquWQGrLVFQvZRxHw3b2Di9YK1DkPn/tPWFNHfBPcv7lICX+kFCOMxPm7mCrSPPf7VdiuUiWWlz2VHE=</xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </saml2:EncryptedAssertion>
</saml2p:Response>

2022-08-09 11:26:50,686 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:?] - Profile Action RecordResponseComplete: Record response complete
2022-08-09 11:26:50,686 - INFO [Shibboleth-Audit.SSO:?] - 20220809T112650Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_42969072081479070c1e8ec1c1524320|http://172.16.40.74:8008/mapguide/diffos/saml/metadata|http://shibboleth.net/ns/profiles/saml2/sso/browser|https://samltest.id/saml/idp|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_69cd1f9bdd921f6aa1427753d2981289|sheldon|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|uid,identifier,telephoneNumber,role,mail,displayName,surname,givenName|AAdzZWNyZXQx/wlJppsuwBQ8QZfKtQGliXQlU7lIdZ7dMgIuOExyB5k3fLsOHVU+qHfF4eXjnKT8rmz/JtVbIjLfjyI6FMppGaCR7bxfa0WVySHl+Q1Zyfyzu9+NVt3lMNu3ycLPmMUl5gY2qdAcsIuEv6ov0CEd2C8SBB+KMpF8i2wV5g==|_e2eb0d9312079dc1dc26d8e563d71418|