Hi Darshana, Yes the response is encrypted. Sending the SAML sso trace attached with the mail.
@Ishara I used wso2carbon as the certificate alias since I'm using the default key stores and also I'm testing this in super tenant mode. Do I need to import the public certificate of the private key of travelocity app to IS keystores in super tenant mode? On Fri, Oct 2, 2015 at 3:19 PM, Ishara Karunarathna <isha...@wso2.com> wrote: > Hi Nadeesha, > > On Fri, Oct 2, 2015 at 3:04 PM, Darshana Gunawardana <darsh...@wso2.com> > wrote: > >> Hi Nadeesha, >> >> Have you checked whether the assertion is encrypted in the response IS >> send back to travelocity app? >> >> And please provide the SSO Trace (save as a text file and attach in the >> mail) for the whole flow. >> >> Thanks, >> Darshana >> >> On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda <nadees...@wso2.com> >> wrote: >> >>> Hi. >>> >>> I have configured the setup to Login to the Identity Server Using >>> Another Identity Server as per the details in [1] in Super tenant mode. >>> With the happy scenario according to the documentation this works fine. But >>> I have enabled some additional properties in IDP and SP used for IDP as >>> following : >>> >>> *Properties enabled for Federated Authenticators* - SAML2 Web SSO >>> Configuration >>> >>> 1. Enabled Assertion Encryption >>> 2. Enable Assertion Signing >>> 3. Enable Authentication Response Signing >>> >>> *Properties enabled fo SP used for IDP * >>> >>> 1. Enabled Assertion Encryption >>> 2. Enabled Response Signing >>> >>> *Properties enabled fo SP used for travelocity app* >>> >>> 1. Enabled Assertion Encryption >>> >> What is the Certificate Alias you used here ? > is that the public key in travelocity app ? > >> 2. Enabled Response Signing >>> >>> In the travelocity.properties file also I have enabled Assertion >>> Encryption,Response signing and Assertion signing. I have already imported >>> the Identity Provider Public Certificate to IDP >>> >>> When I'm signing in to travelocity.com I get Unable to decrypt the SAML >>> Assertion error and error in [2] in tomcat. >>> >>> Note that only enabling "assertion signing" in IDP I was successfully >>> able to login and no error was displayed. When I enabled the Assertion >>> Encryption this error occurred. Why is this error occurred when I enable >>> this property as mentioned above? >>> >>> Any help regarding this is highly appreciated! >>> >>> >>> >>> [1] - >>> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer&spaceKey=IS510 >>> >>> [2] - Oct 02, 2015 2:10:47 PM >>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter >>> SEVERE: An error has occurred >>> org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable >>> to decrypt the SAML Assertion >>> at >>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254) >>> at >>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198) >>> at >>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >>> at >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) >>> at >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) >>> at >>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) >>> at >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) >>> at >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) >>> at >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) >>> at >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) >>> at >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423) >>> at >>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079) >>> at >>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) >>> at >>> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>> at >>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >>> at java.lang.Thread.run(Thread.java:745) >>> >>> >>> >>> >>> Thanks! >>> -- >>> *Nadeesha Meegoda* >>> Software Engineer - QA >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> email : nadees...@wso2.com >>> mobile: +94783639540 >>> <%2B94%2077%202273555> >>> >> >> >> >> -- >> Regards, >> >> >> *Darshana Gunawardana*Senior Software Engineer >> WSO2 Inc.; http://wso2.com >> >> *E-mail: darsh...@wso2.com <darsh...@wso2.com>* >> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware >> > > > > -- > Ishara Karunarathna > Senior Software Engineer > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 > -- *Nadeesha Meegoda* Software Engineer - QA WSO2 Inc.; http://wso2.com lean.enterprise.middleware email : nadees...@wso2.com mobile: +94783639540 <%2B94%2077%202273555>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/travelocity.com/home.jsp" Destination="https://localhost:9443/samlsso" ForceAuthn="true" ID="0" IsPassive="false" IssueInstant="2015-10-02T09:47:59.447Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" > <samlp:Issuer xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">travelocity.com</samlp:Issuer> <saml2p:NameIDPolicy xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="Issuer" /> <saml2p:RequestedAuthnContext xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Comparison="exact" > <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef> </saml2p:RequestedAuthnContext> </samlp:AuthnRequest> ================================================================================================================================================================================================ <samlp:AuthnRequest AssertionConsumerServiceURL="https://localhost:9443/commonauth" Destination="https://localhost:9444/samlsso/" ForceAuthn="true" ID="ihbboclbdlnmpoienmmpocbjjdgefldfldbngemp" IsPassive="false" IssueInstant="2015-10-02T09:48:01.258Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" > <samlp:Issuer xmlns:samlp="urn:oasis:names:tc:SAML:2.0:assertion">Primary</samlp:Issuer> <saml2p:RequestedAuthnContext Comparison="exact" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" > <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef> </saml2p:RequestedAuthnContext> </samlp:AuthnRequest> ======================================================================================================================================================================================================== <saml2p:Response Destination="https://localhost:9443/commonauth" ID="flgcpkjeehdmcfebhoapbgllaihgeljdenbobeam" InResponseTo="ihbboclbdlnmpoienmmpocbjjdgefldfldbngemp" IssueInstant="2015-10-02T09:48:05.301Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" > <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" >localhost</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#flgcpkjeehdmcfebhoapbgllaihgeljdenbobeam"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>oF0mXlNG3DWRBJu6pU2sh+iy91k=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>XIVqyVjvOKz4eGJr2v9xCsIDGQCozli4G5birojesNTEWnbssmAv3fIOn6dInpDM0YBc9sVSY0O+AalqOWrcwCYVagQmru0d/xQIAJ8HtrTe+smVPKVdYXOjBYG3i/Gvgx2d6AD6O3wmBq3IxkhxoU/5ee+gWaj6INQXLqNwYnQ=</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml2p:Status> <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> </saml2p:Status> <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> <xenc:EncryptedData Id="_421e77ad6a5fa51d66856fe828cb2e80" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" > <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <xenc:EncryptedKey Id="_f85ffdccfe20f0e63fae5238348bd80c" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" > <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" /> <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <xenc:CipherValue>O1MzS3TPc9Y9DaT/wX7IBvx1s7UrGp5vU9SzrhlkU9jd2/aFjgEPFusX9PNz7H7XLUqT1qUbbDszR5eoCPhB6B9FL0mAHeto1xECKR4T1m/7FL1Y0N9IUmP/PAnZPo4ORxpzXNpzy2TqQWGCJ0P4XroeejTULZ4OvQ8ZHpjt17w=</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </ds:KeyInfo> <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <xenc:CipherValue>1NajYEPOxbGIBAL6gsqa9bhbBsChY0CjCEjszMB9E/Pw4ceYblnKpr4b9NS2yXDWT9CrDIfmWAUCoC/scdh2HsWX8W+j2NjzFGMHhXGlsdeox8Iu+sB4YoiM694AWpTLF9l3dpZFPcvJOTlnc6khev37ePz1aNw8hCw0prnFnMg629rkZWUUD1Ebu3lKX9D1gtlJ19nKAzRT/XT4Kq4ozOv83vMwpCYvi99mhVkLeYRnq1uNbshfWOuUD9lkKI+Yie8qS4+NnVfJToa9NYfns7E0pE7HD7tT8FGuVT0+gSYcEsOn36pDCs4jzfZU3J4ZLC6d0R6wckb/60O7uvTYdO7jQRV/3y3HoZwf3cF20epNJIHeW1dPPmXaw/5v8Ke4tEfA1a18X4u9UXZqO3zS6QwlHnGOKimDm5MOusfljechS2pRQZ9KotJXTkSLOoFaMhjhU+LWTxZcYHdSGOxVFLVgMInd5tSS08ZOzYwUS82mwD/tCBP0A6H9dw8pAuom0qgzYbaaxXRSydTOLlfhK5kkblqbO6kGSBWKJYzRbBLrwbf0FbsogFisETmp/Z/DVGNgFgiTlp+8Jd4F0zlh5f+b/8UfPoChfKZbv9bpX7CHQZ01YYBoDinxBaH6Y485a7cvQiAYT/L4bKpTeMoqwY5VVMD4K5tL5M33p3cuvlbAC8XSmd0IPCPSOXNuuXCqiMIrnAUOq2I0tVFM0PQxmG3d23LyLYQYus7ztndpXNxtvyFNf5mijum67zkMVp+7Hb0JU5UeliS2z1C0kotGcibPI8EooDIbJw/9OP9pB6SKDg6R/5fs6A21yuEfpSquf8DP8d3u8LpQOgkuj9c51KCO+Xh+0I6iQR6mf6ZLZ7Qug5FRR/OX7HUBDtbwjWjyo2zrqciwbaQYc0C/FB51zUB87B1mJ1G42ozx0Oacx6rphdV+jXUtVh6WD5yppMnIHdi07PB8OmibY9Lemjdcv89nLmKkDm0Ca9TyabEdn6gH8a2ns6ZNgvNkBw75iCp/SgVWa3d9MzQWnfovbTRXvZUqyNy8v5IRf5FI+ZmDjhLitYAhpUMYQc1A+9/J4eIPNCbkE1IxWy6AGbEF5cFKd6tYOrYykeUIz8uqJf2TNm53JsCJgOb0x//ER9SfUBWc1r5CzZsSmP7KCu3TD+3riXVNVEND42bMzBtORqCfRTvkPpbNUBfZ062EMGJ6QVzsETZIJVJOl+zIYni4zHdz/DIYUZLDFVsbK31KOs2PWuWFMfXU45pjA7PHoaa3LKWzaWwNbi6TaMP0jB4KE+q7uigzQYQM/efSPRUYK2Hx/RyqfbPO1djcpPkYcMKNoqxS+g18sEIMRz3DudTCqdOzZsY7/LP4RfgGEYO12nLRitpbMonswai1TbMwyGKZZFFjIQ/cVhS/Cev6l7Kglp+Esq4i7APD2ehXLIStgHO2rvMg/CTK7S3syvNOTI49dlSc8oaupZf4rO0mz/0nNuehJQuX0iouoxxLatSdvM+k4rUxcJ01s/dQucfWDied69MWwCcKahyG7Z2aV9ejdl1ZTMLgcH8AWdFobNxDY9NHY9t3BHwSbFfz+Yo3K1mREaa02zU2jRap0xnbVZ7MWLdIcIAdF+PI/BtlvWHD5NRKqi7oTcMj8OoHBB/I2Ys3ZRnjtHb1mxsm84qt3ur/olyzuDDHkOWc2tRcipSHSoEldtL9rnI9RKRQymAOc/d/8M91U0qyBS+4pPV8WbSxOBd/jH0QtAjBbMVw7v5PBdLSKTg5jE8M0OzTTGWH5mgGoXtXLSA+Azr0LTvfLL4HiRXWrw+AjYhTMldMARr/KSl0zhsREG3cNMyUSkNQohS/LF0geEhZre74UfCt1rpcBivpTjsc5+zfMJsOvLTiASbiwKO2oXjBWF0D967+Ee4i/RP5mHY948X1lyJBuchlHlfzqoj53SnB2mQle06xa8xPviJu2adG3PtPRmALvT3BOPZHEPxaaag0cYsVB4AvL3WqQ9nm/LfhrU2DJk9Gfu+unUqmhWQAioIjlp253h/JnvbTUQOcM0p3sObAEvWkkPkZso0aCj/ftR8ONTIJYLQX+W/UTc6l0CNZIYsBINB0/NauyYvyooju3+eohKtz8DmFN8+W7KOUoTcpE9Bf/7rXxlRoq+qFT/TG4QkqcuxtbQUgNZX71JFxd/ALqqLw/er8v9jrrYDrxkvog30uiWftIW2kWE0dCj7OyByK5fMZQZ1LsOcbMVAclrAdFiE8R9inbnPP4vGv/WA77U8ShNjg4F0UFJU1GQ0tJSUSqkyUYRXDs3ERuigoJ0IFA3U2Pt2vFt57a6pLB68kU2jji890lT64/uwfQ9BS9DCMadaLaYjo9NFOBfYlFnfvt8bo2PhMEVxb168OGgmLDk/NhOLgTWUuoBLQPKq/xYe+G9yy3SW6lXl3yfoqEybKBktDmY0FKT+BSZwQjPyoU4Q6g5394veowZnztO1xEezcQLbRpwW/IRJeanHmLH05Got6wjX5lMOoRauM1Ewwt1Kli9GCBpZStB7Rb/W08QmFkf9QCDh20uyxW4la2/vBrVQApDAlOlP9X5nfJZTC46vnj8bjskvUhFiDWENKg0GgbExnj27fUBtttCzffmQ8ZokdDfYTWeCihlYkMtW7JtNhRSIZDFlwQqb3PFB0B1QJDNzEbSGyKKG/9RwHUsu9UQAdyMzvWoVkxqB7K+7lQaOolO1slD6Qjq+DpzwZWtkVvk9kK1GdylSBwjuNwBTButGVMu125QFpHStLiB44ksMMyfHxLcC5HmS/lxQagKyhuDimTPXqnw9lciVaIIEKwNaCownKXu6Um+xZJTiC2R9Dzlktij8EPF73GSAtG2EfzGS8m1N3I1uFs6WW22N4VpYl0WnFk0wRgFGgQ7gfF1DE3+yMQbeqGomc4MHm+hlxXUf4+spO9AK+gxHOXJeyvc0xPJM2//JH1y+IfIZYHsE2mquTdAZKm4hWSWPkrPLdAbCN2rMWeXVWvaEhw+382a1d7wfWXXGIQH8t/QqSXUdOw9DLFZsav8Nv/o8wDVB4vG82b8II2KJkEmzz6xC7hSOzhiEUakvni8S/HxaH4Z/IS+QIJrdlKTjtbZPxm5sB7Q0Bd8seO5HKSLLyuZjb8BXlwO/r7KeDMwP5uRdTfFl3AxRnLZGKmEAQcbtSEZWdDHJVON1O1T5lrS9dQbWjURwvlrfrQZhtmJZKFZm9gBsbTHNuDgj593xw088KRCDzs2OAbj33Db6A5AI6XNNwlSUyjt4H5LjouVraAODbsa7Ui2kTTHuMht4nsFm4MmScK7x8J8ge+Q2F27BJvqpP9gmuJSzNLG5fFCU++6nECl7cPBINnOF2GSJv1kmw6Curs0p3iIsHPvsJ8GTZFsmyrWEwrwOvNNA/HbAfJYzhNxLxSwI5fkmcHN3YEP7sp/XQbE0pw2iZz8pH3lanf1fO9qMlSccbYUAbRqCij+wr1secEZy0qSEsYDswx9rjB3bkdMxkHMAn8FK0umw04m6cO8detcYEgZyJVNo3Cm2jygBeV4OwaB5SWbqlNoscNl9Yh2EHdj1b0C/lIKGB/gbSj8mZsxIplNW5lUchqK15RJrFkl6Zryb2DTs5L1f7BK4NNO3CBrQ4xQKqS3miTni4bApdwZy03+oEKJO7Qn51lEJKdoipyQxCX2HlermrIv5C/uMtWwFv0dZv4M7+bb774pc8nw9Tv4HU/wkU8fXoqsSXxahup2prJTWv9cR7k0teTD+65ZzGxYVb4HPHtjn7X4CD66kZGjzwIyLlObkFPZbTjwXz5kE9dNjLeSHIAS9TtrbmlcIfr/Y3UBZUiMQzpDllbHdamvqB3gV5nYyA6t6xmhh/oK7o1sOPFPypOkxuy/Or4tS1K8On378DIQbWSET5Z1PUlDWabEpippLYveETj0qIYH74ytc9kSV9h4t+G4z+Hywj8OLcU5InpgSCOavbaCf7EoQo7eoFJ4j1w3/TI83lJH7ZiQXePy5vJ0tSqkrWas2dt0141diek69W8rs3HegZb7zkI7x8uPT66YT6m0qqFB8=</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </saml2:EncryptedAssertion> </saml2p:Response> ========================================================================================================================================================================================================= <saml2p:Response Destination="http://localhost:8080/travelocity.com/home.jsp" ID="gcnajhohabakfijeepnlnjdnnbdbofgojnneibnf" InResponseTo="0" IssueInstant="2015-10-02T09:48:05.410Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" > <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" >localhost</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#gcnajhohabakfijeepnlnjdnnbdbofgojnneibnf"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>p2euYJLkLyFA7MOFVZmrqDKZ62k=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>Kj9lheqOzwCHIWYwKadvbrlTVPJfsdGvf0bEYYBLTBYqoiIwxcmpHTrsbiwzdQst2b+mIM+dRo8ie92P0qTjFHpo4vZPS/X2j6VA0pB+fyegTTRpHXquUU3d98At9xglzlsWdUibluKECygVH16N2pFjpbfmDGae2vqGWDNxBvU=</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml2p:Status> <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> </saml2p:Status> <saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> <xenc:EncryptedData Id="_324748cbbde5953eca231ef8823a4ae8" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" > <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <xenc:EncryptedKey Id="_da24ad52a6e1e5506f7fccbb6331e4dc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" > <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" /> <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <xenc:CipherValue>IAYV41JwmohyyHYG/bkVqvl7UnWBjtGVS4UlMhuhn5oYgfdNaTiVG9gyXCFGdYha0GpNTzRi6vESgRcgMx7Mgg1puAFzD7/gPdTQHxBVgLwlcmPOrf49qwBAD5bJjPLSqHMqU3LsgznQ9fa8eUywDYfn+nvOOuA7UAr4LtmCP4E=</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </ds:KeyInfo> <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <xenc:CipherValue>pPoi7vaktQtrIDRSenvQWRuocFEallTlEMs9KoMoVbEg/9Eu0QCxT4VnvNiv4K1fFZlEhBsYvaIbVRFFNiob2YtjU6LWDEjtwAve1oZr6GRyYykYmmloMtRO9qo9yJgvCoI6oH+sxCT6pfsAsdhmzUS7DQ2zRxl62U8HXmQZ4DVv0lS+UsSfEjOAvQKbSJlPJZpSzHQmS00nclKckDw+lHawEB//deRWmwph9suTEUmqjMC+JQvpIxkGMwEYh9qABGagKm4XILtHe+/E2Inwxrf5d/QxzSgR5MxecNxHqMPAMmVimSi8ooC/U/2yPgRanRzRR7qWEHVaAyRXbkcQjv9tBZrHrGh35pF8N6Yp5fN5OhvvLhbNUK2N1lTQTlTs5tEpywdjQ5dFHtc5UEX+Emhi/1Nug8vurzhbqt2f17fL7Dv/MPepuerlB7lpGhKpmbKxrHiovsWRrAkRfEqwriFSzaEk71C14GZbb2Und5wMnGbhHQaYtIOHQ2NaKkhigep0qcHEtw2Y6hR7Gwxc/uty9VzNGJccP0IvxT+XYHGtjB6Ywpn9QMqVcjS+wlEIJI2Pw5yzIPh43blGV0U+NZ+S7PQJdYEMYckghmrumretqvtfvODdPLQ/LCaMOHMzdzjJ/bMfhrS/1HoumXG2VrgAbF19P1ujYZQoP+tsGfLrG0I0NdQv35YqR3v5/uKNZyVCczGuaEDz2749GNeFIPwBcmpPxtzWCxBM60oHnAmTkiZfT/K+nPuxvRdXl83VjQfINg6Tus8doYPy+zmmj01aSCdG5YUAjHJ/E3enEtDFyo4bJ37j867pevGPDU/qunz3F5fiJjyltRx2a+bK+34oCtuFzMstw1FnCXx9DCgV1EtwHreMmNIgTAbWfPyq97d7WfXHaFGyoige47V1qSCbbn8VKj+yQUU42VvfPSZ2t35ObOpyaymidfZOzPE2SlbusraOtq117jP6oq/qhrH9XxJnjbmnCO6yVfU3x9gLpROAHP+vcH8zAhLLKxPsL2SM1804TbF29YTW80FdPgm1/mMQvmFm437w3E0OHQ4yHnSvAiveJDka6/Ewp1f8x0D7Ksy+nWOthEvSws2PBEtDZjoqI5/mh1ybsOhen5qWxx8rtCzlA8Vh8pzF4+ikauEvtOLtjxp3CpafH4ghWGycjOut4yXNe6sm4ae464XDYRPmo8WTZzJDjQ82TdeTOmxYTiFVx55nkzhE8g3z6ZkT8/ReIsGWDo4R+i2xvUhnPTBhDQPjOpSAGhsDd/t91LkLY4gFBYQ0hL16kcHhKdv2xW45Htk1JURwn86hqev51VROfW4ke/12xd4B6fkIah8XRWW86kHr8Kfr6dGP0JbEbSTHR1q2J3YglssYpDGnTlc6sig4NzE01nDydAau/+5h9O9bbBq6rG03B4J7XJz746lMxIhmSTZGbCcL+nRqPYBPLUd8TEtRCYjAQ1mEzF4hXg8ONm+7uwz6Fl84pMqnnyzszhrWkis7N/H/S33jOBLUmelNAsLaCaCNUiEu/VmOsTxSWMPHAjCoLMZqPGs1MRxxIioUZBTcovHJ7lY5iakSqYeS3u7oLPtYMLuOZF2obpaYxCJJPbZR8IY+eDHB57cRiW07G2cE0JzdCkfziDCtZTd1QFYRA0VxtT4QTIEoJyXOSqsgb4Omqrga69NtvzE503ksAMPONhGO00xynsuwF/rgROT+vT0gIqd7P55PT1ihbbV82tChNa/5kiySKyNyXNqxNJ4lJNMz4VLznwAPKUoAO2ffCYTdRFAqQKPPzjXVFKA/gBlnNLeGgngGqrOyg7v1kysHGyNHF5nw7Wa/hlsE2RcOJOOdGLh2lZIPLEIQJvKfWRk/VYXqkg2vz86nUbA3GY9t6Ui/upTxrHsm6gVWAZssQNUQ3iizacxwdlNENAC4StoqFsSUdzseci3popXq2z4wnXZvwqjIhnxGCPF45UtYjI51ueICU6+BimNvu68uVLmckOmY7tCdqgGJcZlXDXlK0feWQrpzUlt6+WG3FMcOXGyDxthijKHPpnQXKuC/0uSy63gpoEfBP6WeshLWn5k6o51QTWccgKc+n/qL0y3czKVcghFLS198x7gplE7q6Wm+y1wK7bl7sPhahnMF4tTbAgvosvWmy0cPLhwJxhWha+pdHFZkDO+Ght6x0pZKnXo46vCIbSgOkfERfqS4wJVTdX6ltvpKrK717T4yVmZ+IktanoH+blbYHKQ1V7pGKyDxeazz9aopYAFc82kyUmcrKh2R6zRG5JtsiwX5+Ed/5ZeRXwYpxiMvyD1zkC91TVfm98G+OuINQBQxdNs5r3/5r9V53qzwl5csJbcCaIOfK7COWvn/bvUG6H/sg7tYXCwYgF8I1BeQLB8e9duPsiQ1CC3JMTfMrmORLIaZyz2HkEa2T4geVo3mq/NSSNv1Qdn2xWPp46fY2ylYHRSCdMEJybZn4n1JGWycJkLbRNnHAqduFEAGfeZ4VrLane/tJNnB7PmCidUxjv5agSqbTg0xe1Zj0aWIBt3jZEcHOS75guzJ5dIUHUYrc7pIZfLgdLqy1Mzyz4JQRuhUx+EtiN0/cUZjZR/nmOqO9mXZIwxisjLBHRWM7k/zYs3Qyi/VEVAcN/8m8K7TTWX3jqK+zZhSwbS9y985co7K1M+xDkNmIrKprWgWRjHp+di3fWq2rPtgCbaDODbV5yMPZ9w2hHjyiF1E5jAT6sCI1Cx7rhKW35gCWMnkXHxO4XiVTMmlG6Fz5TvoP3htaqv7OWH/tLf5sCtqtczP8424/hi06gquQDv1NtdHZxtZQPzwk08Jfnk+XlH9bTBV7txrJkCQb/EK6x5f4FUkrXaOQIWSXrtpvH31KOPQI5yrpoYkviW4JsNslsEsCa3wiYl5cdsb5v0dTNxVswrLPTntLyjjXHXr7eYmpjVMutD3cJvcSeLsxATJc+/zeHTdlErXsVzqR1yUOpfdAZy3QySqQeRGEZHKHwOEGxNzKEvzOZLiVWcSiMflAJBDrwJjYOeANPmUzhBwepXgOFp6RgMuTS1SLkrTjg45pq0UmwZZkksUWb+UDker7iPDiLvz5q4xj/UpVnzYz2Fc+pb4HQQp+rYHo3szHGcho1M9qv416XqIMs78EYN1NOs6i2rRP/BvFHaSeVUuPfzGZKlHVCaFapan0aYSn2w033AnTY8msxqZkmHjDAknS2i09GkDppbcYNxLwmf58vqc3ZTtarDU83OLHispI8LdgpyBI07SXJ7DK7XltZmpOfomSEKEUC8roZkjAJXGiV/mjuDCb9YA85BqqNTRvvTJDrkJF/v2LT4KRUGxnGguD85yxWhKCgnlIwnp63tZ5t+MEuyxCsQMTQQXOX5Yyv6tItBNbwEQyjl48vX2f8o+Eq7dyO8g+2P+tk48EFpWDe9HXYv9RO9Z99mxz6k5ZEvYYaSCIn+5Mzj/1R5EGdqSG2R6cOMnE1KdWUhZj9CRNSe8u8FUWg6OoVG/+Y33gyTFl5awcjHISM29/aiaBUc9suVWWMV36x4liS4QUpC7xydmlZxTc1gQqcrtgYuVLZ14DElz6UYaIOJEGoH6qqTX1Av9nblcBiXq7PtT5tKNl4kcScwjzM0ic/J044huCVbT0zURoL4p58C+tN3rGmvxxV1CQ8st0ECKuw/4CMFH+5j7shnjQN8cb0cAhfZymy7XuNIjmKG/Df9DqNIfAXduVyx0Dj4M3W+OpGGuyzkqIU+htsxwiUGNTh1p3Urxa2k4XZEC3yn4yaknOTcgxoTmwCzbyIyxaKewrqNZKApDVtG5x1oy8rGwfdhaMVzd8n94bwJRo/1GM0pgZ4Iclov/kXNQjiXsV5xPjLKfkZmMyFLLfsnUAoNDKS+ZsCpFqrwkXf36v2G2Vo6xxDpZLrEBoV9Hqa950bMwJQCTG4XUDkb46ccz0pep18Bb8UGCPYPBfsVSwuueqvVITgzmSIgeFaMqn0kdxy90ac0rPKyu6y6hmQLSYt4IDC1I7RfBxTruTBNDTf2V/wMnYAuSBRYfGkAzeA==</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </saml2:EncryptedAssertion> </saml2p:Response>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev