Exception: ComponentSpace.SAML2.Exceptions.SAMLSignatureException: Failed to verify the XML signature. ---> System.Security.Cryptography.CryptographicException

endritp · September 6, 2017, 9:19am

hello, we patched our 2008 r2 server recently and the saml stopped working. the log file is showing an error in the incoming leg…

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Initiating SSO to the partner identity provider uatSSO.

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Service provider session (u51kd4dyvztupvx5xs2kxct1) state:

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: SAML message constructed: partner provider=uatSSO, SAML message=<samlp:AuthnRequest ID=“_31fb25fd-d063-457a-9686-2ef53470cd2f” Version=“2.0” IssueInstant=“2017-09-06T14:50:19.139Z” Destination=“https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin” ForceAuthn=“false” IsPassive=“false” ProtocolBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” AssertionConsumerServiceURL=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<saml:Issuer xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>6b4f8b57dbe1722c4198449e79ec8c912769e73efcbc13dda026e96b1e1718ed</saml:Issuer>

<samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified” AllowCreate=“true” />

</samlp:AuthnRequest>.

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: SAML message ready to send: partner provider=uatSSO, SAML message=<samlp:AuthnRequest ID=“_31fb25fd-d063-457a-9686-2ef53470cd2f” Version=“2.0” IssueInstant=“2017-09-06T14:50:19.139Z” Destination=“https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin” ForceAuthn=“false” IsPassive=“false” ProtocolBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” AssertionConsumerServiceURL=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<saml:Issuer xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>6b4f8b57dbe1722c4198449e79ec8c912769e73efcbc13dda026e96b1e1718ed</saml:Issuer>

<samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified” AllowCreate=“true” />

</samlp:AuthnRequest>, destination URL=https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin.

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Sending request over HTTP Redirect, baseURL=https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin, samlMessage=<samlp:AuthnRequest ID=“_31fb25fd-d063-457a-9686-2ef53470cd2f” Version=“2.0” IssueInstant=“2017-09-06T14:50:19.139Z” Destination=“https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin” ForceAuthn=“false” IsPassive=“false” ProtocolBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” AssertionConsumerServiceURL=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<saml:Issuer xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>6b4f8b57dbe1722c4198449e79ec8c912769e73efcbc13dda026e96b1e1718ed</saml:Issuer>

<samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified” AllowCreate=“true” />

</samlp:AuthnRequest>, relayState=

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Creating HTTP redirect query string

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Encoding SAML message: <samlp:AuthnRequest ID=“_31fb25fd-d063-457a-9686-2ef53470cd2f” Version=“2.0” IssueInstant=“2017-09-06T14:50:19.139Z” Destination=“https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin” ForceAuthn=“false” IsPassive=“false” ProtocolBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” AssertionConsumerServiceURL=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<saml:Issuer xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>6b4f8b57dbe1722c4198449e79ec8c912769e73efcbc13dda026e96b1e1718ed</saml:Issuer>

<samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified” AllowCreate=“true” />

</samlp:AuthnRequest>

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Encoded SAML message: fZJbj9MwEIX/SuT3XJxrY7WVylaISl2otgUkXpBjT7KWEjt4nLL773HSBZYH9tGjmTnfmeM18qEf2W5yj/oBfkyALjjsN+R7RtsmLVoZyqTMwryoeFiXqzJMoS2yvEqETFsSfAGLyugNSaOEBAfECQ4aHdfOlxJahUkdJuWF5qxIGK0jmtXfSLD3Kkpzt0w+Ojcii2MlB+ThxF3Ex7GHSJghPuzvz1+hmeni8+7+eDSd0iR4b6yABXlDWt4jzNInjqiu8KdyssYZYfp3Skuluw2ZrGaGo0Km+QDInGDzTubRWXNrQvbhcjmFp0/nCwl2iGBnxjujcRrAnsFelYDPD8e/1DCMvXn2VwDZQaRqLq/ePO9u/Eo76OxidOGPbztfFkUcxycSPA29Rrbk8Dbk+OKIbNdzN1vObV/Nvz3Of/sh27LJ21VTVLIBWqWpyGm9yvMaqhrEStQ0rUr/yKAVjaCZlDxJS6jLhvp2ugK5jl8B3GhG9tErHvYn0yvxPEc0cPd/IBrRpaJk2C6tbNI4glCtAulv3/fm550F7nygzk4+z3h7U/33s25/AQ==

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Query string: SAMLRequest=fZJbj9MwEIX%2FSuT3XJxrY7WVylaISl2otgUkXpBjT7KWEjt4nLL773HSBZYH9tGjmTnfmeM18qEf2W5yj%2FoBfkyALjjsN%2BR7RtsmLVoZyqTMwryoeFiXqzJMoS2yvEqETFsSfAGLyugNSaOEBAfECQ4aHdfOlxJahUkdJuWF5qxIGK0jmtXfSLD3Kkpzt0w%2BOjcii2MlB%2BThxF3Ex7GHSJghPuzvz1%2Bhmeni8%2B7%2BeDSd0iR4b6yABXlDWt4jzNInjqiu8KdyssYZYfp3Skuluw2ZrGaGo0Km%2BQDInGDzTubRWXNrQvbhcjmFp0%2FnCwl2iGBnxjujcRrAnsFelYDPD8e%2F1DCMvXn2VwDZQaRqLq%2FePO9u%2FEo76OxidOGPbztfFkUcxycSPA29Rrbk8Dbk%2BOKIbNdzN1vObV%2FNvz3Of%2Fsh27LJ21VTVLIBWqWpyGm9yvMaqhrEStQ0rUr%2FyKAVjaCZlDxJS6jLhvp2ugK5jl8B3GhG9tErHvYn0yvxPEc0cPd%2FIBrRpaJk2C6tbNI4glCtAulv3%2Ffm550F7nygzk4%2Bz3h7U%2F33s25%2FAQ%3D%3D

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Redirect URL: https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin?SAMLRequest=fZJbj9MwEIX%2FSuT3XJxrY7WVylaISl2otgUkXpBjT7KWEjt4nLL773HSBZYH9tGjmTnfmeM18qEf2W5yj%2FoBfkyALjjsN%2BR7RtsmLVoZyqTMwryoeFiXqzJMoS2yvEqETFsSfAGLyugNSaOEBAfECQ4aHdfOlxJahUkdJuWF5qxIGK0jmtXfSLD3Kkpzt0w%2BOjcii2MlB%2BThxF3Ex7GHSJghPuzvz1%2Bhmeni8%2B7%2BeDSd0iR4b6yABXlDWt4jzNInjqiu8KdyssYZYfp3Skuluw2ZrGaGo0Km%2BQDInGDzTubRWXNrQvbhcjmFp0%2FnCwl2iGBnxjujcRrAnsFelYDPD8e%2F1DCMvXn2VwDZQaRqLq%2FePO9u%2FEo76OxidOGPbztfFkUcxycSPA29Rrbk8Dbk%2BOKIbNdzN1vObV%2FNvz3Of%2Fsh27LJ21VTVLIBWqWpyGm9yvMaqhrEStQ0rUr%2FyKAVjaCZlDxJS6jLhvp2ugK5jl8B3GhG9tErHvYn0yvxPEc0cPd%2FIBrRpaJk2C6tbNI4glCtAulv3%2Ffm550F7nygzk4%2Bz3h7U%2F33s25%2FAQ%3D%3D

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Redirecting to: https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin?SAMLRequest=fZJbj9MwEIX%2FSuT3XJxrY7WVylaISl2otgUkXpBjT7KWEjt4nLL773HSBZYH9tGjmTnfmeM18qEf2W5yj%2FoBfkyALjjsN%2BR7RtsmLVoZyqTMwryoeFiXqzJMoS2yvEqETFsSfAGLyugNSaOEBAfECQ4aHdfOlxJahUkdJuWF5qxIGK0jmtXfSLD3Kkpzt0w%2BOjcii2MlB%2BThxF3Ex7GHSJghPuzvz1%2Bhmeni8%2B7%2BeDSd0iR4b6yABXlDWt4jzNInjqiu8KdyssYZYfp3Skuluw2ZrGaGo0Km%2BQDInGDzTubRWXNrQvbhcjmFp0%2FnCwl2iGBnxjujcRrAnsFelYDPD8e%2F1DCMvXn2VwDZQaRqLq%2FePO9u%2FEo76OxidOGPbztfFkUcxycSPA29Rrbk8Dbk%2BOKIbNdzN1vObV%2FNvz3Of%2Fsh27LJ21VTVLIBWqWpyGm9yvMaqhrEStQ0rUr%2FyKAVjaCZlDxJS6jLhvp2ugK5jl8B3GhG9tErHvYn0yvxPEc0cPd%2FIBrRpaJk2C6tbNI4glCtAulv3%2Ffm550F7nygzk4%2Bz3h7U%2F33s25%2FAQ%3D%3D

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Request sent over HTTP Redirect

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Authn request sent: partner provider=uatSSO, relay state=, authn request=<samlp:AuthnRequest ID=“_31fb25fd-d063-457a-9686-2ef53470cd2f” Version=“2.0” IssueInstant=“2017-09-06T14:50:19.139Z” Destination=“https://idmsa-uat.uat.com/IDMSWebAuth/SAMLLogin” ForceAuthn=“false” IsPassive=“false” ProtocolBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” AssertionConsumerServiceURL=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<saml:Issuer xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>6b4f8b57dbe1722c4198449e79ec8c912769e73efcbc13dda026e96b1e1718ed</saml:Issuer>

<samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified” AllowCreate=“true” />

</samlp:AuthnRequest>.

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Service provider session (u51kd4dyvztupvx5xs2kxct1) state:

Pending response state:

Action: ReceiveSamlResponse

Partner name: uatSSO

Relay state:

In response to: _31fb25fd-d063-457a-9686-2ef53470cd2f

ComponentSpace.SAML2 Verbose: 0 : 6036/56: 9/6/2017 10:50:19 AM: Initiation of SSO to the partner identity provider uatSSO has completed successfully.

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Receiving an SSO response from a partner identity provider.

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Service provider session (u51kd4dyvztupvx5xs2kxct1) state:

Pending response state:

Action: ReceiveSamlResponse

Partner name: uatSSO

Relay state:

In response to: _31fb25fd-d063-457a-9686-2ef53470cd2f

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Receiving response over HTTP POST

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: HTTP request:

POST /integration/SAML/AssertService.aspx HTTP/1.1

Cache-Control: no-cache

Connection: Keep-Alive

Content-Length: 11881

Content-Type: application/x-www-form-urlencoded

Accept: text/html, application/xhtml+xml, image/jxr, /

Accept-Language: en-US,en;q=0.5

Cookie: ASP.NET_SessionId=u51kd4dyvztupvx5xs2kxct1; S24Cookie=rd165o00000000000000000000ffff0ad4b642o80; i9Session=i9Session=eZhLc9M9g1ukZ+lZh+cl39EbDVNCBmIrZcIma/6jaUIrKJNM5EjVXnE+e45U8pcavvcjlnk2Xf/QU14RTRY5rVkLtsClEdXcF4zMgW1xJ0bLgz2YdO4NWeSCzAqT/uW6272ZhE9g1pO2cwJAgrrIdvedGHcSBCL0/jcgC2uDWPmKVmXIexMDNjAJDG/lPzp5+QvRdFSbV5T2RR9w4nzpp5R6E4Z6YRaqcfWbtcUOWP7PwIW7HccIwRoU92c+nE+/eITRrLCXBWEiwkEO+R4ylkU/fkLi2hrhMzPe2yMnvVQUgjRpwbv8DToa039W2BjJo18KXj7y6WHQlezBIqysARi9ZL7a3IhVvjk2Utnkg0TztvsCC6YGWZMhkGsFK2sI1Y4vEj1n0HObKq7gECtjd1qMV5Tzlnp7dQ3BOe0lRizeLizU4GW60aKGuh2/LhIxtEIv0VgWeVABFKpKeo58A546sLw9bBdrKQ6UkCGlsQ0xdJO6ny8W+rj6qJ0zT8GTobPMGTPrkLbgtb2BftusUBzzMoSE9aaoZe+3RENnw5nmfg7i1KxZ70opbsUxvexp/AVSVxLZp92tC4b1JdZQA3xvf+9nPSyvYT2HoD9Bt4N/prewGyjsYhxfRtgE66DNLhj0WXFzCIDWVVSPtuAkUrPKfQlwTT7immXWti9ule5cYIbg30fMRyCmr4LBBP9iFsJNmLErS2Dk6T22eL/r6jhuQI/znCRKelacUwZcqSMJgag2bB5aGw3Fhp9JhyRlIeITzh95bGBz6dxVq1Jw8iR55p+cXLJBkMra5RA6fvVZIeGH74SyhcDvlIhFaDmPHT8DTOqJE+WrAZGuLTzNuB+h9vfjED3C0hTApT/blpudSd2VB2rMGGneMrmME/ESOapI0cKHckqgCz6dZYv6gE4t0mHXezkAbGScMvYIUF5o3M3TPNhyLDpsuwryg/kko1HZKoFUfZ7lUPCnLnZWY68Y3YSL057X4byXHy7AdHKauJusptUkttVbT3RkTXqQxrhTOl9nhmwo/Nr7Pq/1pgRYmOZgtkre8dqo+gvHiuGWNXcSwsX8IXCRgSBjGpoeqGVJK+oJq/9i8av4+ByvPQ==; __utma=216537870.2106236407.1504698157.1504698157.1504698157.1; __utmb=216537870.21.10.1504698157; __utmc=216537870; __utmz=216537870.1504698157.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

Host: employersedge.testDomain.com

Referer: https://idmsa-uat.uat.com/IDMSWebAuth/authenticate

User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko

DNT: 1

X-Forwarded-For: 74.94.95.69

X-REWRITE-URL: /integration/SAML/AssertService.aspx

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Form variable SAMLResponse=PHNhbWxwOlJlc3BvbnNlIERlc3RpbmF0aW9uPSJodHRwczovL2VtcGxveWVyc2VkZ2UuaTlhZHZh

bnRhZ2UuY29tL2ludGVncmF0aW9uL1NBTUwvQXNzZXJ0U2VydmljZS5hc3B4IiBJRD0iQTZkNmM3

NjI0LWVjNGYtNDIzMy04ZGNmLWY4NGQyZjFiM2MwNiIgSW5SZXNwb25zZVRvPSJfMzFmYjI1ZmQt

ZDA2My00NTdhLTk2ODYtMmVmNTM0NzBjZDJmIiBJc3N1ZUluc3RhbnQ9IjIwMTctMDktMDZUMTQ6

NTA6MjcuMDAwWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRj

OlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1M

U2NoZW1hLWluc3RhbmNlIj4KICAgIDxzYW1sOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1l

czp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbD0idXJuOm9hc2lz

Om5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+QXBwbGVTU088L3NhbWw6SXNzdWVyPjxTaWdu

YXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJ

bmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcv

VFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIi8+PFNpZ25hdHVyZU1l

dGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3Jz

YS1zaGEyNTYiLz48UmVmZXJlbmNlIFVSST0iI0E2ZDZjNzYyNC1lYzRmLTQyMzMtOGRjZi1mODRk

MmYxYjNjMDYiPjxUcmFuc2Zvcm1zPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3Lncz

Lm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjwvVHJhbnNmb3Jtcz48

RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMj

c2hhMjU2Ii8+PERpZ2VzdFZhbHVlPnVQOWptQllXZXFPT0tLKzBlUVVKb3cvV3BvMDBhVWwzVzhp

ZVhNYWtsY2s9PC9EaWdlc3RWYWx1ZT48L1JlZmVyZW5jZT48L1NpZ25lZEluZm8+PFNpZ25hdHVy

ZVZhbHVlPnNIK2M5YmdURGUySmdNZTlhcDZ5b1VnR1lwVmd1RitNc3U3dyt6c2hqaGxkN01YV2FN

bGhyQjA1dithcDl2bXhpTWFmZmtUWVMwckF5cVdtdVlCNWZ2eU1sUXMwd2x3YW1EdWIvZHBmL3Bx

bFllVWZkbklzRUVGZEt0SUNSUUNOUXdmK2c5MXlwU3RaNDI3UFNjTWtOQWg4aWhqSG9SdjZValJy

dmJtblFmL1l3TWtLMlI4cVhPWFhUSE1Hd3ZCWFU2dTBvL0w2WFRLTkFNV2g1ZXkvVTRHcUJ6Q1ZX

L0p2VDJXUmV3bjBtbkxGTng5VjZqcnJFS2Jhczh3dXlSRENhYVVua010eGppTHhzejRzWWVDS25p

WHV4b2ppMm0va0R6NS91amVUbldLRERNamxPeUx0VVBWSG5HWGFCT3FJNGtVL0hJWmRxOFdyNzk3

RExiWVM2Zz09PC9TaWduYXR1cmVWYWx1ZT48S2V5SW5mbz48WDUwOURhdGE+PFg1MDlDZXJ0aWZp

Y2F0ZT5NSUlFQWpDQ0F1cWdBd0lCQWdJSWJsRFdYa0QvNnl3d0RRWUpLb1pJaHZjTkFRRUxCUUF3

ZlRFek1ERUdBMVVFQXd3cVZHVnpkQ0JUVTA4Z1FYVjBhQ0JTYjI5MElFTmxjblJwWm1sallYUnBi

MjRnUVhWMGFHOXlhWFI1TVNRd0lnWURWUVFMREJ0SlUxUWdRMlZ5ZEdsbWFXTmhkR2x2YmlCQmRY

Um9iM0pwZEhreEV6QVJCZ05WQkFvTUNrRndjR3hsSUVsdVl5NHhDekFKQmdOVkJBWVRBbFZUTUI0

WERURTJNVEV3T1RJeU16RXlPVm9YRFRFNE1URXdPVEl5TXpFeU9Wb3dWREVpTUNBR0ExVUVBd3da

YzNOdmMyRnRiSE5wWjI0dGRXRjBMbUZ3Y0d4bExtTnZiVEVNTUFvR0ExVUVDd3dEU1ZOVU1STXdF

UVlEVlFRS0RBcEJjSEJzWlNCSmJtTXVNUXN3Q1FZRFZRUUdFd0pWVXpDQ0FTSXdEUVlKS29aSWh2

Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTlcrbVBEUURuZ3RGSUpuLzJiemZVRDB6QnYzQ3Qy

eUwrS1pkNXNBMFVVK2ErZ0Zwd3lVbEg4UkR3U05tZHRuV0U0bzM0UXFYWkFndTZsTHpNbHduL25I

TUJSWitsdWRqQllTbU9USDRjNXc2ekxrRnBjMEpHMzNBQ00zOHBKbGhxczlTYWZ0VlZoUUtXNFlX

cW5LZnp6ZWpYZERwTTRJZVEvMzdMWG5FbG8ydTBFeUthekdRL1o0RzVoTXBhTnR4SHRpbFl2VVhL

cVh0ZWJ1ak9CZHBqNGhqRllYVXAwYnVoSlpHNHNLWk52MzRyZm4zZGJGcHVkOUhvYWpONEs0M25j

dmpCNmdyMkg4bnRqZHUydmlkNUZBeTJlQnM3TnhIOXY5TW9jYXdWVDJqN2tXOEFWSGh1aXFuMk4x

SG5lRkFlM1oySFFBMFlicXlYelJFc3N4WDkwQ0F3RUFBYU9CcmpDQnF6QkxCZ2dyQmdFRkJRY0JB

UVEvTUQwd093WUlLd1lCQlFVSE1BR0dMMmgwZEhBNkx5OXZZM053TFhWaGRDNWpiM0p3TG1Gd2NH

eGxMbU52YlM5dlkzTndNRE10YzNOdllYVjBhREF4TUIwR0ExVWREZ1FXQkJRNFBPVlJqb20wTFZD

K0piNHZqTWg5Q0hHTTNEQU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZBU01rK2pQ

VlphY1UxSFlIZ3B6aWRkaWpkWTVNQTRHQTFVZER3RUIvd1FFQXdJSGdEQU5CZ2txaGtpRzl3MEJB

UXNGQUFPQ0FRRUFHZXE3TXdpaldzczBRSjkwanRNRUhrU2dHS3p3SWFJR2FPQ096NmVUT0lpaGNw

cGhYRENjbTlKSXdPa3FWYnE3dnhRSFRlQVFmdkhNRFdPYVpJOS9MNnk3QzIzYnUvcU56aC9xQ0Vl

M3dEbmZFall1dEJVRElRMUI5Tk8vME54UjVoQ3JobndyZS8vcStIMEZRMDlldWVGNzRwbjNsaXl6

eUFQUURDanFEZmd6K2tyN0NURCtuYWJ0bHJOVWFrNVVyNjd1UXFucFZkZVhvN1dZTWRRZStmTm5j

TURjYXpsd3RWcGo2Wm54UUptL2NFM3dCTnlySG8vS3J2NFd0Mnl5RllYK0lkTXhXSnVaSERySWFa

VzczeDNXY1NsTUluY1hCSUxLNzBRTGFkY1h4TnB6aThPTUZ4ci9wbXkvRWhFUTNWZDloclZsdUtF

MFJ3NHBSK2tVNEE9PTwvWDUwOUNlcnRpZmljYXRlPjwvWDUwOURhdGE+PC9LZXlJbmZvPjwvU2ln

bmF0dXJlPgogICAgPHNhbWxwOlN0YXR1cyB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRj

OlNBTUw6Mi4wOnByb3RvY29sIj4KICAgICAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJu

Om9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+CiAgICA8L3NhbWxwOlN0

YXR1cz4KICAgIDxzYW1sMjpFbmNyeXB0ZWRBc3NlcnRpb24geG1sbnM6c2FtbDI9InVybjpvYXNp

czpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPgogICAgICAgIDx4ZW5jOkVuY3J5cHRlZERh

dGEgSWQ9Il82MDRlNGJhMDk3YjBjYTQ0YmEzMjc4MmQyNGIyOTlhMSIgVHlwZT0iaHR0cDovL3d3

dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVudCIgeG1sbnM6eGVuYz0iaHR0cDovL3d3dy53

My5vcmcvMjAwMS8wNC94bWxlbmMjIj4KICAgICAgICAgICAgPHhlbmM6RW5jcnlwdGlvbk1ldGhv

ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI2FlczEyOC1jYmMi

IHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIvPgogICAgICAg

ICAgICA8ZHM6S2V5SW5mbyB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxk

c2lnIyI+CiAgICAgICAgICAgICAgICA8ZHM6UmV0cmlldmFsTWV0aG9kIFR5cGU9Imh0dHA6Ly93

d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI0VuY3J5cHRlZEtleSIgVVJJPSIjX2RlZTBjMjRiMjgz

OTRhNTAwYmUzNDYwYTEwZTIxOTk5Ii8+CiAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4KICAgICAg

ICAgICAgPHhlbmM6Q2lwaGVyRGF0YSB4bWxuczp4ZW5jPSJodHRwOi8vd3d3LnczLm9yZy8yMDAx

LzA0L3htbGVuYyMiPgogICAgICAgICAgICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+V1YyaE9aTkg5

Z3p6Z0tEUXM3RkpYbW1GaU1MUS9nWXozUVR4bmZTZmJpTmIyaEFSOS9BVnh5YXplTDVmMDRzbFFh

ZnNWM0VvZVZIRnhSdzZDbzBTUDc4SUxvSnNGb0k2M29kNFgyeXdOSW9LZFNlNHdoNUg2WEpFTnEy

eWE0S2c5NlZZaVowa3VqKzl6TkpvcFRLazNpa2tDWmNCSVJJQnRHN1RqNDZEN0FjZWZnSDFCRkNC

ckl6a0dweVVOazAzMDFrSVpMeEttdE40ZnFCbnM1bklvSG43aHhzYlRQTWhsMWdtTDk4KzdHZTE4

bUpObUowcmRPZVJLVllpZ2xIMU1aZ09lU2FUMkhCMXZPekYyM0xNN0pLai9FL1Z5VFBKL2M1MlJm

YnpUYnRhcC93L2RlL3E3ZkNpcHh5M0h5cVV2bzYyNFRkcXEwSGszaFdoYU92ZnhtTTczYjc3ck1G

aWtGWWVHTGRFaExlWEdWbEEyeWxMdGZ3QnlETFVOSFZpQ2E4MEFwWFJrRlQ2THRDZE4yMDN5N0d0

clNEMWpJN21MK3RVcXkzN1d5bUtxTW1ZNVdZS2UxTDFMZ1hTN1h2aVE2bXMrRE5QNitkeGc5TFQw

cUpFN2w4ZEpYeFEwbE9KbUxIT2Z1OUtSRUdQNFBaUXV0UUNhNG80QXZhN0FoN3YxZU15ei9ZQTZH

Nk9EZnhIeW1BQnd5bUF2UWdzclN2cVA3SWUrR2Y1ODYzZWYvTlpkZ09XRTBTd3YrUEdIMTEvS3Yr

MEQrWTE1eE5TR2hwWnJiY3hHbTA1aVZxUlc5cDBRZjRmbzRianlnVVFYVHRpTFN1YzJ6SXdTN0da

eHJJZjVkSURWVWIrT0I0czhQL3hoeDlGTFpXM0k3OUY4TWpLRkpYYldlMDFwYWhHNU0xYTVQTjEv

S0RuVHlYUlZ6MG42OHZ2YWNna2gyemFsNk5XTFI1MnpXaFpwLzF4bGFHTWVZaUE0MGprSnJadW1T

aERoeEZMQ0xqZytVNHdtMFowODhOZktYeTd1ZjIyUDlSZmxERGloT3FtT0tiUElpZklpdkwzV3hU

Q0hhK0RiK0VsZzVQbE9mYjdUVmY1SmpZV09TWlkwb3dWVksydnU4Ulc2eitDUndia1djemRnK3Z2

a2dqcEtyd3JRU1pTU1dINUV0TDV5Z2hXenJkdm5jS2JERm1KRTQ0am1lT2N2b3Z6M0RzZzUrYUVL

VW93Z1E1S2htRlBJaTZLcmtQK0RtTzE0V3IzdnVFSWJQUm9tS2dKQlpFak1SMUg2cTEyTWtyYTJZ

czlvNmJVcEx1ZnNHV2hSQWMrYzRXaWpwVlVUZjdxVTZtZjY2aXZ6Q2Iwd1l1SkxUdEE1R21iMXA2

TFpCajZCODBsM3MzeEZrcnZpNkNCYWJsUGZIdzNJYzNpbDVFN05QU3FsWHJvd0xVV2JNMHBpZU9z

MC9OVFpkNTdZUGZOOHkzTzIwTHpiWmE2bFZWa0hhSFUxZ1BtVEhGYU53cGlxOUhQZS9JNkphNXh5

SmVEeFRwOGNxVzl0azM2Y2kvajNqak5iaDdKNW8vQkV3YXZDRGxUNE1hT1lYMzJsWVdKYmk2bjVs

MnVLYmFMMUZmZ2dISVIwSTVoaXlZaE9Ndm9KRTNqTXZqdmprc3Fhc0ZHT3I4M3ZQZkFvMzUwMC9i

SFFTcDJRYnpzOW5TRDkvSDU0MVZQWnBWZHdBT3VjVFpCMVBQVnpqelB0QjdOazRqbWJTcm11MWJP

UjFJUUhJQ1BxalB4R3Uzb3RvSGNyWTdWM29TajVvRjVManFEcS9ZOE8yMXJUTGsrZ3Nrc2hsNG5j

M3JzTjdIaThCUU5oL1loVlBPSTRhT0tiYVZKMnJiM2RUdEdLWFNKZkFwaVFydCthMkN6ZU1pc090

ODFPKzJvNk5lNTkvS2ZyRCtibzNYZnR2d3JQVjA3TmJPQS9acWF1ZkJpSmNLVllacW9SdE0rS0Iw

MGNrekNhM2podGw5ZXQvZDRhUjRXNFYydXl3RTE4OGYycFcrUUxYai9XaWYyRXRrVDFFWjNIemhm

TlgzS3ozYzFtaG00TUZjRjdMK0RhZytaZXpSZEo1bExNTTV5R0p5QitEd3JtakppSjdlMjhDWjVY

QVpzY3pxVUlrNDFZR0w3OWp0MzlFYmd3aS9iQjFiMHdNUS9TU0R6Ymo4Y0VUN1BXT0lzU2MrSVZZ

L3FrZ1NPWHIxbG9SdEtEOE5DOVpHeVZWa0o4Ym9DSGJiL0xPR2RUOHRNc0crMnlxUXZKaVJMeGFB

cHlYaTZTbHppSkJkbTN3QndMaElmQnprdVFQcnZhdElRUjNVZnIrb0xvS0FPbnBqK0NIZDl1NFBs

bnBkVTh2RTFPZ0NlRXgrUzZWdFpBNG5keHV3VzJZWXpwKzlsRVlxUjZQcy9pQTUxZ1RiZ1I3M0cy

eHM5RWFEeDZiV1ZyaVJkM0ZZNnNDUHRvOTlFTzkrNHhFUFZvbEhxdWR4Z2tFUEdGalF0eHFUSDBp

U29JUFlRRGFOQXRYbDhDTjRvTUdxR2ZDNjBxdWJlWFE4YmlFVDZmN2NVR0czYkFJdEh1QXdDWUZl

eGx1RFVZRFhJcnVhbHZpcUZDdFRWNHhGdXpDbDNUL0ZEd1RjZ3lxTUxKUzZGMzJlU1RnR2E1anI3

M2RUakJnNlRUS21PdHFwa0t4R3hTMEZMQVhMRXE2dXZ6V0pZSUdmSDNoakRxcHB0M1lOVUVHMUU0

TXJwb1d6eTJueDBQeUF6aTRuaXJhekNtS3FqZ1EydW1iMURFNW5IZE82L1ordTFYcE5aUU54enUr

NElONFlqSTFKMnVPVy80dGVoYXpQUFp6ZkRVdWNDd0syY3RWdm1iS2U4N0FNVXdnek1GVjNYYTJx

bDJRM01INTJDc3pXVHQzWDd1eHRMaUFhNnM1UGlyWU5vN2prOTdDUFFUZzcwTStJR29KaTZCa3Bx

VDNrazVvbkdKMEVRZGpUaEhKUTNiTm05SWdMcTB1TWJZUkJCS1l5bXhNOE54SkxtMHMxY2hXNmE1

MlVWKzVDbnVOSzc5ekd1eE4vMWtJd3JpS09Nayt1Y0x6bU1DRER2OHF2Vjl2WmlrMWdLU1hOR3NV

OTVUZ28rcEY1WUROcTlpdnpWWVcvVjRrejdTTmJRaTB2OGVMaHFsNVBOaEd5bnlrRDhWL3IyRkQ3

dmxCd083eUdkNWZSWFdobjdFMzBkNmQrMzNUNzhlZHJTbGtXOGtxMS9UUEtTTGV4Z25DdjBFTFNp

NW5CaHQ0WW9DcnphUjAzQTE3dUFTSXhXbFhUd0FzL1lHMEFtaEFkMFR2V3BiWW9tNC9nRVFVMGRM

cmNINnM3Z1Y3MXNZSkliR3RTY2YveW9jQ2xqejJZRnc0eU44OFdWaUltNGlDV0xrcFJGd2lVMjk1

Vmc2N3Z3YUN6ay9vcnhiQjR5MDI1SjY5U2l6cCtxMnJOaEhCanlza2xDMktaV0ViY2lNSlovVXlP

dzRBcXVZRUxnZG9ENXhtS044V1Q0VTFLRlQrVGVTcGlSSnZ4cDRFMWx0djRCQVgyenR1SjYwbE41

Uk5QZFpUWXFHOGNhTzJHVkNIU2JGY2JKMnJXYkVydU8wRGRKU0JMNkE2NVJHelN3clhlOEM1b2pE

OUREazI1alJxMW9DK2VuOXFxVks0VWR2bC9BR0xZTHlWVWsrUFM3Nk1DM0VuWno5S1ZZVThtMGEy

c3hrU2RKdTl3ZlYxWnBWL1BWNEdNZEFITzhHTDBIUW1lblN2d0RmelBxY1JMUU0rT1JqTDA4MmFN

YUJmM1RSNFRpWGdLVG44eHBaZGwzWmcraXlzSXZDZlFtMzBLbXZ6WmdVSkxtQzRLcHFBeVNyV1cv

a2M0RkFSaEg3cXRYNnhPMVJEQmhHcW8xSVBEdHNrYVEwd2tSRm9PTnIwbG93aC9ZWUpKVDEwZXFT

Z1VEOHlLYTlWSzZrNTdTaHEzY0Myb3VCek5MOVpjQTRhMHJKeVRGU29wWTArS1NzQmR2eDJMdmZt

OGNKTEdJa0d0OHJWNXh1VnhNMmxRcVdiK0hlbnFxTjZwNjFnZjRqd0NkdFJnU1g4bzRvNWZicExm

TnBkTnl0S3VNMTJweUxybThyUFpIN3h5ZmhVMFgwTXRsZmVJbDJGRTRGRU9Id1ExRUs2akorNzY1

TFZWYUc3akFwYXVwZ3BSOTBVSVcrUTNqUlFBRXhBN05zT3B2aHBwbjZYaWVoRGhhbVlpU2tHdUZP

aUJQR2crNEZZd1E4QkFXd2YweVZ5aU9zbDZiMW9yby9ybURiQnRKY2ZGTXVpZ0cyQWVFb3UvOC9J

d1ZyMVJoVlZIN3oxcUVkSVlRNlBEVG0rWHRhejhhbjdpanRrSkNXTUxZTXpBYTdjUHdqa2JPSkJJ

YURxY2JXRm1Uc3JtT20rbi9LNXRwZkViY1RnUXJQYW9oRkE9PTwveGVuYzpDaXBoZXJWYWx1ZT4K

ICAgICAgICAgICAgPC94ZW5jOkNpcGhlckRhdGE+CiAgICAgICAgPC94ZW5jOkVuY3J5cHRlZERh

dGE+CiAgICAgICAgPHhlbmM6RW5jcnlwdGVkS2V5IElkPSJfZGVlMGMyNGIyODM5NGE1MDBiZTM0

NjBhMTBlMjE5OTkiIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5j

IyI+CiAgICAgICAgICAgIDx4ZW5jOkVuY3J5cHRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8v

d3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNyc2EtMV81IiB4bWxuczp4ZW5jPSJodHRwOi8vd3d3

LnczLm9yZy8yMDAxLzA0L3htbGVuYyMiLz4KICAgICAgICAgICAgPHhlbmM6Q2lwaGVyRGF0YSB4

bWxuczp4ZW5jPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyMiPgogICAgICAgICAg

ICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+QXRiQ3F5OHRHQm1LdTlBdkcvRUpRc3A4VWZOeENMbzdw

NXYxZktOTGZWMVFTbzFrMjJyY3JmRndleWdDbk9JeGx2S00rRVpyTXRIUHlsd2ZVdWt2cGRTUmVy

cUROUkZneThSVDUzTHlJci9abHhtNnJwTHN5L3YzUkhHVzJUb2FHMGlJRGw3Wk03NHM5NVBJRTFs

cE0xNzF2N1RHZGZiWW0rVXlUeFNIRzl3N2dkMGd6anlZWC9hYjl5OGpKYlY4ZFJxdzJnckdPdkQx

TWo5YVRhaVdoTlNvaG9KalBUSlBmV3BEV2pmaXRzMFJwQ1lSRWlQazJvVTBodGZGZDlMOUJpMXo2

aFVwS0hQRWJpWlI1amZBSHh2K0gzclV3SGxQUFFGNW8vanN5bG45UENvUWlQaWVJWnNkSGhYQkY1

Z3VheXc0OGh6Y1lpKytXL2dxcTRseXlnPT08L3hlbmM6Q2lwaGVyVmFsdWU+CiAgICAgICAgICAg

IDwveGVuYzpDaXBoZXJEYXRhPgogICAgICAgICAgICA8eGVuYzpSZWZlcmVuY2VMaXN0PgogICAg

ICAgICAgICAgICAgPHhlbmM6RGF0YVJlZmVyZW5jZSBVUkk9IiNfNjA0ZTRiYTA5N2IwY2E0NGJh

MzI3ODJkMjRiMjk5YTEiLz4KICAgICAgICAgICAgPC94ZW5jOlJlZmVyZW5jZUxpc3Q+CiAgICAg

ICAgPC94ZW5jOkVuY3J5cHRlZEtleT4KICAgIDwvc2FtbDI6RW5jcnlwdGVkQXNzZXJ0aW9uPgo8

L3NhbWxwOlJlc3BvbnNlPg==

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: The decoded base-64 string is: <samlp:Response Destination=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” ID=“A6d6c7624-ec4f-4233-8dcf-f84d2f1b3c06” InResponseTo=“_31fb25fd-d063-457a-9686-2ef53470cd2f” IssueInstant=“2017-09-06T14:50:27.000Z” Version=“2.0” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>

<saml:Issuer Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity” xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>uatSSO</saml:Issuer>

</Transforms>

<DigestValue>uP9jmBYWeqOOKK+0eQUJow/Wpo00aUl3W8ieXMaklck=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>sH+c9bgTDe2JgMe9ap6yoUgGYpVguF+Msu7w+zshjhld7MXWaMlhrB05v+ap9vmxiMaffkTYS0rAyqWmuYB5fvyMlQs0wlwamDub/dpf/pqlYeUfdnIsEEFdKtICRQCNQwf+g91ypStZ427PScMkNAh8ihjHoRv6UjRrvbmnQf/YwMkK2R8qXOXXTHMGwvBXU6u0o/L6XTKNAMWh5ey/U4GqBzCVW/JvT2WRewn0mnLFNx9V6jrrEKbas8wuyRDCaaUnkMtxjiLxsz4sYeCKniXuxoji2m/kDz5/ujeTnWKDDMjlOyLtUPVHnGXaBOqI4kU/HIZdq8Wr797DLbYS6g==</SignatureValue>

<X509Certificate>MIIEAjCCAuqgAwIBAgIIblDWXkD/6ywwDQYJKoZIhvcNAQELBQAwfTEzMDEGA1UEAwwqVGVzdCBTU08gQXV0aCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQLDBtJU1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE2MTEwOTIyMzEyOVoXDTE4MTEwOTIyMzEyOVowVDEiMCAGA1UEAwwZc3Nvc2FtbHNpZ24tdWF0LmFwcGxlLmNvbTEMMAoGA1UECwwDSVNUMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANW+mPDQDngtFIJn/2bzfUD0zBv3Ct2yL+KZd5sA0UU+a+gFpwyUlH8RDwSNmdtnWE4o34QqXZAgu6lLzMlwn/nHMBRZ+ludjBYSmOTH4c5w6zLkFpc0JG33ACM38pJlhqs9SaftVVhQKW4YWqnKfzzejXdDpM4IeQ/37LXnElo2u0EyKazGQ/Z4G5hMpaNtxHtilYvUXKqXtebujOBdpj4hjFYXUp0buhJZG4sKZNv34rfn3dbFpud9HoajN4K43ncvjB6gr2H8ntjdu2vid5FAy2eBs7NxH9v9MocawVT2j7kW8AVHhuiqn2N1HneFAe3Z2HQA0YbqyXzREssxX90CAwEAAaOBrjCBqzBLBggrBgEFBQcBAQQ/MD0wOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwLXVhdC5jb3JwLmFwcGxlLmNvbS9vY3NwMDMtc3NvYXV0aDAxMB0GA1UdDgQWBBQ4POVRjom0LVC+Jb4vjMh9CHGM3DAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFASMk+jPVZacU1HYHgpziddijdY5MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAGeq7MwijWss0QJ90jtMEHkSgGKzwIaIGaOCOz6eTOIihcpphXDCcm9JIwOkqVbq7vxQHTeAQfvHMDWOaZI9/L6y7C23bu/qNzh/qCEe3wDnfEjYutBUDIQ1B9NO/0NxR5hCrhnwre//q+H0FQ09eueF74pn3liyzyAPQDCjqDfgz+kr7CTD+nabtlrNUak5Ur67uQqnpVdeXo7WYMdQe+fNncMDcazlwtVpj6ZnxQJm/cE3wBNyrHo/Krv4Wt2yyFYX+IdMxWJuZHDrIaZW73x3WcSlMIncXBILK70QLadcXxNpzi8OMFxr/pmy/EhEQ3Vd9hrVluKE0Rw4pR+kU4A==</X509Certificate>

</X509Data>

</KeyInfo>

</Signature>

<samlp:Status xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<samlp:StatusCode Value=“urn:oasis:names:tc:SAML:2.0:status:Success”/>

</samlp:Status>

<saml2:EncryptedAssertion xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>

<xenc:EncryptedData Id=“_604e4ba097b0ca44ba32782d24b299a1” Type=“http://www.w3.org/2001/04/xmlenc#Element” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#aes128-cbc” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”/>

<ds:KeyInfo xmlns:ds=“http://www.w3.org/2000/09/xmldsig#”>

<ds:RetrievalMethod Type=“http://www.w3.org/2001/04/xmlenc#EncryptedKey” URI=“#_dee0c24b28394a500be3460a10e21999”/>

</ds:KeyInfo>

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>WV2hOZNH9gzzgKDQs7FJXmmFiMLQ/gYz3QTxnfSfbiNb2hAR9/AVxyazeL5f04slQafsV3EoeVHFxRw6Co0SP78ILoJsFoI63od4X2ywNIoKdSe4wh5H6XJENq2ya4Kg96VYiZ0kuj+9zNJopTKk3ikkCZcBIRIBtG7Tj46D7AcefgH1BFCBrIzkGpyUNk0301kIZLxKmtN4fqBns5nIoHn7hxsbTPMhl1gmL98+7Ge18mJNmJ0rdOeRKVYiglH1MZgOeSaT2HB1vOzF23LM7JKj/E/VyTPJ/c52RfbzTbtap/w/de/q7fCipxy3HyqUvo624Tdqq0Hk3hWhaOvfxmM73b77rMFikFYeGLdEhLeXGVlA2ylLtfwByDLUNHViCa80ApXRkFT6LtCdN203y7GtrSD1jI7mL+tUqy37WymKqMmY5WYKe1L1LgXS7XviQ6ms+DNP6+dxg9LT0qJE7l8dJXxQ0lOJmLHOfu9KREGP4PZQutQCa4o4Ava7Ah7v1eMyz/YA6G6ODfxHymABwymAvQgsrSvqP7Ie+Gf5863ef/NZdgOWE0Swv+PGH11/Kv+0D+Y15xNSGhpZrbcxGm05iVqRW9p0Qf4fo4bjygUQXTtiLSuc2zIwS7GZxrIf5dIDVUb+OB4s8P/xhx9FLZW3I79F8MjKFJXbWe01pahG5M1a5PN1/KDnTyXRVz0n68vvacgkh2zal6NWLR52zWhZp/1xlaGMeYiA40jkJrZumShDhxFLCLjg+U4wm0Z088NfKXy7uf22P9RflDDihOqmOKbPIifIivL3WxTCHa+Db+Elg5PlOfb7TVf5JjYWOSZY0owVVK2vu8RW6z+CRwbkWczdg+vvkgjpKrwrQSZSSWH5EtL5yghWzrdvncKbDFmJE44jmeOcvovz3Dsg5+aEKUowgQ5KhmFPIi6KrkP+DmO14Wr3vuEIbPRomKgJBZEjMR1H6q12Mkra2Ys9o6bUpLufsGWhRAc+c4WijpVUTf7qU6mf66ivzCb0wYuJLTtA5Gmb1p6LZBj6B80l3s3xFkrvi6CBablPfHw3Ic3il5E7NPSqlXrowLUWbM0pieOs0/NTZd57YPfN8y3O20LzbZa6lVVkHaHU1gPmTHFaNwpiq9HPe/I6Ja5xyJeDxTp8cqW9tk36ci/j3jjNbh7J5o/BEwavCDlT4MaOYX32lYWJbi6n5l2uKbaL1FfggHIR0I5hiyYhOMvoJE3jMvjvjksqasFGOr83vPfAo3500/bHQSp2Qbzs9nSD9/H541VPZpVdwAOucTZB1PPVzjzPtB7Nk4jmbSrmu1bOR1IQHICPqjPxGu3otoHcrY7V3oSj5oF5LjqDq/Y8O21rTLk+gskshl4nc3rsN7Hi8BQNh/YhVPOI4aOKbaVJ2rb3dTtGKXSJfApiQrt+a2CzeMisOt81O+2o6Ne59/KfrD+bo3XftvwrPV07NbOA/ZqaufBiJcKVYZqoRtM+KB00ckzCa3jhtl9et/d4aR4W4V2uywE188f2pW+QLXj/Wif2EtkT1EZ3HzhfNX3Kz3c1mhm4MFcF7L+Dag+ZezRdJ5lLMM5yGJyB+DwrmjJiJ7e28CZ5XAZsczqUIk41YGL79jt39Ebgwi/bB1b0wMQ/SSDzbj8cET7PWOIsSc+IVY/qkgSOXr1loRtKD8NC9ZGyVVkJ8boCHbb/LOGdT8tMsG+2yqQvJiRLxaApyXi6SlziJBdm3wBwLhIfBzkuQPrvatIQR3Ufr+oLoKAOnpj+CHd9u4PlnpdU8vE1OgCeEx+S6VtZA4ndxuwW2YYzp+9lEYqR6Ps/iA51gTbgR73G2xs9EaDx6bWVriRd3FY6sCPto99EO9+4xEPVolHqudxgkEPGFjQtxqTH0iSoIPYQDaNAtXl8CN4oMGqGfC60qubeXQ8biET6f7cUGG3bAItHuAwCYFexluDUYDXIrualviqFCtTV4xFuzCl3T/FDwTcgyqMLJS6F32eSTgGa5jr73dTjBg6TTKmOtqpkKxGxS0FLAXLEq6uvzWJYIGfH3hjDqppt3YNUEG1E4MrpoWzy2nx0PyAzi4nirazCmKqjgQ2umb1DE5nHdO6/Z+u1XpNZQNxzu+4IN4YjI1J2uOW/4tehazPPZzfDUucCwK2ctVvmbKe87AMUwgzMFV3Xa2ql2Q3MH52CszWTt3X7uxtLiAa6s5PirYNo7jk97CPQTg70M+IGoJi6BkpqT3kk5onGJ0EQdjThHJQ3bNm9IgLq0uMbYRBBKYymxM8NxJLm0s1chW6a52UV+5CnuNK79zGuxN/1kIwriKOMk+ucLzmMCDDv8qvV9vZik1gKSXNGsU95Tgo+pF5YDNq9ivzVYW/V4kz7SNbQi0v8eLhql5PNhGynykD8V/r2FD7vlBwO7yGd5fRXWhn7E30d6d+33T78edrSlkW8kq1/TPKSLexgnCv0ELSi5nBht4YoCrzaR03A17uASIxWlXTwAs/YG0AmhAd0TvWpbYom4/gEQU0dLrcH6s7gV71sYJIbGtScf/yocCljz2YFw4yN88WViIm4iCWLkpRFwiU295Vg67vwaCzk/orxbB4y025J69Sizp+q2rNhHBjysklC2KZWEbciMJZ/UyOw4AquYELgdoD5xmKN8WT4U1KFT+TeSpiRJvxp4E1ltv4BAX2ztuJ60lN5RNPdZTYqG8caO2GVCHSbFcbJ2rWbEruO0DdJSBL6A65RGzSwrXe8C5ojD9DDk25jRq1oC+en9qqVK4Udvl/AGLYLyVUk+PS76MC3EnZz9KVYU8m0a2sxkSdJu9wfV1ZpV/PV4GMdAHO8GL0HQmenSvwDfzPqcRLQM+ORjL082aMaBf3TR4TiXgKTn8xpZdl3Zg+iysIvCfQm30KmvzZgUJLmC4KpqAySrWW/kc4FARhH7qtX6xO1RDBhGqo1IPDtskaQ0wkRFoONr0lowh/YYJJT10eqSgUD8yKa9VK6k57Shq3cC2ouBzNL9ZcA4a0rJyTFSopY0+KSsBdvx2Lvfm8cJLGIkGt8rV5xuVxM2lQqWb+HenqqN6p61gf4jwCdtRgSX8o4o5fbpLfNpdNytKuM12pyLrm8rPZH7xyfhU0X0MtlfeIl2FE4FEOHwQ1EK6jJ+765LVVaG7jApaupgpR90UIW+Q3jRQAExA7NsOpvhppn6XiehDhamYiSkGuFOiBPGg+4FYwQ8BAWwf0yVyiOsl6b1oro/rmDbBtJcfFMuigG2AeEou/8/IwVr1RhVVH7z1qEdIYQ6PDTm+Xtaz8an7ijtkJCWMLYMzAa7cPwjkbOJBIaDqcbWFmTsrmOm+n/K5tpfEbcTgQrPaohFA==</xenc:CipherValue>

</xenc:CipherData>

</xenc:EncryptedData>

<xenc:EncryptedKey Id=“_dee0c24b28394a500be3460a10e21999” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#rsa-1_5” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”/>

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>AtbCqy8tGBmKu9AvG/EJQsp8UfNxCLo7p5v1fKNLfV1QSo1k22rcrfFweygCnOIxlvKM+EZrMtHPylwfUukvpdSRerqDNRFgy8RT53LyIr/Zlxm6rpLsy/v3RHGW2ToaG0iIDl7ZM74s95PIE1lpM171v7TGdfbYm+UyTxSHG9w7gd0gzjyYX/ab9y8jJbV8dRqw2grGOvD1Mj9aTaiWhNSohoJjPTJPfWpDWjfits0RpCYREiPk2oU0htfFd9L9Bi1z6hUpKHPEbiZR5jfAHxv+H3rUwHlPPQF5o/jsyln9PCoQiPieIZsdHhXBF5guayw48hzcYi++W/gqq4lyyg==</xenc:CipherValue>

</xenc:CipherData>

<xenc:ReferenceList>

<xenc:DataReference URI=“#_604e4ba097b0ca44ba32782d24b299a1”/>

</xenc:ReferenceList>

</xenc:EncryptedKey>

</saml2:EncryptedAssertion>

</samlp:Response>

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Received SAML message: <samlp:Response Destination=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” ID=“A6d6c7624-ec4f-4233-8dcf-f84d2f1b3c06” InResponseTo=“_31fb25fd-d063-457a-9686-2ef53470cd2f” IssueInstant=“2017-09-06T14:50:27.000Z” Version=“2.0” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>

<saml:Issuer Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity” xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>uatSSO</saml:Issuer>

</Transforms>

<DigestValue>uP9jmBYWeqOOKK+0eQUJow/Wpo00aUl3W8ieXMaklck=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>sH+c9bgTDe2JgMe9ap6yoUgGYpVguF+Msu7w+zshjhld7MXWaMlhrB05v+ap9vmxiMaffkTYS0rAyqWmuYB5fvyMlQs0wlwamDub/dpf/pqlYeUfdnIsEEFdKtICRQCNQwf+g91ypStZ427PScMkNAh8ihjHoRv6UjRrvbmnQf/YwMkK2R8qXOXXTHMGwvBXU6u0o/L6XTKNAMWh5ey/U4GqBzCVW/JvT2WRewn0mnLFNx9V6jrrEKbas8wuyRDCaaUnkMtxjiLxsz4sYeCKniXuxoji2m/kDz5/ujeTnWKDDMjlOyLtUPVHnGXaBOqI4kU/HIZdq8Wr797DLbYS6g==</SignatureValue>

<X509Certificate>MIIEAjCCAuqgAwIBAgIIblDWXkD/6ywwDQYJKoZIhvcNAQELBQAwfTEzMDEGA1UEAwwqVGVzdCBTU08gQXV0aCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQLDBtJU1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE2MTEwOTIyMzEyOVoXDTE4MTEwOTIyMzEyOVowVDEiMCAGA1UEAwwZc3Nvc2FtbHNpZ24tdWF0LmFwcGxlLmNvbTEMMAoGA1UECwwDSVNUMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANW+mPDQDngtFIJn/2bzfUD0zBv3Ct2yL+KZd5sA0UU+a+gFpwyUlH8RDwSNmdtnWE4o34QqXZAgu6lLzMlwn/nHMBRZ+ludjBYSmOTH4c5w6zLkFpc0JG33ACM38pJlhqs9SaftVVhQKW4YWqnKfzzejXdDpM4IeQ/37LXnElo2u0EyKazGQ/Z4G5hMpaNtxHtilYvUXKqXtebujOBdpj4hjFYXUp0buhJZG4sKZNv34rfn3dbFpud9HoajN4K43ncvjB6gr2H8ntjdu2vid5FAy2eBs7NxH9v9MocawVT2j7kW8AVHhuiqn2N1HneFAe3Z2HQA0YbqyXzREssxX90CAwEAAaOBrjCBqzBLBggrBgEFBQcBAQQ/MD0wOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwLXVhdC5jb3JwLmFwcGxlLmNvbS9vY3NwMDMtc3NvYXV0aDAxMB0GA1UdDgQWBBQ4POVRjom0LVC+Jb4vjMh9CHGM3DAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFASMk+jPVZacU1HYHgpziddijdY5MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAGeq7MwijWss0QJ90jtMEHkSgGKzwIaIGaOCOz6eTOIihcpphXDCcm9JIwOkqVbq7vxQHTeAQfvHMDWOaZI9/L6y7C23bu/qNzh/qCEe3wDnfEjYutBUDIQ1B9NO/0NxR5hCrhnwre//q+H0FQ09eueF74pn3liyzyAPQDCjqDfgz+kr7CTD+nabtlrNUak5Ur67uQqnpVdeXo7WYMdQe+fNncMDcazlwtVpj6ZnxQJm/cE3wBNyrHo/Krv4Wt2yyFYX+IdMxWJuZHDrIaZW73x3WcSlMIncXBILK70QLadcXxNpzi8OMFxr/pmy/EhEQ3Vd9hrVluKE0Rw4pR+kU4A==</X509Certificate>

</X509Data>

</KeyInfo>

</Signature>

<samlp:Status xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<samlp:StatusCode Value=“urn:oasis:names:tc:SAML:2.0:status:Success” />

</samlp:Status>

<saml2:EncryptedAssertion xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>

<xenc:EncryptedData Id=“_604e4ba097b0ca44ba32782d24b299a1” Type=“http://www.w3.org/2001/04/xmlenc#Element” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#aes128-cbc” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<ds:KeyInfo xmlns:ds=“http://www.w3.org/2000/09/xmldsig#”>

<ds:RetrievalMethod Type=“http://www.w3.org/2001/04/xmlenc#EncryptedKey” URI=“#_dee0c24b28394a500be3460a10e21999” />

</ds:KeyInfo>

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>WV2hOZNH9gzzgKDQs7FJXmmFiMLQ/gYz3QTxnfSfbiNb2hAR9/AVxyazeL5f04slQafsV3EoeVHFxRw6Co0SP78ILoJsFoI63od4X2ywNIoKdSe4wh5H6XJENq2ya4Kg96VYiZ0kuj+9zNJopTKk3ikkCZcBIRIBtG7Tj46D7AcefgH1BFCBrIzkGpyUNk0301kIZLxKmtN4fqBns5nIoHn7hxsbTPMhl1gmL98+7Ge18mJNmJ0rdOeRKVYiglH1MZgOeSaT2HB1vOzF23LM7JKj/E/VyTPJ/c52RfbzTbtap/w/de/q7fCipxy3HyqUvo624Tdqq0Hk3hWhaOvfxmM73b77rMFikFYeGLdEhLeXGVlA2ylLtfwByDLUNHViCa80ApXRkFT6LtCdN203y7GtrSD1jI7mL+tUqy37WymKqMmY5WYKe1L1LgXS7XviQ6ms+DNP6+dxg9LT0qJE7l8dJXxQ0lOJmLHOfu9KREGP4PZQutQCa4o4Ava7Ah7v1eMyz/YA6G6ODfxHymABwymAvQgsrSvqP7Ie+Gf5863ef/NZdgOWE0Swv+PGH11/Kv+0D+Y15xNSGhpZrbcxGm05iVqRW9p0Qf4fo4bjygUQXTtiLSuc2zIwS7GZxrIf5dIDVUb+OB4s8P/xhx9FLZW3I79F8MjKFJXbWe01pahG5M1a5PN1/KDnTyXRVz0n68vvacgkh2zal6NWLR52zWhZp/1xlaGMeYiA40jkJrZumShDhxFLCLjg+U4wm0Z088NfKXy7uf22P9RflDDihOqmOKbPIifIivL3WxTCHa+Db+Elg5PlOfb7TVf5JjYWOSZY0owVVK2vu8RW6z+CRwbkWczdg+vvkgjpKrwrQSZSSWH5EtL5yghWzrdvncKbDFmJE44jmeOcvovz3Dsg5+aEKUowgQ5KhmFPIi6KrkP+DmO14Wr3vuEIbPRomKgJBZEjMR1H6q12Mkra2Ys9o6bUpLufsGWhRAc+c4WijpVUTf7qU6mf66ivzCb0wYuJLTtA5Gmb1p6LZBj6B80l3s3xFkrvi6CBablPfHw3Ic3il5E7NPSqlXrowLUWbM0pieOs0/NTZd57YPfN8y3O20LzbZa6lVVkHaHU1gPmTHFaNwpiq9HPe/I6Ja5xyJeDxTp8cqW9tk36ci/j3jjNbh7J5o/BEwavCDlT4MaOYX32lYWJbi6n5l2uKbaL1FfggHIR0I5hiyYhOMvoJE3jMvjvjksqasFGOr83vPfAo3500/bHQSp2Qbzs9nSD9/H541VPZpVdwAOucTZB1PPVzjzPtB7Nk4jmbSrmu1bOR1IQHICPqjPxGu3otoHcrY7V3oSj5oF5LjqDq/Y8O21rTLk+gskshl4nc3rsN7Hi8BQNh/YhVPOI4aOKbaVJ2rb3dTtGKXSJfApiQrt+a2CzeMisOt81O+2o6Ne59/KfrD+bo3XftvwrPV07NbOA/ZqaufBiJcKVYZqoRtM+KB00ckzCa3jhtl9et/d4aR4W4V2uywE188f2pW+QLXj/Wif2EtkT1EZ3HzhfNX3Kz3c1mhm4MFcF7L+Dag+ZezRdJ5lLMM5yGJyB+DwrmjJiJ7e28CZ5XAZsczqUIk41YGL79jt39Ebgwi/bB1b0wMQ/SSDzbj8cET7PWOIsSc+IVY/qkgSOXr1loRtKD8NC9ZGyVVkJ8boCHbb/LOGdT8tMsG+2yqQvJiRLxaApyXi6SlziJBdm3wBwLhIfBzkuQPrvatIQR3Ufr+oLoKAOnpj+CHd9u4PlnpdU8vE1OgCeEx+S6VtZA4ndxuwW2YYzp+9lEYqR6Ps/iA51gTbgR73G2xs9EaDx6bWVriRd3FY6sCPto99EO9+4xEPVolHqudxgkEPGFjQtxqTH0iSoIPYQDaNAtXl8CN4oMGqGfC60qubeXQ8biET6f7cUGG3bAItHuAwCYFexluDUYDXIrualviqFCtTV4xFuzCl3T/FDwTcgyqMLJS6F32eSTgGa5jr73dTjBg6TTKmOtqpkKxGxS0FLAXLEq6uvzWJYIGfH3hjDqppt3YNUEG1E4MrpoWzy2nx0PyAzi4nirazCmKqjgQ2umb1DE5nHdO6/Z+u1XpNZQNxzu+4IN4YjI1J2uOW/4tehazPPZzfDUucCwK2ctVvmbKe87AMUwgzMFV3Xa2ql2Q3MH52CszWTt3X7uxtLiAa6s5PirYNo7jk97CPQTg70M+IGoJi6BkpqT3kk5onGJ0EQdjThHJQ3bNm9IgLq0uMbYRBBKYymxM8NxJLm0s1chW6a52UV+5CnuNK79zGuxN/1kIwriKOMk+ucLzmMCDDv8qvV9vZik1gKSXNGsU95Tgo+pF5YDNq9ivzVYW/V4kz7SNbQi0v8eLhql5PNhGynykD8V/r2FD7vlBwO7yGd5fRXWhn7E30d6d+33T78edrSlkW8kq1/TPKSLexgnCv0ELSi5nBht4YoCrzaR03A17uASIxWlXTwAs/YG0AmhAd0TvWpbYom4/gEQU0dLrcH6s7gV71sYJIbGtScf/yocCljz2YFw4yN88WViIm4iCWLkpRFwiU295Vg67vwaCzk/orxbB4y025J69Sizp+q2rNhHBjysklC2KZWEbciMJZ/UyOw4AquYELgdoD5xmKN8WT4U1KFT+TeSpiRJvxp4E1ltv4BAX2ztuJ60lN5RNPdZTYqG8caO2GVCHSbFcbJ2rWbEruO0DdJSBL6A65RGzSwrXe8C5ojD9DDk25jRq1oC+en9qqVK4Udvl/AGLYLyVUk+PS76MC3EnZz9KVYU8m0a2sxkSdJu9wfV1ZpV/PV4GMdAHO8GL0HQmenSvwDfzPqcRLQM+ORjL082aMaBf3TR4TiXgKTn8xpZdl3Zg+iysIvCfQm30KmvzZgUJLmC4KpqAySrWW/kc4FARhH7qtX6xO1RDBhGqo1IPDtskaQ0wkRFoONr0lowh/YYJJT10eqSgUD8yKa9VK6k57Shq3cC2ouBzNL9ZcA4a0rJyTFSopY0+KSsBdvx2Lvfm8cJLGIkGt8rV5xuVxM2lQqWb+HenqqN6p61gf4jwCdtRgSX8o4o5fbpLfNpdNytKuM12pyLrm8rPZH7xyfhU0X0MtlfeIl2FE4FEOHwQ1EK6jJ+765LVVaG7jApaupgpR90UIW+Q3jRQAExA7NsOpvhppn6XiehDhamYiSkGuFOiBPGg+4FYwQ8BAWwf0yVyiOsl6b1oro/rmDbBtJcfFMuigG2AeEou/8/IwVr1RhVVH7z1qEdIYQ6PDTm+Xtaz8an7ijtkJCWMLYMzAa7cPwjkbOJBIaDqcbWFmTsrmOm+n/K5tpfEbcTgQrPaohFA==</xenc:CipherValue>

</xenc:CipherData>

</xenc:EncryptedData>

<xenc:EncryptedKey Id=“_dee0c24b28394a500be3460a10e21999” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#rsa-1_5” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>AtbCqy8tGBmKu9AvG/EJQsp8UfNxCLo7p5v1fKNLfV1QSo1k22rcrfFweygCnOIxlvKM+EZrMtHPylwfUukvpdSRerqDNRFgy8RT53LyIr/Zlxm6rpLsy/v3RHGW2ToaG0iIDl7ZM74s95PIE1lpM171v7TGdfbYm+UyTxSHG9w7gd0gzjyYX/ab9y8jJbV8dRqw2grGOvD1Mj9aTaiWhNSohoJjPTJPfWpDWjfits0RpCYREiPk2oU0htfFd9L9Bi1z6hUpKHPEbiZR5jfAHxv+H3rUwHlPPQF5o/jsyln9PCoQiPieIZsdHhXBF5guayw48hzcYi++W/gqq4lyyg==</xenc:CipherValue>

</xenc:CipherData>

<xenc:ReferenceList>

<xenc:DataReference URI=“#_604e4ba097b0ca44ba32782d24b299a1” />

</xenc:ReferenceList>

</xenc:EncryptedKey>

</saml2:EncryptedAssertion>

</samlp:Response>

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Received response over HTTP POST, samlMessage=<samlp:Response Destination=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” ID=“A6d6c7624-ec4f-4233-8dcf-f84d2f1b3c06” InResponseTo=“_31fb25fd-d063-457a-9686-2ef53470cd2f” IssueInstant=“2017-09-06T14:50:27.000Z” Version=“2.0” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>

<saml:Issuer Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity” xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>uatSSO</saml:Issuer>

</Transforms>

<DigestValue>uP9jmBYWeqOOKK+0eQUJow/Wpo00aUl3W8ieXMaklck=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>sH+c9bgTDe2JgMe9ap6yoUgGYpVguF+Msu7w+zshjhld7MXWaMlhrB05v+ap9vmxiMaffkTYS0rAyqWmuYB5fvyMlQs0wlwamDub/dpf/pqlYeUfdnIsEEFdKtICRQCNQwf+g91ypStZ427PScMkNAh8ihjHoRv6UjRrvbmnQf/YwMkK2R8qXOXXTHMGwvBXU6u0o/L6XTKNAMWh5ey/U4GqBzCVW/JvT2WRewn0mnLFNx9V6jrrEKbas8wuyRDCaaUnkMtxjiLxsz4sYeCKniXuxoji2m/kDz5/ujeTnWKDDMjlOyLtUPVHnGXaBOqI4kU/HIZdq8Wr797DLbYS6g==</SignatureValue>

<X509Certificate>MIIEAjCCAuqgAwIBAgIIblDWXkD/6ywwDQYJKoZIhvcNAQELBQAwfTEzMDEGA1UEAwwqVGVzdCBTU08gQXV0aCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQLDBtJU1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE2MTEwOTIyMzEyOVoXDTE4MTEwOTIyMzEyOVowVDEiMCAGA1UEAwwZc3Nvc2FtbHNpZ24tdWF0LmFwcGxlLmNvbTEMMAoGA1UECwwDSVNUMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANW+mPDQDngtFIJn/2bzfUD0zBv3Ct2yL+KZd5sA0UU+a+gFpwyUlH8RDwSNmdtnWE4o34QqXZAgu6lLzMlwn/nHMBRZ+ludjBYSmOTH4c5w6zLkFpc0JG33ACM38pJlhqs9SaftVVhQKW4YWqnKfzzejXdDpM4IeQ/37LXnElo2u0EyKazGQ/Z4G5hMpaNtxHtilYvUXKqXtebujOBdpj4hjFYXUp0buhJZG4sKZNv34rfn3dbFpud9HoajN4K43ncvjB6gr2H8ntjdu2vid5FAy2eBs7NxH9v9MocawVT2j7kW8AVHhuiqn2N1HneFAe3Z2HQA0YbqyXzREssxX90CAwEAAaOBrjCBqzBLBggrBgEFBQcBAQQ/MD0wOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwLXVhdC5jb3JwLmFwcGxlLmNvbS9vY3NwMDMtc3NvYXV0aDAxMB0GA1UdDgQWBBQ4POVRjom0LVC+Jb4vjMh9CHGM3DAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFASMk+jPVZacU1HYHgpziddijdY5MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAGeq7MwijWss0QJ90jtMEHkSgGKzwIaIGaOCOz6eTOIihcpphXDCcm9JIwOkqVbq7vxQHTeAQfvHMDWOaZI9/L6y7C23bu/qNzh/qCEe3wDnfEjYutBUDIQ1B9NO/0NxR5hCrhnwre//q+H0FQ09eueF74pn3liyzyAPQDCjqDfgz+kr7CTD+nabtlrNUak5Ur67uQqnpVdeXo7WYMdQe+fNncMDcazlwtVpj6ZnxQJm/cE3wBNyrHo/Krv4Wt2yyFYX+IdMxWJuZHDrIaZW73x3WcSlMIncXBILK70QLadcXxNpzi8OMFxr/pmy/EhEQ3Vd9hrVluKE0Rw4pR+kU4A==</X509Certificate>

</X509Data>

</KeyInfo>

</Signature>

<samlp:Status xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<samlp:StatusCode Value=“urn:oasis:names:tc:SAML:2.0:status:Success” />

</samlp:Status>

<saml2:EncryptedAssertion xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>

<xenc:EncryptedData Id=“_604e4ba097b0ca44ba32782d24b299a1” Type=“http://www.w3.org/2001/04/xmlenc#Element” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#aes128-cbc” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<ds:KeyInfo xmlns:ds=“http://www.w3.org/2000/09/xmldsig#”>

<ds:RetrievalMethod Type=“http://www.w3.org/2001/04/xmlenc#EncryptedKey” URI=“#_dee0c24b28394a500be3460a10e21999” />

</ds:KeyInfo>

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>WV2hOZNH9gzzgKDQs7FJXmmFiMLQ/gYz3QTxnfSfbiNb2hAR9/AVxyazeL5f04slQafsV3EoeVHFxRw6Co0SP78ILoJsFoI63od4X2ywNIoKdSe4wh5H6XJENq2ya4Kg96VYiZ0kuj+9zNJopTKk3ikkCZcBIRIBtG7Tj46D7AcefgH1BFCBrIzkGpyUNk0301kIZLxKmtN4fqBns5nIoHn7hxsbTPMhl1gmL98+7Ge18mJNmJ0rdOeRKVYiglH1MZgOeSaT2HB1vOzF23LM7JKj/E/VyTPJ/c52RfbzTbtap/w/de/q7fCipxy3HyqUvo624Tdqq0Hk3hWhaOvfxmM73b77rMFikFYeGLdEhLeXGVlA2ylLtfwByDLUNHViCa80ApXRkFT6LtCdN203y7GtrSD1jI7mL+tUqy37WymKqMmY5WYKe1L1LgXS7XviQ6ms+DNP6+dxg9LT0qJE7l8dJXxQ0lOJmLHOfu9KREGP4PZQutQCa4o4Ava7Ah7v1eMyz/YA6G6ODfxHymABwymAvQgsrSvqP7Ie+Gf5863ef/NZdgOWE0Swv+PGH11/Kv+0D+Y15xNSGhpZrbcxGm05iVqRW9p0Qf4fo4bjygUQXTtiLSuc2zIwS7GZxrIf5dIDVUb+OB4s8P/xhx9FLZW3I79F8MjKFJXbWe01pahG5M1a5PN1/KDnTyXRVz0n68vvacgkh2zal6NWLR52zWhZp/1xlaGMeYiA40jkJrZumShDhxFLCLjg+U4wm0Z088NfKXy7uf22P9RflDDihOqmOKbPIifIivL3WxTCHa+Db+Elg5PlOfb7TVf5JjYWOSZY0owVVK2vu8RW6z+CRwbkWczdg+vvkgjpKrwrQSZSSWH5EtL5yghWzrdvncKbDFmJE44jmeOcvovz3Dsg5+aEKUowgQ5KhmFPIi6KrkP+DmO14Wr3vuEIbPRomKgJBZEjMR1H6q12Mkra2Ys9o6bUpLufsGWhRAc+c4WijpVUTf7qU6mf66ivzCb0wYuJLTtA5Gmb1p6LZBj6B80l3s3xFkrvi6CBablPfHw3Ic3il5E7NPSqlXrowLUWbM0pieOs0/NTZd57YPfN8y3O20LzbZa6lVVkHaHU1gPmTHFaNwpiq9HPe/I6Ja5xyJeDxTp8cqW9tk36ci/j3jjNbh7J5o/BEwavCDlT4MaOYX32lYWJbi6n5l2uKbaL1FfggHIR0I5hiyYhOMvoJE3jMvjvjksqasFGOr83vPfAo3500/bHQSp2Qbzs9nSD9/H541VPZpVdwAOucTZB1PPVzjzPtB7Nk4jmbSrmu1bOR1IQHICPqjPxGu3otoHcrY7V3oSj5oF5LjqDq/Y8O21rTLk+gskshl4nc3rsN7Hi8BQNh/YhVPOI4aOKbaVJ2rb3dTtGKXSJfApiQrt+a2CzeMisOt81O+2o6Ne59/KfrD+bo3XftvwrPV07NbOA/ZqaufBiJcKVYZqoRtM+KB00ckzCa3jhtl9et/d4aR4W4V2uywE188f2pW+QLXj/Wif2EtkT1EZ3HzhfNX3Kz3c1mhm4MFcF7L+Dag+ZezRdJ5lLMM5yGJyB+DwrmjJiJ7e28CZ5XAZsczqUIk41YGL79jt39Ebgwi/bB1b0wMQ/SSDzbj8cET7PWOIsSc+IVY/qkgSOXr1loRtKD8NC9ZGyVVkJ8boCHbb/LOGdT8tMsG+2yqQvJiRLxaApyXi6SlziJBdm3wBwLhIfBzkuQPrvatIQR3Ufr+oLoKAOnpj+CHd9u4PlnpdU8vE1OgCeEx+S6VtZA4ndxuwW2YYzp+9lEYqR6Ps/iA51gTbgR73G2xs9EaDx6bWVriRd3FY6sCPto99EO9+4xEPVolHqudxgkEPGFjQtxqTH0iSoIPYQDaNAtXl8CN4oMGqGfC60qubeXQ8biET6f7cUGG3bAItHuAwCYFexluDUYDXIrualviqFCtTV4xFuzCl3T/FDwTcgyqMLJS6F32eSTgGa5jr73dTjBg6TTKmOtqpkKxGxS0FLAXLEq6uvzWJYIGfH3hjDqppt3YNUEG1E4MrpoWzy2nx0PyAzi4nirazCmKqjgQ2umb1DE5nHdO6/Z+u1XpNZQNxzu+4IN4YjI1J2uOW/4tehazPPZzfDUucCwK2ctVvmbKe87AMUwgzMFV3Xa2ql2Q3MH52CszWTt3X7uxtLiAa6s5PirYNo7jk97CPQTg70M+IGoJi6BkpqT3kk5onGJ0EQdjThHJQ3bNm9IgLq0uMbYRBBKYymxM8NxJLm0s1chW6a52UV+5CnuNK79zGuxN/1kIwriKOMk+ucLzmMCDDv8qvV9vZik1gKSXNGsU95Tgo+pF5YDNq9ivzVYW/V4kz7SNbQi0v8eLhql5PNhGynykD8V/r2FD7vlBwO7yGd5fRXWhn7E30d6d+33T78edrSlkW8kq1/TPKSLexgnCv0ELSi5nBht4YoCrzaR03A17uASIxWlXTwAs/YG0AmhAd0TvWpbYom4/gEQU0dLrcH6s7gV71sYJIbGtScf/yocCljz2YFw4yN88WViIm4iCWLkpRFwiU295Vg67vwaCzk/orxbB4y025J69Sizp+q2rNhHBjysklC2KZWEbciMJZ/UyOw4AquYELgdoD5xmKN8WT4U1KFT+TeSpiRJvxp4E1ltv4BAX2ztuJ60lN5RNPdZTYqG8caO2GVCHSbFcbJ2rWbEruO0DdJSBL6A65RGzSwrXe8C5ojD9DDk25jRq1oC+en9qqVK4Udvl/AGLYLyVUk+PS76MC3EnZz9KVYU8m0a2sxkSdJu9wfV1ZpV/PV4GMdAHO8GL0HQmenSvwDfzPqcRLQM+ORjL082aMaBf3TR4TiXgKTn8xpZdl3Zg+iysIvCfQm30KmvzZgUJLmC4KpqAySrWW/kc4FARhH7qtX6xO1RDBhGqo1IPDtskaQ0wkRFoONr0lowh/YYJJT10eqSgUD8yKa9VK6k57Shq3cC2ouBzNL9ZcA4a0rJyTFSopY0+KSsBdvx2Lvfm8cJLGIkGt8rV5xuVxM2lQqWb+HenqqN6p61gf4jwCdtRgSX8o4o5fbpLfNpdNytKuM12pyLrm8rPZH7xyfhU0X0MtlfeIl2FE4FEOHwQ1EK6jJ+765LVVaG7jApaupgpR90UIW+Q3jRQAExA7NsOpvhppn6XiehDhamYiSkGuFOiBPGg+4FYwQ8BAWwf0yVyiOsl6b1oro/rmDbBtJcfFMuigG2AeEou/8/IwVr1RhVVH7z1qEdIYQ6PDTm+Xtaz8an7ijtkJCWMLYMzAa7cPwjkbOJBIaDqcbWFmTsrmOm+n/K5tpfEbcTgQrPaohFA==</xenc:CipherValue>

</xenc:CipherData>

</xenc:EncryptedData>

<xenc:EncryptedKey Id=“_dee0c24b28394a500be3460a10e21999” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#rsa-1_5” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>AtbCqy8tGBmKu9AvG/EJQsp8UfNxCLo7p5v1fKNLfV1QSo1k22rcrfFweygCnOIxlvKM+EZrMtHPylwfUukvpdSRerqDNRFgy8RT53LyIr/Zlxm6rpLsy/v3RHGW2ToaG0iIDl7ZM74s95PIE1lpM171v7TGdfbYm+UyTxSHG9w7gd0gzjyYX/ab9y8jJbV8dRqw2grGOvD1Mj9aTaiWhNSohoJjPTJPfWpDWjfits0RpCYREiPk2oU0htfFd9L9Bi1z6hUpKHPEbiZR5jfAHxv+H3rUwHlPPQF5o/jsyln9PCoQiPieIZsdHhXBF5guayw48hzcYi++W/gqq4lyyg==</xenc:CipherValue>

</xenc:CipherData>

<xenc:ReferenceList>

<xenc:DataReference URI=“#_604e4ba097b0ca44ba32782d24b299a1” />

</xenc:ReferenceList>

</xenc:EncryptedKey>

</saml2:EncryptedAssertion>

</samlp:Response>, relayState=

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: SAML response received: partner provider=uatSSO, relay state=, SAML response=<samlp:Response Destination=“https://employersedge.testDomain.com/integration/SAML/AssertService.aspx” ID=“A6d6c7624-ec4f-4233-8dcf-f84d2f1b3c06” InResponseTo=“_31fb25fd-d063-457a-9686-2ef53470cd2f” IssueInstant=“2017-09-06T14:50:27.000Z” Version=“2.0” xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>

<saml:Issuer Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity” xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”>uatSSO</saml:Issuer>

</Transforms>

<DigestValue>uP9jmBYWeqOOKK+0eQUJow/Wpo00aUl3W8ieXMaklck=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>sH+c9bgTDe2JgMe9ap6yoUgGYpVguF+Msu7w+zshjhld7MXWaMlhrB05v+ap9vmxiMaffkTYS0rAyqWmuYB5fvyMlQs0wlwamDub/dpf/pqlYeUfdnIsEEFdKtICRQCNQwf+g91ypStZ427PScMkNAh8ihjHoRv6UjRrvbmnQf/YwMkK2R8qXOXXTHMGwvBXU6u0o/L6XTKNAMWh5ey/U4GqBzCVW/JvT2WRewn0mnLFNx9V6jrrEKbas8wuyRDCaaUnkMtxjiLxsz4sYeCKniXuxoji2m/kDz5/ujeTnWKDDMjlOyLtUPVHnGXaBOqI4kU/HIZdq8Wr797DLbYS6g==</SignatureValue>

<X509Certificate>MIIEAjCCAuqgAwIBAgIIblDWXkD/6ywwDQYJKoZIhvcNAQELBQAwfTEzMDEGA1UEAwwqVGVzdCBTU08gQXV0aCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQLDBtJU1QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE2MTEwOTIyMzEyOVoXDTE4MTEwOTIyMzEyOVowVDEiMCAGA1UEAwwZc3Nvc2FtbHNpZ24tdWF0LmFwcGxlLmNvbTEMMAoGA1UECwwDSVNUMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANW+mPDQDngtFIJn/2bzfUD0zBv3Ct2yL+KZd5sA0UU+a+gFpwyUlH8RDwSNmdtnWE4o34QqXZAgu6lLzMlwn/nHMBRZ+ludjBYSmOTH4c5w6zLkFpc0JG33ACM38pJlhqs9SaftVVhQKW4YWqnKfzzejXdDpM4IeQ/37LXnElo2u0EyKazGQ/Z4G5hMpaNtxHtilYvUXKqXtebujOBdpj4hjFYXUp0buhJZG4sKZNv34rfn3dbFpud9HoajN4K43ncvjB6gr2H8ntjdu2vid5FAy2eBs7NxH9v9MocawVT2j7kW8AVHhuiqn2N1HneFAe3Z2HQA0YbqyXzREssxX90CAwEAAaOBrjCBqzBLBggrBgEFBQcBAQQ/MD0wOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwLXVhdC5jb3JwLmFwcGxlLmNvbS9vY3NwMDMtc3NvYXV0aDAxMB0GA1UdDgQWBBQ4POVRjom0LVC+Jb4vjMh9CHGM3DAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFASMk+jPVZacU1HYHgpziddijdY5MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAGeq7MwijWss0QJ90jtMEHkSgGKzwIaIGaOCOz6eTOIihcpphXDCcm9JIwOkqVbq7vxQHTeAQfvHMDWOaZI9/L6y7C23bu/qNzh/qCEe3wDnfEjYutBUDIQ1B9NO/0NxR5hCrhnwre//q+H0FQ09eueF74pn3liyzyAPQDCjqDfgz+kr7CTD+nabtlrNUak5Ur67uQqnpVdeXo7WYMdQe+fNncMDcazlwtVpj6ZnxQJm/cE3wBNyrHo/Krv4Wt2yyFYX+IdMxWJuZHDrIaZW73x3WcSlMIncXBILK70QLadcXxNpzi8OMFxr/pmy/EhEQ3Vd9hrVluKE0Rw4pR+kU4A==</X509Certificate>

</X509Data>

</KeyInfo>

</Signature>

<samlp:Status xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”>

<samlp:StatusCode Value=“urn:oasis:names:tc:SAML:2.0:status:Success” />

</samlp:Status>

<saml2:EncryptedAssertion xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>

<xenc:EncryptedData Id=“_604e4ba097b0ca44ba32782d24b299a1” Type=“http://www.w3.org/2001/04/xmlenc#Element” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#aes128-cbc” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<ds:KeyInfo xmlns:ds=“http://www.w3.org/2000/09/xmldsig#”>

<ds:RetrievalMethod Type=“http://www.w3.org/2001/04/xmlenc#EncryptedKey” URI=“#_dee0c24b28394a500be3460a10e21999” />

</ds:KeyInfo>

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>WV2hOZNH9gzzgKDQs7FJXmmFiMLQ/gYz3QTxnfSfbiNb2hAR9/AVxyazeL5f04slQafsV3EoeVHFxRw6Co0SP78ILoJsFoI63od4X2ywNIoKdSe4wh5H6XJENq2ya4Kg96VYiZ0kuj+9zNJopTKk3ikkCZcBIRIBtG7Tj46D7AcefgH1BFCBrIzkGpyUNk0301kIZLxKmtN4fqBns5nIoHn7hxsbTPMhl1gmL98+7Ge18mJNmJ0rdOeRKVYiglH1MZgOeSaT2HB1vOzF23LM7JKj/E/VyTPJ/c52RfbzTbtap/w/de/q7fCipxy3HyqUvo624Tdqq0Hk3hWhaOvfxmM73b77rMFikFYeGLdEhLeXGVlA2ylLtfwByDLUNHViCa80ApXRkFT6LtCdN203y7GtrSD1jI7mL+tUqy37WymKqMmY5WYKe1L1LgXS7XviQ6ms+DNP6+dxg9LT0qJE7l8dJXxQ0lOJmLHOfu9KREGP4PZQutQCa4o4Ava7Ah7v1eMyz/YA6G6ODfxHymABwymAvQgsrSvqP7Ie+Gf5863ef/NZdgOWE0Swv+PGH11/Kv+0D+Y15xNSGhpZrbcxGm05iVqRW9p0Qf4fo4bjygUQXTtiLSuc2zIwS7GZxrIf5dIDVUb+OB4s8P/xhx9FLZW3I79F8MjKFJXbWe01pahG5M1a5PN1/KDnTyXRVz0n68vvacgkh2zal6NWLR52zWhZp/1xlaGMeYiA40jkJrZumShDhxFLCLjg+U4wm0Z088NfKXy7uf22P9RflDDihOqmOKbPIifIivL3WxTCHa+Db+Elg5PlOfb7TVf5JjYWOSZY0owVVK2vu8RW6z+CRwbkWczdg+vvkgjpKrwrQSZSSWH5EtL5yghWzrdvncKbDFmJE44jmeOcvovz3Dsg5+aEKUowgQ5KhmFPIi6KrkP+DmO14Wr3vuEIbPRomKgJBZEjMR1H6q12Mkra2Ys9o6bUpLufsGWhRAc+c4WijpVUTf7qU6mf66ivzCb0wYuJLTtA5Gmb1p6LZBj6B80l3s3xFkrvi6CBablPfHw3Ic3il5E7NPSqlXrowLUWbM0pieOs0/NTZd57YPfN8y3O20LzbZa6lVVkHaHU1gPmTHFaNwpiq9HPe/I6Ja5xyJeDxTp8cqW9tk36ci/j3jjNbh7J5o/BEwavCDlT4MaOYX32lYWJbi6n5l2uKbaL1FfggHIR0I5hiyYhOMvoJE3jMvjvjksqasFGOr83vPfAo3500/bHQSp2Qbzs9nSD9/H541VPZpVdwAOucTZB1PPVzjzPtB7Nk4jmbSrmu1bOR1IQHICPqjPxGu3otoHcrY7V3oSj5oF5LjqDq/Y8O21rTLk+gskshl4nc3rsN7Hi8BQNh/YhVPOI4aOKbaVJ2rb3dTtGKXSJfApiQrt+a2CzeMisOt81O+2o6Ne59/KfrD+bo3XftvwrPV07NbOA/ZqaufBiJcKVYZqoRtM+KB00ckzCa3jhtl9et/d4aR4W4V2uywE188f2pW+QLXj/Wif2EtkT1EZ3HzhfNX3Kz3c1mhm4MFcF7L+Dag+ZezRdJ5lLMM5yGJyB+DwrmjJiJ7e28CZ5XAZsczqUIk41YGL79jt39Ebgwi/bB1b0wMQ/SSDzbj8cET7PWOIsSc+IVY/qkgSOXr1loRtKD8NC9ZGyVVkJ8boCHbb/LOGdT8tMsG+2yqQvJiRLxaApyXi6SlziJBdm3wBwLhIfBzkuQPrvatIQR3Ufr+oLoKAOnpj+CHd9u4PlnpdU8vE1OgCeEx+S6VtZA4ndxuwW2YYzp+9lEYqR6Ps/iA51gTbgR73G2xs9EaDx6bWVriRd3FY6sCPto99EO9+4xEPVolHqudxgkEPGFjQtxqTH0iSoIPYQDaNAtXl8CN4oMGqGfC60qubeXQ8biET6f7cUGG3bAItHuAwCYFexluDUYDXIrualviqFCtTV4xFuzCl3T/FDwTcgyqMLJS6F32eSTgGa5jr73dTjBg6TTKmOtqpkKxGxS0FLAXLEq6uvzWJYIGfH3hjDqppt3YNUEG1E4MrpoWzy2nx0PyAzi4nirazCmKqjgQ2umb1DE5nHdO6/Z+u1XpNZQNxzu+4IN4YjI1J2uOW/4tehazPPZzfDUucCwK2ctVvmbKe87AMUwgzMFV3Xa2ql2Q3MH52CszWTt3X7uxtLiAa6s5PirYNo7jk97CPQTg70M+IGoJi6BkpqT3kk5onGJ0EQdjThHJQ3bNm9IgLq0uMbYRBBKYymxM8NxJLm0s1chW6a52UV+5CnuNK79zGuxN/1kIwriKOMk+ucLzmMCDDv8qvV9vZik1gKSXNGsU95Tgo+pF5YDNq9ivzVYW/V4kz7SNbQi0v8eLhql5PNhGynykD8V/r2FD7vlBwO7yGd5fRXWhn7E30d6d+33T78edrSlkW8kq1/TPKSLexgnCv0ELSi5nBht4YoCrzaR03A17uASIxWlXTwAs/YG0AmhAd0TvWpbYom4/gEQU0dLrcH6s7gV71sYJIbGtScf/yocCljz2YFw4yN88WViIm4iCWLkpRFwiU295Vg67vwaCzk/orxbB4y025J69Sizp+q2rNhHBjysklC2KZWEbciMJZ/UyOw4AquYELgdoD5xmKN8WT4U1KFT+TeSpiRJvxp4E1ltv4BAX2ztuJ60lN5RNPdZTYqG8caO2GVCHSbFcbJ2rWbEruO0DdJSBL6A65RGzSwrXe8C5ojD9DDk25jRq1oC+en9qqVK4Udvl/AGLYLyVUk+PS76MC3EnZz9KVYU8m0a2sxkSdJu9wfV1ZpV/PV4GMdAHO8GL0HQmenSvwDfzPqcRLQM+ORjL082aMaBf3TR4TiXgKTn8xpZdl3Zg+iysIvCfQm30KmvzZgUJLmC4KpqAySrWW/kc4FARhH7qtX6xO1RDBhGqo1IPDtskaQ0wkRFoONr0lowh/YYJJT10eqSgUD8yKa9VK6k57Shq3cC2ouBzNL9ZcA4a0rJyTFSopY0+KSsBdvx2Lvfm8cJLGIkGt8rV5xuVxM2lQqWb+HenqqN6p61gf4jwCdtRgSX8o4o5fbpLfNpdNytKuM12pyLrm8rPZH7xyfhU0X0MtlfeIl2FE4FEOHwQ1EK6jJ+765LVVaG7jApaupgpR90UIW+Q3jRQAExA7NsOpvhppn6XiehDhamYiSkGuFOiBPGg+4FYwQ8BAWwf0yVyiOsl6b1oro/rmDbBtJcfFMuigG2AeEou/8/IwVr1RhVVH7z1qEdIYQ6PDTm+Xtaz8an7ijtkJCWMLYMzAa7cPwjkbOJBIaDqcbWFmTsrmOm+n/K5tpfEbcTgQrPaohFA==</xenc:CipherValue>

</xenc:CipherData>

</xenc:EncryptedData>

<xenc:EncryptedKey Id=“_dee0c24b28394a500be3460a10e21999” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:EncryptionMethod Algorithm=“http://www.w3.org/2001/04/xmlenc#rsa-1_5” xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#” />

<xenc:CipherData xmlns:xenc=“http://www.w3.org/2001/04/xmlenc#”>

<xenc:CipherValue>AtbCqy8tGBmKu9AvG/EJQsp8UfNxCLo7p5v1fKNLfV1QSo1k22rcrfFweygCnOIxlvKM+EZrMtHPylwfUukvpdSRerqDNRFgy8RT53LyIr/Zlxm6rpLsy/v3RHGW2ToaG0iIDl7ZM74s95PIE1lpM171v7TGdfbYm+UyTxSHG9w7gd0gzjyYX/ab9y8jJbV8dRqw2grGOvD1Mj9aTaiWhNSohoJjPTJPfWpDWjfits0RpCYREiPk2oU0htfFd9L9Bi1z6hUpKHPEbiZR5jfAHxv+H3rUwHlPPQF5o/jsyln9PCoQiPieIZsdHhXBF5guayw48hzcYi++W/gqq4lyyg==</xenc:CipherValue>

</xenc:CipherData>

<xenc:ReferenceList>

<xenc:DataReference URI=“#_604e4ba097b0ca44ba32782d24b299a1” />

</xenc:ReferenceList>

</xenc:EncryptedKey>

</saml2:EncryptedAssertion>

</samlp:Response>.

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Verifying the SAML response signature.

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: The embedded certificate is being used for the signature verification.

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: Exception: ComponentSpace.SAML2.Exceptions.SAMLSignatureException: Failed to verify the XML signature. —> System.Security.Cryptography.CryptographicException: An internal error occurred.

at System.Security.Cryptography.NCryptNative.OpenStorageProvider(String providerName)

at System.Security.Cryptography.CngKey.Import(Byte[] keyBlob, String curveName, CngKeyBlobFormat format, CngProvider provider)

at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(X509Certificate2 certificate)

at System.Security.Cryptography.CngLightup.GetRSAPublicKey(X509Certificate2 cert)

at System.Security.Cryptography.X509Certificates.X509CertificateExtensions.GetAnyPublicKey(X509Certificate2 c)

at System.Security.Cryptography.Xml.SignedXml.GetNextCertificatePublicKey()

at System.Security.Cryptography.Xml.SignedXml.GetPublicKey()

at System.Security.Cryptography.Xml.SignedXml.CheckSignatureReturningKey(AsymmetricAlgorithm& signingKey)

at ComponentSpace.SAML2.Utility.XmlSignature.Verify(XmlElement xmlElement, AsymmetricAlgorithm signingKey, SignedXml signedXml)

— End of inner exception stack trace —

ComponentSpace.SAML2 Verbose: 0 : 6036/48: 9/6/2017 10:50:27 AM: at ComponentSpace.SAML2.Utility.XmlSignature.Verify(XmlElement xmlElement, AsymmetricAlgorithm signingKey, SignedXml signedXml)

at ComponentSpace.SAML2.Utility.XmlSignature.Verify(XmlElement xmlElement, X509Certificate2 x509Certificate, SignedXml signedXml)

at ComponentSpace.SAML2.Protocols.SAMLMessageSignature.Verify(XmlElement xmlElement, X509Certificate2 x509Certificate)

at ComponentSpace.SAML2.InternalSAMLServiceProvider.VerifySAMLResponseSignature(XmlElement samlResponseElement)

at ComponentSpace.SAML2.InternalSAMLServiceProvider.ProcessSAMLResponse(XmlElement samlResponseElement, Boolean& isInResponseTo, String& userName, SAMLAttribute[]& attributes)

at ComponentSpace.SAML2.InternalSAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& userName, SAMLAttribute[]& attributes, String& relayState)

at ComponentSpace.SAML2.SAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& userName, IDictionary& attributes, String& relayState)

at integration_SAML_AssertService.PageLoad(Object sender, EventArgs e)

at BasePage.Page_Load(Object sender, EventArgs e)

at System.Web.UI.Control.OnLoad(EventArgs e)

at System.Web.UI.Control.LoadRecursive()

at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

at System.Web.UI.Page.ProcessRequest()

at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)

at System.Web.UI.Page.ProcessRequest(HttpContext context)

at ASP.integration_saml_assertservice_aspx.ProcessRequest(HttpContext context)

at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)

at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)

at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)

at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

ComponentSpace · September 6, 2017, 8:29pm

Presumably the patch somehow affected support for SHA-256 signature verification on Windows Server 2008 R2.
This is being investigated with follow up via email.

CBRon · October 3, 2017, 6:07pm

[quote]

ComponentSpace - 9/6/2017

Presumably the patch somehow affected support for SHA-256 signature verification on Windows Server 2008 R2.
This is being investigated with follow up via email.

[/quote]

I am having a similar problem. Has this been resolved yet? This is the error message I am getting:

The SAML assertion signature failed to verify.

Windows Server 2008 R2
Using the .Net 2.0 dll version 2.8.5.0
Do you need a stack trace?

ComponentSpace · October 3, 2017, 6:23pm

Is this a SHA-256 signature?
If so, this is not supported by the .NET 2.0 framework.
For SHA-256 support, you need to use .NET 4.0 or above and the .NET 4.0 version of the SAML2 DLL.
When running on Windows 2008 R2, if you’re still having issues, we recommend installing the .NET 4.6.2 framework or above, even if your application doesn’t target this version.

CBRon · October 4, 2017, 9:33am

[quote]

ComponentSpace - 10/3/2017

Is this a SHA-256 signature?
If so, this is not supported by the .NET 2.0 framework.
For SHA-256 support, you need to use .NET 4.0 or above and the .NET 4.0 version of the SAML2 DLL.
When running on Windows 2008 R2, if you're still having issues, we recommend installing the .NET 4.6.2 framework or above, even if your application doesn't target this version.

[/quote]

She says she tried both SHA-1 and SHA-256. Is there any kind of debugging I can turn on to print out more detailed information that might be helpful?
Also, this is on my production server. On my test server, which is virtually identical, everything works perfectly.

ComponentSpace · October 4, 2017, 3:04pm

Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning this forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace

CBRon · October 4, 2017, 3:42pm

[quote]

ComponentSpace - 10/4/2017

Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning this forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace

[/quote]

Thank you. I have enabled SAML trace and will send you the output.
Also, both the working test machine and the non-working production machine have .Net 4.5.2 installed.
Isn't SHA-256 included in .Net 3.5? Which is enabled in both machines web.config files. I am using it to create the hash that logs them in after a successful assertion response.

ComponentSpace · October 4, 2017, 3:53pm

Thanks.
There’s a crypto update to .NET 3.5 that adds support for SHA-256. It’s configured through the machine.config files.
This doesn’t apply to .NET framework 2.0 though.

wayneb · April 12, 2018, 5:06am

Hi,

I am getting the following “ComponentSpace.SAML2.Exceptions.SAMLSignatureException: ‘The XML does not contain a signature.’”
My ADFS server is Windows 2016 Standard and my development machine is Windows 10 and I am using .net 4.6.2

Attached is the SAML response and the SP.log. THe log does not tell me anything new.

Any suggestion on what I can do.

Thanks

Wayne

wayneb · April 12, 2018, 5:57am

Hi, it appears the SAML response is not valid xml and so the xpath is failing.

I had a quick look at the component source (Hope that is ok). This line appears to be failing.
return (XmlElement)xmlElement.SelectSingleNode(“*[local-name(.) = ‘Signature’ and namespace-uri(.) = ‘http://www.w3.org/2000/09/xmldsig#’]”);

When I tried to load the xpath in notepad ++ it also failed. See the attached image.

ComponentSpace · April 12, 2018, 4:44pm

I’ve attached the SAML response from the log file.
I ran our VerifySAML console application and was able to verify the signature.

VerifySAML.exe c:\temp\samlresponse.xml
Loading c:\temp\samlresponse.xml
Verifying SAML message
The SAML message isn’t signed
Verifying SAML assertion
Verified: True

Please note that by default ADFS signs the SAML assertion rather than the SAML response.
The error “The XML does not contain a signature” is because you’re attempting to verify the SAML response signature which doesn’t exist.
Rather than calling the SAML low-level API, I recommend using the SAML high-level API as this is much easier to use.
The one API call, SAMLServiceProvider.ReceiveSSO, will receive and process the SAML response.
This includes verifying the SAML response or SAML assertion signature.
If you must use the SAML low-level API for some reason, you should call SAMLMessageSignature.IsSigned prior to calling SAMLMessageSignature.Verify.
There are also SAMLAssertionSignature.IsSigned and SAMLAssertionSignature.Verify methods for processing SAML assertion signatures. The XmlElement you pass in is the SAML assertion. A SAMLResponse.GetSignedAssertion convenience method verifies the signature and deserializes the SAML assertion.
However, SAMLServiceProvider.ReceiveSSO is still your best option.