1
|
<?xml version="1.0"?>
|
2
|
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91f6" Version="2.0" IssueInstant="2017-11-22T22:05:22.732Z" Destination="http://dummy-sp.whatever/index.html" InResponseTo="_F037EDFADF22FA75037F75D527EF586E">
|
3
|
<saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
|
4
|
<samlp:Status>
|
5
|
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
|
6
|
</samlp:Status>
|
7
|
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns1="http://www.w3.org/2001/XMLSchema-instance" Version="2.0" ID="_75695f604576788fc4d8a53528f8cd80" IssueInstant="2017-11-22T22:05:22.732Z" SignType="0" SignMethod="0" EncryptionActivated="false" EncryptionSymKeyType="0">
|
8
|
<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://idp5/SingleSignOn</saml:Issuer>
|
9
|
<saml:Subject>
|
10
|
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_3dc6f9448628660770b87d365c3a7348</saml:NameID>
|
11
|
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
12
|
<saml:SubjectConfirmationData NotOnOrAfter="2017-11-22T22:10:22.732Z" Recipient="https://dummy-sp.whatever/accounts/mellon/login/" InResponseTo="_F037EDFADF22FA75037F75D527EF586E" Address="36.15.13.37"/>
|
13
|
</saml:SubjectConfirmation>
|
14
|
</saml:Subject>
|
15
|
<saml:Conditions NotBefore="2017-11-22T22:05:22.732Z" NotOnOrAfter="2017-11-22T22:10:22.732Z">
|
16
|
<saml:AudienceRestriction>
|
17
|
<saml:Audience>https://dummy-sp.whatever/accounts/mellon/metadata/</saml:Audience>
|
18
|
</saml:AudienceRestriction>
|
19
|
</saml:Conditions>
|
20
|
<saml:AuthnStatement AuthnInstant="2017-11-22T22:04:42.551Z" SessionIndex="36a9b4622f1ccc3dfb498d79444049521edaf6cb85592560050d6718d68a8adf">
|
21
|
<saml:SubjectLocality Address="36.15.13.37"/>
|
22
|
<saml:AuthnContext>
|
23
|
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
|
24
|
</saml:AuthnContext>
|
25
|
</saml:AuthnStatement>
|
26
|
<saml:AttributeStatement>
|
27
|
<saml:Attribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonAffiliation">
|
28
|
<saml:AttributeValue ns1:type="xs:string">member</saml:AttributeValue>
|
29
|
<saml:AttributeValue ns1:type="xs:string">employee</saml:AttributeValue>
|
30
|
</saml:Attribute>
|
31
|
<saml:Attribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrimaryAffiliation">
|
32
|
<saml:AttributeValue ns1:type="xs:string">employee</saml:AttributeValue>
|
33
|
</saml:Attribute>
|
34
|
<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
|
35
|
<saml:AttributeValue ns1:type="xs:string">Michu</saml:AttributeValue>
|
36
|
</saml:Attribute>
|
37
|
<saml:Attribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName">
|
38
|
<saml:AttributeValue ns1:type="xs:string">emichu@ffpjp.nowhere</saml:AttributeValue>
|
39
|
</saml:Attribute>
|
40
|
<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
|
41
|
<saml:AttributeValue ns1:type="xs:string">Étienne</saml:AttributeValue>
|
42
|
</saml:Attribute>
|
43
|
<saml:Attribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonTargetedID">
|
44
|
<saml:AttributeValue>
|
45
|
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="https://idp5/SingleSignOn" SPNameQualifier="https://dummy-sp.whatever/accounts/mellon/metadata/">wO/BU9/JuJZx6+Q/ZV4BR+pW/c4=</saml:NameID>
|
46
|
</saml:AttributeValue>
|
47
|
</saml:Attribute>
|
48
|
</saml:AttributeStatement>
|
49
|
</saml:Assertion>
|
50
|
</samlp:Response>
|