iPipeline SAML debug

environmentprod
targeturlhttps://formspipe.ipipeline.com/?GAID=5724
endpointurlhttps://federate.ipipeline.com/sp/acs.saml1
issuerhttp://www.biltd.com/samlassertingparty/AP
audiencefederate.ipipeline.com:saml1
userid
firstname
lastname
email
issue_instant2018-12-14T09:58:41.000000Z
not_before2018-12-14T09:48:41.000000Z
not_after2018-12-14T10:08:41.000000Z
assertionid3ec8f4a2-ecc3-43b8-aed5-346a36b263c0
responseidb566f1c7-f33f-415c-a987-5745d25c4ea4
signingcertpath/etc/ssl/private/ipipeline_prod.p12
certauthoritypath/etc/ssl/certs/brokers-cert-authority.pem
plain_assertion_name/tmp/biltd-ipipelinesaml-plain-O28MQc
signed_assertion_name/tmp/biltd-ipipelinesaml-signed-wFX980
encoded_assertion_name/tmp/biltd-ipipeline-saml-encoded-wz9WvP
signing command/usr/bin/sudo -u xmlsec1 /usr/bin/xmlsec1 --sign --pkcs12 /etc/ssl/private/ipipeline_prod.p12 --trusted-pem /etc/ssl/certs/brokers-cert-authority.pem --pwd "" --id-attr:ResponseID Response /tmp/biltd-ipipelinesaml-plain-O28MQc > /tmp/biltd-ipipelinesaml-signed-wFX980
plain_assertion<?xml version="1.0"?> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="2018-12-14T09:58:41.000000Z" MajorVersion="1" MinorVersion="1" Recipient="https://federate.ipipeline.com/sp/acs.saml1" ResponseID="b566f1c7-f33f-415c-a987-5745d25c4ea4"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod> <ds:Reference URI="#b566f1c7-f33f-415c-a987-5745d25c4ea4"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="code ds kind rw saml samlp typens #default xsd xsi"></ec:InclusiveNamespaces> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue></ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue></ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate></ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <Status> <StatusCode Value="samlp:Success"/> </Status> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="3ec8f4a2-ecc3-43b8-aed5-346a36b263c0" IssueInstant="2018-12-14T09:58:41.000000Z" Issuer="http://www.biltd.com/samlassertingparty/AP" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2018-12-14T09:48:41.000000Z" NotOnOrAfter="2018-12-14T10:08:41.000000Z"> <AudienceRestrictionCondition> <Audience>federate.ipipeline.com:saml1</Audience> </AudienceRestrictionCondition> </Conditions> <AuthenticationStatement AuthenticationInstant="2018-12-14T09:58:41.000000Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"> <Subject> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" NameQualifier="ipipeline.com">uid=</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> <AttributeStatement> <Subject> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" NameQualifier="ipipeline.com">uid=</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod> </SubjectConfirmation> </Subject> <Attribute AttributeName="CompanyIdentifier" AttributeNamespace="ipipeline.com"> <AttributeValue>5724</AttributeValue> </Attribute> <Attribute AttributeName="ChannelName" AttributeNamespace="ipipeline.com"> <AttributeValue>BIL</AttributeValue> </Attribute> <Attribute AttributeName="Action" AttributeNamespace="ipipeline.com"> <AttributeValue>CREATE</AttributeValue> </Attribute> <Attribute AttributeName="Groups" AttributeNamespace="ipipeline.com"> <AttributeValue>05724-UsersGroup</AttributeValue> </Attribute> <Attribute AttributeName="TimeoutURL" AttributeNamespace="ipipeline.com"> <AttributeValue/> </Attribute> <Attribute AttributeName="ApplicationData" AttributeNamespace="ipipeline.com"> <AttributeValue> &lt;iGoApplicationData&gt; &lt;UserData&gt; &lt;Data Name=&quot;FirstName&quot;&gt;&lt;/Data&gt; &lt;Data Name=&quot;LastName&quot;&gt;&lt;/Data&gt; &lt;Data Name=&quot;Email&quot;&gt;&lt;/Data&gt; &lt;Data Name=&quot;UpdateUserProfile&quot;&gt;True&lt;/Data&gt; &lt;/UserData&gt; &lt;/iGoApplicationData&gt; </AttributeValue> </Attribute> </AttributeStatement> </Assertion> </Response>
signed_assertion<?xml version="1.0"?> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="2018-12-14T09:58:41.000000Z" MajorVersion="1" MinorVersion="1" Recipient="https://federate.ipipeline.com/sp/acs.saml1" ResponseID="b566f1c7-f33f-415c-a987-5745d25c4ea4"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#b566f1c7-f33f-415c-a987-5745d25c4ea4"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="code ds kind rw saml samlp typens #default xsd xsi"/> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>aPTfEgGqK59aZQq1DVotUjc6y50=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RrYmrQ+TO5iTqajpYJvzwEIPvR2ozlQ9l+c8MW17v8iWXiAJML3miZnVRNwOvQSM RhrWHooMfIv76NSgOy3J5ppnVUd1dLfKREp8eG5xs9Ft1eP3KhF8C6TKI1v3JrAV TTDhRp1Q2IbHF3cH133FxdSIy+J9hj54WR+IMANuz7YKb5K6ih3kopnWfhBquk1X ULEqv30RZqPnsBtEfuGQ4POodF/dH4X4ejPaSzlKMaN+zEYw23TpaMn7knPRvclm GWsi3rjT/Extk3tEXdbwZQKsEyS/xRuCHj5K5Vdy+YiUe5nUhJrflwb89vz1HiqH U4q3SaCAhwkJiTVxyilrqQ==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIESjCCAzKgAwIBAgIJAN107js44YPNMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYD VQQGEwJVUzELMAkGA1UECBMCSUExJDAiBgNVBAoTG0Jyb2tlcnMgSW50ZXJuYXRp b25hbCwgTHRkLjEfMB0GA1UECxMWSW5mb3JtYXRpb24gVGVjaG5vbG9neTEQMA4G A1UEAxMHQ0EgUk9PVDEdMBsGCSqGSIb3DQEJARYOcmR1ekBiaWx0ZC5jb20wHhcN MTgwNTA5MjAwMzM5WhcNMjMwNTA4MjAwMzM5WjCBuDELMAkGA1UEBhMCVVMxCzAJ BgNVBAgTAklBMRIwEAYDVQQHEwlVcmJhbmRhbGUxJDAiBgNVBAoTG0Jyb2tlcnMg SW50ZXJuYXRpb25hbCwgTHRkLjEfMB0GA1UECxMWSW5mb3JtYXRpb24gVGVjaG5v bG9neTEhMB8GA1UEAxQYaXBpcGVsaW5lX3Byb2QuYmlsdGQuY29tMR4wHAYJKoZI hvcNAQkBFg9hZG1pbkBiaWx0ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC+0pbeQWSrzX5wMyGnuThKMpgSmuLrcCr7xO9Ql/x79fkIGmL451ay 7nw4k8GreLZrj+NlQQPc0GaHsm/QLmWQoOTldyZlDt/JExilDPi5HU/QNLvtLXmi 82LyiAAfJ1JCqjk42H1KPkS47eyFGLlKBGYxRVOtuJKUWhWmWYyLnOYRxNJNyCOn LC2uKMcC8wSjsjrxeYwZnePXBZWsYU32qltvpDlnsSgavatzBvAXIpniX1z0PGR4 +K489dPEBKcraITHJIQjElJBvlAzxGzoh2xo5aXd2cwRYZd116Dg9CLpbzmbGk59 p7WluB00lUA2TpxgfjvZkdSVZ9Vu15gTAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJ YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud DgQWBBQppOuZ4YFv3usG7+HZoXwN4q35ejAfBgNVHSMEGDAWgBTpxCjpmX7L31yc z2H+Aj8m9QsFYDANBgkqhkiG9w0BAQsFAAOCAQEASS6cBsqvGdPHiEYm+CPeCoxv Wx5Qjb6Q5Qq8IMLEvz910YQ0YXEcqM+iRfklu5XlzcQ8az1SzAuAnYBoOsJ5nWqU a0Mjutnm7pJjkobHmRYsxzvCZLFqyf4+Oy69gmYdRQZ1MdCbER6tof9vorENqmW9 zZGyEsdqJm39R5lOYUa94J8sligW7ViECbqR2DlTVuhM1YRcct4GI891AUtdGhOu hqANjL8fP+bOmvYj2EHQ1VlsV9KDlNA6RCBeMcYSJ+UsO+1T3U6ooKqqTudaM+ko alpR3Mv8F/k2ZMdyfjxdMi7g7S2XPZkVfU5/FmwAi9mZvIrCyGU5lOeB2n/q4A==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <Status> <StatusCode Value="samlp:Success"/> </Status> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="3ec8f4a2-ecc3-43b8-aed5-346a36b263c0" IssueInstant="2018-12-14T09:58:41.000000Z" Issuer="http://www.biltd.com/samlassertingparty/AP" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2018-12-14T09:48:41.000000Z" NotOnOrAfter="2018-12-14T10:08:41.000000Z"> <AudienceRestrictionCondition> <Audience>federate.ipipeline.com:saml1</Audience> </AudienceRestrictionCondition> </Conditions> <AuthenticationStatement AuthenticationInstant="2018-12-14T09:58:41.000000Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"> <Subject> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" NameQualifier="ipipeline.com">uid=</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> <AttributeStatement> <Subject> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" NameQualifier="ipipeline.com">uid=</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod> </SubjectConfirmation> </Subject> <Attribute AttributeName="CompanyIdentifier" AttributeNamespace="ipipeline.com"> <AttributeValue>5724</AttributeValue> </Attribute> <Attribute AttributeName="ChannelName" AttributeNamespace="ipipeline.com"> <AttributeValue>BIL</AttributeValue> </Attribute> <Attribute AttributeName="Action" AttributeNamespace="ipipeline.com"> <AttributeValue>CREATE</AttributeValue> </Attribute> <Attribute AttributeName="Groups" AttributeNamespace="ipipeline.com"> <AttributeValue>05724-UsersGroup</AttributeValue> </Attribute> <Attribute AttributeName="TimeoutURL" AttributeNamespace="ipipeline.com"> <AttributeValue/> </Attribute> <Attribute AttributeName="ApplicationData" AttributeNamespace="ipipeline.com"> <AttributeValue> &lt;iGoApplicationData&gt; &lt;UserData&gt; &lt;Data Name="FirstName"&gt;&lt;/Data&gt; &lt;Data Name="LastName"&gt;&lt;/Data&gt; &lt;Data Name="Email"&gt;&lt;/Data&gt; &lt;Data Name="UpdateUserProfile"&gt;True&lt;/Data&gt; &lt;/UserData&gt; &lt;/iGoApplicationData&gt; </AttributeValue> </Attribute> </AttributeStatement> </Assertion> </Response>
encoded_assertionPD94bWwgdmVyc2lvbj0iMS4wIj8+CjxSZXNwb25zZSB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6YXNzZXJ0aW9uIiB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOnByb3RvY29sIiB4bWxuczp4c2Q9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiBJc3N1ZUluc3RhbnQ9IjIwMTgtMTItMTRUMDk6NTg6NDEuMDAwMDAwWiIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249IjEiIFJlY2lwaWVudD0iaHR0cHM6Ly9mZWRlcmF0ZS5pcGlwZWxpbmUuY29tL3NwL2Fjcy5zYW1sMSIgUmVzcG9uc2VJRD0iYjU2NmYxYzctZjMzZi00MTVjLWE5ODctNTc0NWQyNWM0ZWE0Ij4KCTxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgoJCTxkczpTaWduZWRJbmZvPgoJCQk8ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPgoJCQk8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+CgkJCTxkczpSZWZlcmVuY2UgVVJJPSIjYjU2NmYxYzctZjMzZi00MTVjLWE5ODctNTc0NWQyNWM0ZWE0Ij4KCQkJCTxkczpUcmFuc2Zvcm1zPgoJCQkJCTxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPgoJCQkJCTxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPgoJCQkJCQk8ZWM6SW5jbHVzaXZlTmFtZXNwYWNlcyB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiBQcmVmaXhMaXN0PSJjb2RlIGRzIGtpbmQgcncgc2FtbCBzYW1scCB0eXBlbnMgI2RlZmF1bHQgeHNkIHhzaSIvPgoJCQkJCTwvZHM6VHJhbnNmb3JtPgoJCQkJPC9kczpUcmFuc2Zvcm1zPgoJCQkJPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+CgkJCQk8ZHM6RGlnZXN0VmFsdWU+YVBUZkVnR3FLNTlhWlFxMURWb3RVamM2eTUwPTwvZHM6RGlnZXN0VmFsdWU+CgkJCTwvZHM6UmVmZXJlbmNlPgoJCTwvZHM6U2lnbmVkSW5mbz4KCQk8ZHM6U2lnbmF0dXJlVmFsdWU+UnJZbXJRK1RPNWlUcWFqcFlKdnp3RUlQdlIyb3psUTlsK2M4TVcxN3Y4aVdYaUFKTUwzbWlablZSTndPdlFTTQpSaHJXSG9vTWZJdjc2TlNnT3kzSjVwcG5WVWQxZExmS1JFcDhlRzV4czlGdDFlUDNLaEY4QzZUS0kxdjNKckFWClRURGhScDFRMkliSEYzY0gxMzNGeGRTSXkrSjloajU0V1IrSU1BTnV6N1lLYjVLNmloM2tvcG5XZmhCcXVrMVgKVUxFcXYzMFJacVBuc0J0RWZ1R1E0UE9vZEYvZEg0WDRlalBhU3psS01hTit6RVl3MjNUcGFNbjdrblBSdmNsbQpHV3NpM3JqVC9FeHRrM3RFWGRid1pRS3NFeVMveFJ1Q0hqNUs1VmR5K1lpVWU1blVoSnJmbHdiODl2ejFIaXFIClU0cTNTYUNBaHdrSmlUVnh5aWxycVE9PTwvZHM6U2lnbmF0dXJlVmFsdWU+CgkJPGRzOktleUluZm8+CgkJCTxkczpYNTA5RGF0YT4KCQkJCQoJCQk8ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUVTakNDQXpLZ0F3SUJBZ0lKQU4xMDdqczQ0WVBOTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdTTVFzd0NRWUQKVlFRR0V3SlZVekVMTUFrR0ExVUVDQk1DU1VFeEpEQWlCZ05WQkFvVEcwSnliMnRsY25NZ1NXNTBaWEp1WVhScApiMjVoYkN3Z1RIUmtMakVmTUIwR0ExVUVDeE1XU1c1bWIzSnRZWFJwYjI0Z1ZHVmphRzV2Ykc5bmVURVFNQTRHCkExVUVBeE1IUTBFZ1VrOVBWREVkTUJzR0NTcUdTSWIzRFFFSkFSWU9jbVIxZWtCaWFXeDBaQzVqYjIwd0hoY04KTVRnd05UQTVNakF3TXpNNVdoY05Nak13TlRBNE1qQXdNek01V2pDQnVERUxNQWtHQTFVRUJoTUNWVk14Q3pBSgpCZ05WQkFnVEFrbEJNUkl3RUFZRFZRUUhFd2xWY21KaGJtUmhiR1V4SkRBaUJnTlZCQW9URzBKeWIydGxjbk1nClNXNTBaWEp1WVhScGIyNWhiQ3dnVEhSa0xqRWZNQjBHQTFVRUN4TVdTVzVtYjNKdFlYUnBiMjRnVkdWamFHNXYKYkc5bmVURWhNQjhHQTFVRUF4UVlhWEJwY0dWc2FXNWxYM0J5YjJRdVltbHNkR1F1WTI5dE1SNHdIQVlKS29aSQpodmNOQVFrQkZnOWhaRzFwYmtCaWFXeDBaQzVqYjIwd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3CmdnRUtBb0lCQVFDKzBwYmVRV1Nyelg1d015R251VGhLTXBnU211THJjQ3I3eE85UWwveDc5ZmtJR21MNDUxYXkKN253NGs4R3JlTFpyaitObFFRUGMwR2FIc20vUUxtV1FvT1RsZHlabER0L0pFeGlsRFBpNUhVL1FOTHZ0TFhtaQo4Mkx5aUFBZkoxSkNxams0MkgxS1BrUzQ3ZXlGR0xsS0JHWXhSVk90dUpLVVdoV21XWXlMbk9ZUnhOSk55Q09uCkxDMnVLTWNDOHdTanNqcnhlWXdabmVQWEJaV3NZVTMycWx0dnBEbG5zU2dhdmF0ekJ2QVhJcG5pWDF6MFBHUjQKK0s0ODlkUEVCS2NyYUlUSEpJUWpFbEpCdmxBenhHem9oMnhvNWFYZDJjd1JZWmQxMTZEZzlDTHBiem1iR2s1OQpwN1dsdUIwMGxVQTJUcHhnZmp2WmtkU1ZaOVZ1MTVnVEFnTUJBQUdqZXpCNU1Ba0dBMVVkRXdRQ01BQXdMQVlKCllJWklBWWI0UWdFTkJCOFdIVTl3Wlc1VFUwd2dSMlZ1WlhKaGRHVmtJRU5sY25ScFptbGpZWFJsTUIwR0ExVWQKRGdRV0JCUXBwT3VaNFlGdjN1c0c3K0hab1h3TjRxMzVlakFmQmdOVkhTTUVHREFXZ0JUcHhDanBtWDdMMzF5Ywp6MkgrQWo4bTlRc0ZZREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBU1M2Y0JzcXZHZFBIaUVZbStDUGVDb3h2Cld4NVFqYjZRNVFxOElNTEV2ejkxMFlRMFlYRWNxTStpUmZrbHU1WGx6Y1E4YXoxU3pBdUFuWUJvT3NKNW5XcVUKYTBNanV0bm03cEpqa29iSG1SWXN4enZDWkxGcXlmNCtPeTY5Z21ZZFJRWjFNZENiRVI2dG9mOXZvckVOcW1XOQp6Wkd5RXNkcUptMzlSNWxPWVVhOTRKOHNsaWdXN1ZpRUNicVIyRGxUVnVoTTFZUmNjdDRHSTg5MUFVdGRHaE91CmhxQU5qTDhmUCtiT212WWoyRUhRMVZsc1Y5S0RsTkE2UkNCZU1jWVNKK1VzTysxVDNVNm9vS3FxVHVkYU0ra28KYWxwUjNNdjhGL2syWk1keWZqeGRNaTdnN1MyWFBaa1ZmVTUvRm13QWk5bVp2SXJDeUdVNWxPZUIybi9xNEE9PTwvZHM6WDUwOUNlcnRpZmljYXRlPgo8L2RzOlg1MDlEYXRhPgoJCTwvZHM6S2V5SW5mbz4KCTwvZHM6U2lnbmF0dXJlPgoJPFN0YXR1cz4KCQk8U3RhdHVzQ29kZSBWYWx1ZT0ic2FtbHA6U3VjY2VzcyIvPgoJPC9TdGF0dXM+Cgk8QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6YXNzZXJ0aW9uIiBBc3NlcnRpb25JRD0iM2VjOGY0YTItZWNjMy00M2I4LWFlZDUtMzQ2YTM2YjI2M2MwIiBJc3N1ZUluc3RhbnQ9IjIwMTgtMTItMTRUMDk6NTg6NDEuMDAwMDAwWiIgSXNzdWVyPSJodHRwOi8vd3d3LmJpbHRkLmNvbS9zYW1sYXNzZXJ0aW5ncGFydHkvQVAiIE1ham9yVmVyc2lvbj0iMSIgTWlub3JWZXJzaW9uPSIxIj4KCQk8Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTgtMTItMTRUMDk6NDg6NDEuMDAwMDAwWiIgTm90T25PckFmdGVyPSIyMDE4LTEyLTE0VDEwOjA4OjQxLjAwMDAwMFoiPgoJCQk8QXVkaWVuY2VSZXN0cmljdGlvbkNvbmRpdGlvbj4KCQkJCTxBdWRpZW5jZT5mZWRlcmF0ZS5pcGlwZWxpbmUuY29tOnNhbWwxPC9BdWRpZW5jZT4KCQkJPC9BdWRpZW5jZVJlc3RyaWN0aW9uQ29uZGl0aW9uPgoJCTwvQ29uZGl0aW9ucz4KCQk8QXV0aGVudGljYXRpb25TdGF0ZW1lbnQgQXV0aGVudGljYXRpb25JbnN0YW50PSIyMDE4LTEyLTE0VDA5OjU4OjQxLjAwMDAwMFoiIEF1dGhlbnRpY2F0aW9uTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6YW06cGFzc3dvcmQiPgoJCQk8U3ViamVjdD4KCQkJCTxOYW1lSWRlbnRpZmllciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0Olg1MDlTdWJqZWN0TmFtZSIgTmFtZVF1YWxpZmllcj0iaXBpcGVsaW5lLmNvbSI+dWlkPTwvTmFtZUlkZW50aWZpZXI+CgkJCQk8U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCQk8Q29uZmlybWF0aW9uTWV0aG9kPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDpjbTpiZWFyZXI8L0NvbmZpcm1hdGlvbk1ldGhvZD4KCQkJCTwvU3ViamVjdENvbmZpcm1hdGlvbj4KCQkJPC9TdWJqZWN0PgoJCTwvQXV0aGVudGljYXRpb25TdGF0ZW1lbnQ+CgkJPEF0dHJpYnV0ZVN0YXRlbWVudD4KCQkJPFN1YmplY3Q+CgkJCQk8TmFtZUlkZW50aWZpZXIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDpYNTA5U3ViamVjdE5hbWUiIE5hbWVRdWFsaWZpZXI9ImlwaXBlbGluZS5jb20iPnVpZD08L05hbWVJZGVudGlmaWVyPgoJCQkJPFN1YmplY3RDb25maXJtYXRpb24+CgkJCQkJPENvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6Y206YmVhcmVyPC9Db25maXJtYXRpb25NZXRob2Q+CgkJCQk8L1N1YmplY3RDb25maXJtYXRpb24+CgkJCTwvU3ViamVjdD4KCQkJPEF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDb21wYW55SWRlbnRpZmllciIgQXR0cmlidXRlTmFtZXNwYWNlPSJpcGlwZWxpbmUuY29tIj4KCQkJCTxBdHRyaWJ1dGVWYWx1ZT41NzI0PC9BdHRyaWJ1dGVWYWx1ZT4KCQkJPC9BdHRyaWJ1dGU+CgkJCTxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2hhbm5lbE5hbWUiIEF0dHJpYnV0ZU5hbWVzcGFjZT0iaXBpcGVsaW5lLmNvbSI+CgkJCQk8QXR0cmlidXRlVmFsdWU+QklMPC9BdHRyaWJ1dGVWYWx1ZT4KCQkJPC9BdHRyaWJ1dGU+CgkJCTxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQWN0aW9uIiBBdHRyaWJ1dGVOYW1lc3BhY2U9ImlwaXBlbGluZS5jb20iPgoJCQkJPEF0dHJpYnV0ZVZhbHVlPkNSRUFURTwvQXR0cmlidXRlVmFsdWU+CgkJCTwvQXR0cmlidXRlPgoJCQk8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9Ikdyb3VwcyIgQXR0cmlidXRlTmFtZXNwYWNlPSJpcGlwZWxpbmUuY29tIj4KCQkJCTxBdHRyaWJ1dGVWYWx1ZT4wNTcyNC1Vc2Vyc0dyb3VwPC9BdHRyaWJ1dGVWYWx1ZT4KCQkJPC9BdHRyaWJ1dGU+CgkJCTxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iVGltZW91dFVSTCIgQXR0cmlidXRlTmFtZXNwYWNlPSJpcGlwZWxpbmUuY29tIj4KCQkJCTxBdHRyaWJ1dGVWYWx1ZS8+CgkJCTwvQXR0cmlidXRlPgoJCQk8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9IkFwcGxpY2F0aW9uRGF0YSIgQXR0cmlidXRlTmFtZXNwYWNlPSJpcGlwZWxpbmUuY29tIj4KCQkJICA8QXR0cmlidXRlVmFsdWU+CiAgICAgICAgICAmbHQ7aUdvQXBwbGljYXRpb25EYXRhJmd0OwoJCQkgICAgICAmbHQ7VXNlckRhdGEmZ3Q7CgkJCSAgICAgICAgJmx0O0RhdGEgTmFtZT0iRmlyc3ROYW1lIiZndDsmbHQ7L0RhdGEmZ3Q7CgkJCSAgICAgICAgJmx0O0RhdGEgTmFtZT0iTGFzdE5hbWUiJmd0OyZsdDsvRGF0YSZndDsKCQkJICAgICAgICAmbHQ7RGF0YSBOYW1lPSJFbWFpbCImZ3Q7Jmx0Oy9EYXRhJmd0OwoJCQkgICAgICAgICZsdDtEYXRhIE5hbWU9IlVwZGF0ZVVzZXJQcm9maWxlIiZndDtUcnVlJmx0Oy9EYXRhJmd0OwoJCQkgICAgICAmbHQ7L1VzZXJEYXRhJmd0OwoJCQkgICAgJmx0Oy9pR29BcHBsaWNhdGlvbkRhdGEmZ3Q7CgkJCSAgPC9BdHRyaWJ1dGVWYWx1ZT4KCQkJPC9BdHRyaWJ1dGU+CgkJPC9BdHRyaWJ1dGVTdGF0ZW1lbnQ+Cgk8L0Fzc2VydGlvbj4KPC9SZXNwb25zZT4K