Spring Boot Server Logs Viewer
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 08:55:06 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from MockIDP
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: []
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : MockIDP
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: MockIDP
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-05-06T08:45:23Z' against 'skewed now' time '2026-05-06T09:00:24.015272099Z'
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-05-06T09:05:23Z' against 'skewed now' time '2026-05-06T08:50:24.015272099Z'
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box]
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-05-06T09:05:23Z' against 'skewed now' time '2026-05-06T08:50:24.015523116Z'
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ2891483-dc66-4817-a68a-315cf77fec45
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ2891483-dc66-4817-a68a-315cf77fec45
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [s2f9422865e33d9dbd4e870518c04411bb08f55350]
2026-05-06 08:55:24 [https-jsse-nio-443-exec-14] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@b7f5ee0c, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=167.127.90.97, SessionId=97BEEF884CCDA2D9C558C943C8F32CCC], Granted Authorities=[ROLE_USER]]
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6
cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9z
c28iIElEPSJzMmY5NDIyODY1ZTMzZDlkYmQ0ZTg3MDUxOGMwNDQxMWJiMDhmNTUzNTAiIEluUmVz
cG9uc2VUbz0iQVJRMjg5MTQ4My1kYzY2LTQ4MTctYTY4YS0zMTVjZjc3ZmVjNDUiIElzc3VlSW5z
dGFudD0iMjAyNi0wNS0wNlQwODo1NToyM1oiIFZlcnNpb249IjIuMCI+PHNhbWw6SXNzdWVyIHht
bG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPk1vY2tJRFA8
L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpv
YXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxz
YW1sOkFzc2VydGlvbiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz
ZXJ0aW9uIiBJRD0iczJmYjllYTA3MDBlOTFiMzQwMTZhNzM1M2Q5OTJlODE0NjAxNGQyZjNiIiBJ
c3N1ZUluc3RhbnQ9IjIwMjYtMDUtMDZUMDg6NTU6MjNaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklz
c3Vlcj5Nb2NrSURQPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2Fs
aXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4
Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9y
Zy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNz
MmZiOWVhMDcwMGU5MWIzNDAxNmE3MzUzZDk5MmU4MTQ2MDE0ZDJmM2IiPjxkczpUcmFuc2Zvcm1z
PjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRz
aWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRp
Z2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3No
YTI1NiIvPjxkczpEaWdlc3RWYWx1ZT5FNkRoYldrVzRUNjNpeTFCQkVZR1JSNUtrVnRwd2ErbDZq
bXRtaGdILzBZPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZv
PjxkczpTaWduYXR1cmVWYWx1ZT5OV01uVHhVWDBKMWdTMHIwYnJ6TFNpaFlNK0VCRWhublU2L1BG
d0pEV0RiSWdxZm41L09NcE0wNFRJNmtrL0RrMkJaazR2bXJBMnZoejM1RjdZRndkVHliQk95T1hx
dkdBYTVBb0d1MnZLRGZKVTk1eDk0ak1GOUJKb1UyRFBUamkxY29aazhkWFo3NjlhQkVHcTcyNFlp
ZjZRSExSQjF0OHUrdTdlTDJOTjlLVVI1NHhGVVR6R2lYQmtVVTNYdThFQ2tXWGtZeVluNWFSWDl6
NzRCSEhtWnovTFVUVXJuK3gxMTQ1QXdWdURIMlJnSnhqeXJEYkFqNzY1ZEFHVVRqaWcreEdpb0po
amEzTGE3bUcwM1cyNjdCK2JuNTRQaWVIaVZjWStFU2FTbUd2aWNRbWduNnovNlhsY2ZPU2U2UUs3
Z2graGJSaXZuamcrYStoTUtJMVE9PTwvZHM6U2lnbmF0dXJlVmFsdWU+PGRzOktleUluZm8+PGRz
Olg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJRjl6Q0NBOStnQXdJQkFnSVRXQUFBNTRo
ZEVkRXVMY3NGNFFBQUFBRG5pREFOQmdrcWhraUc5dzBCQVFzRkFEQkhNUkl3RUFZS0NaSW1pWlB5
TEdRQkdSWUNZMkV4RnpBVkJnb0praWFKay9Jc1pBRVpGZ2RoWTJkd2NtOWtNUmd3RmdZRFZRUURF
dzlCUTBkUWNtOWtMVWx6YzNWbFEwRXdIaGNOTWpZd01qSTFNVGt4TWpRd1doY05NamN3TWpJMU1U
a3hNalF3V2pDQmt6RUxNQWtHQTFVRUJoTUNRMEV4RURBT0JnTlZCQWdUQjA5dWRHRnlhVzh4RURB
T0JnTlZCQWNUQjFSdmNtOXVkRzh4R0RBV0JnTlZCQW9URDBGc2JITjBZWFJsSUVOaGJtRmtZVEVm
TUIwR0ExVUVDeE1XU1c1bWIzSnRZWFJwYjI0Z1ZHVmphRzV2Ykc5bmVURWxNQ01HQTFVRUF4TWNZ
V05uWldsaGJYTmhiV3h6Ym1SaWVDNWhiR3h6ZEdGMFpTNWpZVENDQVNJd0RRWUpLb1pJaHZjTkFR
RUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNaEhUWE1kZElvaE1GRzZHSDFWUmtxQVJyZ2hrYVlDU2Jz
TmhvVjVKeFJxSU8xSzA3dmRZTzY4V2lrcW1tSDhSWjBHWk8vZjNxcXdJRWFEYlltNlNiOGpDUjhN
OWdsbTFvZ2FBQkxvbTIvRHFWb3ViZnFYNXNZMkg2cHJGKzBScGRqemd3UGNOTnMyVldrMVgxZ2My
K0YxS3V2NVdOTDZlU1hCRW5qcUhncnBxUjVIUXRBVXM3TU5ubXJOdmpwcmdlK210cUlod0ZuOFF4
QWE0VEVlaktlRFQwcGU5WEJmUzY3Y2ZvN1RQTGZDMkdnR2Nqa3dEcGZsa2FLVGx1QThrVkxySjYv
djJlSFpsWW5YcmQ3UVJwU2NiV3RmNENVN3FUNHhkYW1YVnNqRU1kZTQzenBSaVZQV1RyTExwR21o
VGgvMC9XOGJtemxhVHBwRkZJcWlZL1VDQXdFQUFhT0NBWTB3Z2dHSk1Bc0dBMVVkRHdRRUF3SUZv
REE4QmdrckJnRUVBWUkzRlFjRUx6QXRCaVVyQmdFRUFZSTNGUWlHbHI5dmhQQ2xSb1NGbHhqZjZB
S0VwZndGZVllbTJpaUhwczU5QWdGa0FnRWtNQjBHQTFVZERnUVdCQlJiTHpVSU5sdDROd3V3N3h2
MzNUZHZXMDJCQ0RBZkJnTlZIU01FR0RBV2dCUnlvMGxIOVZkL2Y4RGVUUXBVTzRTc0luQit1REJL
QmdOVkhSOEVRekJCTUQrZ1BhQTdoamxvZEhSd09pOHZZV05uY0d0cExtRmpaM0J5YjJRdVkyRXZZ
MkZ5WlhCdmMybDBiM0o1TDBGRFIxQlNUMFF0U1hOemRXVkRRUzVqY213d1ZRWUlLd1lCQlFVSEFR
RUVTVEJITUVVR0NDc0dBUVVGQnpBQ2hqbG9kSFJ3T2k4dllXTm5jR3RwTG1GalozQnliMlF1WTJF
dlkyRnlaWEJ2YzJsMGIzSjVMMEZEUjFCU1QwUXRTWE56ZFdWRFFTNWpjblF3RXdZRFZSMGxCQXd3
Q2dZSUt3WUJCUVVIQXdFd0d3WUpLd1lCQkFHQ054VUtCQTR3RERBS0JnZ3JCZ0VGQlFjREFUQW5C
Z05WSFJFRUlEQWVnaHhoWTJkbGFXRnRjMkZ0YkhOdVpHSjRMbUZzYkhOMFlYUmxMbU5oTUEwR0NT
cUdTSWIzRFFFQkN3VUFBNElDQVFDbTNUTlc5RWxuTFFMM2ZBUkV5dDhYbE5HWDFSQnJ3THEzbzI4
VWJLUXFkYWhjdjZhcytCRlNudVRnc0dOaVpCVGx0SXR0Q2Urb2srOFdMWWRmckZJM0FMQVkxenA4
RXRtMnpvdVdoQXdwenBDSTNpM2M2Sngyb3lYbEJybXk1NHluR1k2RGxXdmhtb2UwQzZhZnJCdEVO
Tm5xQk16d2ZFQWY5dVNuTWRoWHZoUysyYm5sSGZkZ3gxZDQwaE14YkZOa2F4aG9JNWRoYWwvZGtQ
VG92U1drcGszOFlBQ3V2MlY0aEtaUVVwcko1V1QwNHBQNUM3MUcyMnJvQjdnYzREVW5oY3IyaGcv
WWtuMHhMeWd4SlVoS01nUU5FYmhVNjQ2eURaMjJHbkF4T0w1OEpucEZML0Rwc0lXb0M2NFByekZU
T0N5bmZ4VldpQzkzdEhCc0hQSTVEZ3dyZHNCOUVTMnVZLzc5VGFHSWtTSC9RNHlqV3k2a1FkRmVm
WUFuSlRQMEVkNmlWUDVYOHV3WDB6TDJIc1ZnK2kwUzdJU0tEWmt2c3FHd29NaHFUM3RuZ0xVQ0Q3
ZmE5d0o5Y3BTRmluU2pWSFduVzYvejB5L2NSZU45WFhQUXRzWnhKTDEyV3AxQm44MzBSN0REUXVG
cUt2dGdUM0tJN3cySVJUS2h5SEJPeTFjWUJML3c4TVoyTEZtY3JCUWVjbmVqU3Y4WXdTdTdkREJr
VktpYWVrTUh2dlNZQnNicTBZNG9Wd2FDeS9wcCtwaHdxcmk3L3FBSUdNOVBIM1piQ1Nrc0l6cTNq
REd4Y1lTYmZVNHNBMmZnZjl2c0NrcnJ4Q3RGL1VhZDk2V1JKYVAwakJQVllDSDBNOFR0YjRVWE1T
a3V1SHFLd2J0YjEycmQ1STE3eWc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+
PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZv
cm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZp
ZWQiIE5hbWVRdWFsaWZpZXI9Ik1vY2tJRFAiIFNQTmFtZVF1YWxpZmllcj0ic2FtbC1ib3giPmFk
a3VtYXIwY2E8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1
cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uRGF0YSBJblJlc3BvbnNlVG89IkFSUTI4OTE0ODMtZGM2Ni00ODE3LWE2OGEtMzE1Y2Y3
N2ZlYzQ1IiBOb3RPbk9yQWZ0ZXI9IjIwMjYtMDUtMDZUMDk6MDU6MjNaIiBSZWNpcGllbnQ9Imh0
dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTA1
LTA2VDA4OjQ1OjIzWiIgTm90T25PckFmdGVyPSIyMDI2LTA1LTA2VDA5OjA1OjIzWiI+PHNhbWw6
QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5zYW1sLWJveDwvc2FtbDpBdWRpZW5j
ZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRo
blN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjYtMDUtMDZUMDg6NTU6MjJaIiBTZXNzaW9uSW5k
ZXg9InMyMjg1NDE2OGMxN2JkZTMwMWQwMjQwYmZlNGRmMDMzZjI0ZjcxODYwMSI+PHNhbWw6QXV0
aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpT
QU1MOjIuMDphYzpjbGFzc2VzOnVuc3BlY2lmaWVkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVm
Pjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0
ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0id29ya2RheUlEIj48c2FtbDpBdHRyaWJ1
dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5z
OnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBl
PSJ4czpzdHJpbmciPkMyMDAwMTAzODwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmli
dXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzYU1BY2NvdW50TmFtZSI+PHNhbWw6QXR0cmlidXRl
VmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4
c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0i
eHM6c3RyaW5nIj5hZGt1bWFyMGNhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1
dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxu
czp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDov
L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmci
PmFka3VtYXJAYWxsc3RhdGUuY2E8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0
ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iTmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6
eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93
d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5L
dW1hciwgQWRpdHlhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1s
OkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] INFO c.b.s.c.SamlResponseController - Relay State: e7927d58-29f8-4978-833c-5170f4664521
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 08:55:24 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 08:56:38 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 08:57:14 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from MockIDP
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: []
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : MockIDP
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: MockIDP
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-05-06T08:47:37Z' against 'skewed now' time '2026-05-06T09:02:37.973362681Z'
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-05-06T09:07:37Z' against 'skewed now' time '2026-05-06T08:52:37.973362681Z'
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box]
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-05-06T09:07:37Z' against 'skewed now' time '2026-05-06T08:52:37.973476075Z'
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ44935a6-a8e4-4e45-a88b-2a1a6d39dd2f
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] WARN o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Valid InResponseTo was not available from the validation context, unable to evaluate SubjectConfirmationData@InResponseTo
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.o.s.s.a.SAML20AssertionValidator - No subject confirmation methods were met for assertion with ID 's221966648bc7a39f08366962ed2190cd4049103e3'
2026-05-06 08:57:37 [https-jsse-nio-443-exec-99] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Found 2 validation errors in SAML response [s2d0ac5fd219be51106ed744e29b791920e31c204e]
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 09:17:15 [https-jsse-nio-443-exec-99] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from MockIDP
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: []
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : MockIDP
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: MockIDP
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-05-06T09:07:37Z' against 'skewed now' time '2026-05-06T09:22:37.706175861Z'
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-05-06T09:27:37Z' against 'skewed now' time '2026-05-06T09:12:37.706175861Z'
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box]
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-05-06T09:27:37Z' against 'skewed now' time '2026-05-06T09:12:37.706311991Z'
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ854d9dd-1600-47ee-b10e-7837f9ca459b
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] WARN o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Valid InResponseTo was not available from the validation context, unable to evaluate SubjectConfirmationData@InResponseTo
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.o.s.s.a.SAML20AssertionValidator - No subject confirmation methods were met for assertion with ID 's29ad09a30596c04bab7a7016dddc7c992ba9c6b64'
2026-05-06 09:17:37 [https-jsse-nio-443-exec-14] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Found 2 validation errors in SAML response [s2d043aac2f2182fd2098f6ee68573b75e345cb7d5]
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 09:18:59 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 09:18:59 [https-jsse-nio-443-exec-14] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from MockIDP
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: []
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : MockIDP
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: MockIDP
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-05-06T09:09:07Z' against 'skewed now' time '2026-05-06T09:24:07.682539337Z'
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-05-06T09:29:07Z' against 'skewed now' time '2026-05-06T09:14:07.682539337Z'
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box]
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-05-06T09:29:07Z' against 'skewed now' time '2026-05-06T09:14:07.682648613Z'
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ5782436-545c-416d-baf9-110b9d0242e7
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ5782436-545c-416d-baf9-110b9d0242e7
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [s204bfc017ec27938494341f015a380211f3ebd28d]
2026-05-06 09:19:07 [https-jsse-nio-443-exec-100] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@b7f5ee0c, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=167.127.90.97, SessionId=F59DFEA3847E3BE823300BF12415243C], Granted Authorities=[ROLE_USER]]
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6
cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9z
c28iIElEPSJzMjA0YmZjMDE3ZWMyNzkzODQ5NDM0MWYwMTVhMzgwMjExZjNlYmQyOGQiIEluUmVz
cG9uc2VUbz0iQVJRNTc4MjQzNi01NDVjLTQxNmQtYmFmOS0xMTBiOWQwMjQyZTciIElzc3VlSW5z
dGFudD0iMjAyNi0wNS0wNlQwOToxOTowN1oiIFZlcnNpb249IjIuMCI+PHNhbWw6SXNzdWVyIHht
bG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPk1vY2tJRFA8
L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpv
YXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxz
YW1sOkFzc2VydGlvbiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz
ZXJ0aW9uIiBJRD0iczIwODU5NjQyNzQyMzM2ZjBhM2E4MDhmOGFmNmVjZDE0Nzg4MzBmYjBkIiBJ
c3N1ZUluc3RhbnQ9IjIwMjYtMDUtMDZUMDk6MTk6MDdaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklz
c3Vlcj5Nb2NrSURQPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2Fs
aXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4
Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9y
Zy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNz
MjA4NTk2NDI3NDIzMzZmMGEzYTgwOGY4YWY2ZWNkMTQ3ODgzMGZiMGQiPjxkczpUcmFuc2Zvcm1z
PjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRz
aWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRp
Z2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3No
YTI1NiIvPjxkczpEaWdlc3RWYWx1ZT5KblhDUk13OHpGaHkvK25PeVN0MUJmZEFaSmVKN2JldkZX
dHJkUk9jeDVnPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZv
PjxkczpTaWduYXR1cmVWYWx1ZT5XNGlKT2c3eFJtZ3RyMXRydHZnTVMxOVhJN01BWDVoR0oyQ2Za
cGlWTUY1cmRkcFRFNmFMaC9vaXEzY3JJR01OR3FvbHJEWU5DWmpIVVRmN2dvNUpkK2hreEJyYmF3
Wnk4ZHNiNVNWNXErWmowS0VsMHFXRzduNDFJTU5rTUwyVlMxV3czRVlSQjJ2STRmeEY0TkZzU0tn
NmtaWjRpcUJBcU5LVGtPRG1iNExsdHFBY1NJNk0reFROL2dURFpJY09DUU9oL1pyZHQ0WWwwc2Zn
ZWxBcmQ4NktuSTVRSktyTDZFVDlmUzBiZWxsUzBFUkYxdXhuTVQyL2JBbldSS0lIZTMzS0tOZU5F
UjM3WWNkOWgvN00xekVrVU5GbnM3VmtPUThtOG5OTVAvYVp4Z2JnT3dwdFA5WnM3TUJ4aHBXd1di
UmJWc2RxZjhrQm1NZTQxR0tZdUE9PTwvZHM6U2lnbmF0dXJlVmFsdWU+PGRzOktleUluZm8+PGRz
Olg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJRjl6Q0NBOStnQXdJQkFnSVRXQUFBNTRo
ZEVkRXVMY3NGNFFBQUFBRG5pREFOQmdrcWhraUc5dzBCQVFzRkFEQkhNUkl3RUFZS0NaSW1pWlB5
TEdRQkdSWUNZMkV4RnpBVkJnb0praWFKay9Jc1pBRVpGZ2RoWTJkd2NtOWtNUmd3RmdZRFZRUURF
dzlCUTBkUWNtOWtMVWx6YzNWbFEwRXdIaGNOTWpZd01qSTFNVGt4TWpRd1doY05NamN3TWpJMU1U
a3hNalF3V2pDQmt6RUxNQWtHQTFVRUJoTUNRMEV4RURBT0JnTlZCQWdUQjA5dWRHRnlhVzh4RURB
T0JnTlZCQWNUQjFSdmNtOXVkRzh4R0RBV0JnTlZCQW9URDBGc2JITjBZWFJsSUVOaGJtRmtZVEVm
TUIwR0ExVUVDeE1XU1c1bWIzSnRZWFJwYjI0Z1ZHVmphRzV2Ykc5bmVURWxNQ01HQTFVRUF4TWNZ
V05uWldsaGJYTmhiV3h6Ym1SaWVDNWhiR3h6ZEdGMFpTNWpZVENDQVNJd0RRWUpLb1pJaHZjTkFR
RUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNaEhUWE1kZElvaE1GRzZHSDFWUmtxQVJyZ2hrYVlDU2Jz
TmhvVjVKeFJxSU8xSzA3dmRZTzY4V2lrcW1tSDhSWjBHWk8vZjNxcXdJRWFEYlltNlNiOGpDUjhN
OWdsbTFvZ2FBQkxvbTIvRHFWb3ViZnFYNXNZMkg2cHJGKzBScGRqemd3UGNOTnMyVldrMVgxZ2My
K0YxS3V2NVdOTDZlU1hCRW5qcUhncnBxUjVIUXRBVXM3TU5ubXJOdmpwcmdlK210cUlod0ZuOFF4
QWE0VEVlaktlRFQwcGU5WEJmUzY3Y2ZvN1RQTGZDMkdnR2Nqa3dEcGZsa2FLVGx1QThrVkxySjYv
djJlSFpsWW5YcmQ3UVJwU2NiV3RmNENVN3FUNHhkYW1YVnNqRU1kZTQzenBSaVZQV1RyTExwR21o
VGgvMC9XOGJtemxhVHBwRkZJcWlZL1VDQXdFQUFhT0NBWTB3Z2dHSk1Bc0dBMVVkRHdRRUF3SUZv
REE4QmdrckJnRUVBWUkzRlFjRUx6QXRCaVVyQmdFRUFZSTNGUWlHbHI5dmhQQ2xSb1NGbHhqZjZB
S0VwZndGZVllbTJpaUhwczU5QWdGa0FnRWtNQjBHQTFVZERnUVdCQlJiTHpVSU5sdDROd3V3N3h2
MzNUZHZXMDJCQ0RBZkJnTlZIU01FR0RBV2dCUnlvMGxIOVZkL2Y4RGVUUXBVTzRTc0luQit1REJL
QmdOVkhSOEVRekJCTUQrZ1BhQTdoamxvZEhSd09pOHZZV05uY0d0cExtRmpaM0J5YjJRdVkyRXZZ
MkZ5WlhCdmMybDBiM0o1TDBGRFIxQlNUMFF0U1hOemRXVkRRUzVqY213d1ZRWUlLd1lCQlFVSEFR
RUVTVEJITUVVR0NDc0dBUVVGQnpBQ2hqbG9kSFJ3T2k4dllXTm5jR3RwTG1GalozQnliMlF1WTJF
dlkyRnlaWEJ2YzJsMGIzSjVMMEZEUjFCU1QwUXRTWE56ZFdWRFFTNWpjblF3RXdZRFZSMGxCQXd3
Q2dZSUt3WUJCUVVIQXdFd0d3WUpLd1lCQkFHQ054VUtCQTR3RERBS0JnZ3JCZ0VGQlFjREFUQW5C
Z05WSFJFRUlEQWVnaHhoWTJkbGFXRnRjMkZ0YkhOdVpHSjRMbUZzYkhOMFlYUmxMbU5oTUEwR0NT
cUdTSWIzRFFFQkN3VUFBNElDQVFDbTNUTlc5RWxuTFFMM2ZBUkV5dDhYbE5HWDFSQnJ3THEzbzI4
VWJLUXFkYWhjdjZhcytCRlNudVRnc0dOaVpCVGx0SXR0Q2Urb2srOFdMWWRmckZJM0FMQVkxenA4
RXRtMnpvdVdoQXdwenBDSTNpM2M2Sngyb3lYbEJybXk1NHluR1k2RGxXdmhtb2UwQzZhZnJCdEVO
Tm5xQk16d2ZFQWY5dVNuTWRoWHZoUysyYm5sSGZkZ3gxZDQwaE14YkZOa2F4aG9JNWRoYWwvZGtQ
VG92U1drcGszOFlBQ3V2MlY0aEtaUVVwcko1V1QwNHBQNUM3MUcyMnJvQjdnYzREVW5oY3IyaGcv
WWtuMHhMeWd4SlVoS01nUU5FYmhVNjQ2eURaMjJHbkF4T0w1OEpucEZML0Rwc0lXb0M2NFByekZU
T0N5bmZ4VldpQzkzdEhCc0hQSTVEZ3dyZHNCOUVTMnVZLzc5VGFHSWtTSC9RNHlqV3k2a1FkRmVm
WUFuSlRQMEVkNmlWUDVYOHV3WDB6TDJIc1ZnK2kwUzdJU0tEWmt2c3FHd29NaHFUM3RuZ0xVQ0Q3
ZmE5d0o5Y3BTRmluU2pWSFduVzYvejB5L2NSZU45WFhQUXRzWnhKTDEyV3AxQm44MzBSN0REUXVG
cUt2dGdUM0tJN3cySVJUS2h5SEJPeTFjWUJML3c4TVoyTEZtY3JCUWVjbmVqU3Y4WXdTdTdkREJr
VktpYWVrTUh2dlNZQnNicTBZNG9Wd2FDeS9wcCtwaHdxcmk3L3FBSUdNOVBIM1piQ1Nrc0l6cTNq
REd4Y1lTYmZVNHNBMmZnZjl2c0NrcnJ4Q3RGL1VhZDk2V1JKYVAwakJQVllDSDBNOFR0YjRVWE1T
a3V1SHFLd2J0YjEycmQ1STE3eWc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+
PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZv
cm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZp
ZWQiIE5hbWVRdWFsaWZpZXI9Ik1vY2tJRFAiIFNQTmFtZVF1YWxpZmllcj0ic2FtbC1ib3giPmFk
a3VtYXIwY2E8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1
cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uRGF0YSBJblJlc3BvbnNlVG89IkFSUTU3ODI0MzYtNTQ1Yy00MTZkLWJhZjktMTEwYjlk
MDI0MmU3IiBOb3RPbk9yQWZ0ZXI9IjIwMjYtMDUtMDZUMDk6Mjk6MDdaIiBSZWNpcGllbnQ9Imh0
dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTA1
LTA2VDA5OjA5OjA3WiIgTm90T25PckFmdGVyPSIyMDI2LTA1LTA2VDA5OjI5OjA3WiI+PHNhbWw6
QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5zYW1sLWJveDwvc2FtbDpBdWRpZW5j
ZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRo
blN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjYtMDUtMDZUMDk6MTk6MDdaIiBTZXNzaW9uSW5k
ZXg9InMyMjg1NDE2OGMxN2JkZTMwMWQwMjQwYmZlNGRmMDMzZjI0ZjcxODYwMSI+PHNhbWw6QXV0
aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpT
QU1MOjIuMDphYzpjbGFzc2VzOnVuc3BlY2lmaWVkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVm
Pjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0
ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0id29ya2RheUlEIj48c2FtbDpBdHRyaWJ1
dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5z
OnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBl
PSJ4czpzdHJpbmciPkMyMDAwMTAzODwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmli
dXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzYU1BY2NvdW50TmFtZSI+PHNhbWw6QXR0cmlidXRl
VmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4
c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0i
eHM6c3RyaW5nIj5hZGt1bWFyMGNhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1
dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImRlcGFydG1lbnQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVl
IHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJo
dHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0
cmluZyI+OTU5YzU5YTQtMjJiMC00MzNmLThkYjEtMDlhNWUxNmRiODcyPC9zYW1sOkF0dHJpYnV0
ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVtYWlsIj48c2Ft
bDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hl
bWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2Ui
IHhzaTp0eXBlPSJ4czpzdHJpbmciPmFka3VtYXJAYWxsc3RhdGUuY2E8L3NhbWw6QXR0cmlidXRl
VmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iTmFtZSI+PHNhbWw6
QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1h
IiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4
c2k6dHlwZT0ieHM6c3RyaW5nIj5LdW1hciwgQWRpdHlhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwv
c2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9u
Pjwvc2FtbHA6UmVzcG9uc2U+
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] INFO c.b.s.c.SamlResponseController - Relay State: 0384f135-fb9c-4e58-9ccb-5928159f7f6a
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 09:19:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 09:20:07 [https-jsse-nio-443-exec-60] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': supported
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.algorithm.AlgorithmRegistry - Runtime support eval for algorithm URI 'http://www.w3.org/2001/04/xmlenc#sha256': supported
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Resolved SignatureSigningParameters:
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signing credential with key algorithm: RSA
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Signature KeyInfoGenerator: org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory$X509KeyInfoGenerator
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference digest method algorithm URI: http://www.w3.org/2001/04/xmlenc#sha256
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Reference canonicalization algorithm URI: null
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - Canonicalization algorithm URI: http://www.w3.org/2001/10/xml-exc-c14n#
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.i.BasicSignatureSigningParametersResolver - HMAC output length: null
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.saml.common.SAMLObjectSupport - Examining signed object for content references with exclusive canonicalization transform
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.saml.common.SAMLObjectSupport - Saw exclusive transform, declaring non-visible namespaces on signed object
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating XMLSignature object
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureMarshaller - Adding content to XMLSignature.
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.s.c.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.impl.SignatureMarshaller - Creating Signature DOM element
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.xmlsec.signature.support.Signer - Using a signer of implemenation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignerProviderImpl
2026-05-06 09:20:07 [https-jsse-nio-443-exec-103] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignerProviderImpl - Computing signature over XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from MockIDP
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: []
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : MockIDP
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: MockIDP
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-05-06T09:10:16Z' against 'skewed now' time '2026-05-06T09:25:16.607926332Z'
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-05-06T09:30:16Z' against 'skewed now' time '2026-05-06T09:15:16.607926332Z'
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box]
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-05-06T09:30:16Z' against 'skewed now' time '2026-05-06T09:15:16.608029929Z'
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ1311371-16ec-4e77-a97b-3c158b5c92cf
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ1311371-16ec-4e77-a97b-3c158b5c92cf
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [s244b3df1b86e581deee5dab9457c6f9d24e5b4a68]
2026-05-06 09:20:16 [https-jsse-nio-443-exec-73] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@b7f5ee0c, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=167.127.90.97, SessionId=36EB97DBCDAA4254250291CB538CA4C3], Granted Authorities=[ROLE_USER]]
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6
cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9z
c28iIElEPSJzMjQ0YjNkZjFiODZlNTgxZGVlZTVkYWI5NDU3YzZmOWQyNGU1YjRhNjgiIEluUmVz
cG9uc2VUbz0iQVJRMTMxMTM3MS0xNmVjLTRlNzctYTk3Yi0zYzE1OGI1YzkyY2YiIElzc3VlSW5z
dGFudD0iMjAyNi0wNS0wNlQwOToyMDoxNloiIFZlcnNpb249IjIuMCI+PHNhbWw6SXNzdWVyIHht
bG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPk1vY2tJRFA8
L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpv
YXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxz
YW1sOkFzc2VydGlvbiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz
ZXJ0aW9uIiBJRD0iczIxNjc1OTI4MDBhNjU2YTliNzYzMjkzMGEwM2IxN2UwYmM4YmE3YjYyIiBJ
c3N1ZUluc3RhbnQ9IjIwMjYtMDUtMDZUMDk6MjA6MTZaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklz
c3Vlcj5Nb2NrSURQPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2Fs
aXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4
Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9y
Zy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNz
MjE2NzU5MjgwMGE2NTZhOWI3NjMyOTMwYTAzYjE3ZTBiYzhiYTdiNjIiPjxkczpUcmFuc2Zvcm1z
PjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRz
aWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8v
d3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRp
Z2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3No
YTI1NiIvPjxkczpEaWdlc3RWYWx1ZT5SR25GSzdyM3NHaTJtUGdyVXBUbDhVLzNSeXI5Y3dyUVFw
ek5TYTMwUGUwPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZv
PjxkczpTaWduYXR1cmVWYWx1ZT5aZXFDbjZ5SURoQnRkcWg3clhjbGVMVXRudTRVMDJLSWtIZnFR
OHVXdGs5anlXTHh1WVFabWtPUjJ6NFVpWU56eUJtSlAyVHlJMUpSb3BxRDVnYzBsNWplMVNxeFNr
Q1BsaGpjS0svTzlXSWJJNXlyeW45WXMxT2E1eXFQRWZITjdQamdLa2lnaUtEL3BzK3drNEFNYzR3
SDNEN0FGQnBiakFWeVRLZkJ5WXp2TmRMZ1FXalIwRXdtQmhiS0pCUkFVU0t2bFNIcVZBbVVucVMx
eHpoTUpGd0x6eWlSZHdSV0dTMGM3OWU4cjliekYvMW5ONDhDWVAwaHpzSkEra1RvQU5lUmo4ZGR2
dmFqajFML3h1SlRxRHBBT2Z0VGt6VnlucEM0MlZ2Q0xnTDZkWU56OXBLNEJLcVZ3Z05KYjBSNzdL
dldzeFFmTTFzdnowb3RhV05mUUE9PTwvZHM6U2lnbmF0dXJlVmFsdWU+PGRzOktleUluZm8+PGRz
Olg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJRjl6Q0NBOStnQXdJQkFnSVRXQUFBNTRo
ZEVkRXVMY3NGNFFBQUFBRG5pREFOQmdrcWhraUc5dzBCQVFzRkFEQkhNUkl3RUFZS0NaSW1pWlB5
TEdRQkdSWUNZMkV4RnpBVkJnb0praWFKay9Jc1pBRVpGZ2RoWTJkd2NtOWtNUmd3RmdZRFZRUURF
dzlCUTBkUWNtOWtMVWx6YzNWbFEwRXdIaGNOTWpZd01qSTFNVGt4TWpRd1doY05NamN3TWpJMU1U
a3hNalF3V2pDQmt6RUxNQWtHQTFVRUJoTUNRMEV4RURBT0JnTlZCQWdUQjA5dWRHRnlhVzh4RURB
T0JnTlZCQWNUQjFSdmNtOXVkRzh4R0RBV0JnTlZCQW9URDBGc2JITjBZWFJsSUVOaGJtRmtZVEVm
TUIwR0ExVUVDeE1XU1c1bWIzSnRZWFJwYjI0Z1ZHVmphRzV2Ykc5bmVURWxNQ01HQTFVRUF4TWNZ
V05uWldsaGJYTmhiV3h6Ym1SaWVDNWhiR3h6ZEdGMFpTNWpZVENDQVNJd0RRWUpLb1pJaHZjTkFR
RUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNaEhUWE1kZElvaE1GRzZHSDFWUmtxQVJyZ2hrYVlDU2Jz
TmhvVjVKeFJxSU8xSzA3dmRZTzY4V2lrcW1tSDhSWjBHWk8vZjNxcXdJRWFEYlltNlNiOGpDUjhN
OWdsbTFvZ2FBQkxvbTIvRHFWb3ViZnFYNXNZMkg2cHJGKzBScGRqemd3UGNOTnMyVldrMVgxZ2My
K0YxS3V2NVdOTDZlU1hCRW5qcUhncnBxUjVIUXRBVXM3TU5ubXJOdmpwcmdlK210cUlod0ZuOFF4
QWE0VEVlaktlRFQwcGU5WEJmUzY3Y2ZvN1RQTGZDMkdnR2Nqa3dEcGZsa2FLVGx1QThrVkxySjYv
djJlSFpsWW5YcmQ3UVJwU2NiV3RmNENVN3FUNHhkYW1YVnNqRU1kZTQzenBSaVZQV1RyTExwR21o
VGgvMC9XOGJtemxhVHBwRkZJcWlZL1VDQXdFQUFhT0NBWTB3Z2dHSk1Bc0dBMVVkRHdRRUF3SUZv
REE4QmdrckJnRUVBWUkzRlFjRUx6QXRCaVVyQmdFRUFZSTNGUWlHbHI5dmhQQ2xSb1NGbHhqZjZB
S0VwZndGZVllbTJpaUhwczU5QWdGa0FnRWtNQjBHQTFVZERnUVdCQlJiTHpVSU5sdDROd3V3N3h2
MzNUZHZXMDJCQ0RBZkJnTlZIU01FR0RBV2dCUnlvMGxIOVZkL2Y4RGVUUXBVTzRTc0luQit1REJL
QmdOVkhSOEVRekJCTUQrZ1BhQTdoamxvZEhSd09pOHZZV05uY0d0cExtRmpaM0J5YjJRdVkyRXZZ
MkZ5WlhCdmMybDBiM0o1TDBGRFIxQlNUMFF0U1hOemRXVkRRUzVqY213d1ZRWUlLd1lCQlFVSEFR
RUVTVEJITUVVR0NDc0dBUVVGQnpBQ2hqbG9kSFJ3T2k4dllXTm5jR3RwTG1GalozQnliMlF1WTJF
dlkyRnlaWEJ2YzJsMGIzSjVMMEZEUjFCU1QwUXRTWE56ZFdWRFFTNWpjblF3RXdZRFZSMGxCQXd3
Q2dZSUt3WUJCUVVIQXdFd0d3WUpLd1lCQkFHQ054VUtCQTR3RERBS0JnZ3JCZ0VGQlFjREFUQW5C
Z05WSFJFRUlEQWVnaHhoWTJkbGFXRnRjMkZ0YkhOdVpHSjRMbUZzYkhOMFlYUmxMbU5oTUEwR0NT
cUdTSWIzRFFFQkN3VUFBNElDQVFDbTNUTlc5RWxuTFFMM2ZBUkV5dDhYbE5HWDFSQnJ3THEzbzI4
VWJLUXFkYWhjdjZhcytCRlNudVRnc0dOaVpCVGx0SXR0Q2Urb2srOFdMWWRmckZJM0FMQVkxenA4
RXRtMnpvdVdoQXdwenBDSTNpM2M2Sngyb3lYbEJybXk1NHluR1k2RGxXdmhtb2UwQzZhZnJCdEVO
Tm5xQk16d2ZFQWY5dVNuTWRoWHZoUysyYm5sSGZkZ3gxZDQwaE14YkZOa2F4aG9JNWRoYWwvZGtQ
VG92U1drcGszOFlBQ3V2MlY0aEtaUVVwcko1V1QwNHBQNUM3MUcyMnJvQjdnYzREVW5oY3IyaGcv
WWtuMHhMeWd4SlVoS01nUU5FYmhVNjQ2eURaMjJHbkF4T0w1OEpucEZML0Rwc0lXb0M2NFByekZU
T0N5bmZ4VldpQzkzdEhCc0hQSTVEZ3dyZHNCOUVTMnVZLzc5VGFHSWtTSC9RNHlqV3k2a1FkRmVm
WUFuSlRQMEVkNmlWUDVYOHV3WDB6TDJIc1ZnK2kwUzdJU0tEWmt2c3FHd29NaHFUM3RuZ0xVQ0Q3
ZmE5d0o5Y3BTRmluU2pWSFduVzYvejB5L2NSZU45WFhQUXRzWnhKTDEyV3AxQm44MzBSN0REUXVG
cUt2dGdUM0tJN3cySVJUS2h5SEJPeTFjWUJML3c4TVoyTEZtY3JCUWVjbmVqU3Y4WXdTdTdkREJr
VktpYWVrTUh2dlNZQnNicTBZNG9Wd2FDeS9wcCtwaHdxcmk3L3FBSUdNOVBIM1piQ1Nrc0l6cTNq
REd4Y1lTYmZVNHNBMmZnZjl2c0NrcnJ4Q3RGL1VhZDk2V1JKYVAwakJQVllDSDBNOFR0YjRVWE1T
a3V1SHFLd2J0YjEycmQ1STE3eWc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+
PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZv
cm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZp
ZWQiIE5hbWVRdWFsaWZpZXI9Ik1vY2tJRFAiIFNQTmFtZVF1YWxpZmllcj0ic2FtbC1ib3giPmFk
a3VtYXIwY2E8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1
cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uRGF0YSBJblJlc3BvbnNlVG89IkFSUTEzMTEzNzEtMTZlYy00ZTc3LWE5N2ItM2MxNThi
NWM5MmNmIiBOb3RPbk9yQWZ0ZXI9IjIwMjYtMDUtMDZUMDk6MzA6MTZaIiBSZWNpcGllbnQ9Imh0
dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmly
bWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTA1
LTA2VDA5OjEwOjE2WiIgTm90T25PckFmdGVyPSIyMDI2LTA1LTA2VDA5OjMwOjE2WiI+PHNhbWw6
QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5zYW1sLWJveDwvc2FtbDpBdWRpZW5j
ZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRo
blN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjYtMDUtMDZUMDk6MjA6MTVaIiBTZXNzaW9uSW5k
ZXg9InMyMjg1NDE2OGMxN2JkZTMwMWQwMjQwYmZlNGRmMDMzZjI0ZjcxODYwMSI+PHNhbWw6QXV0
aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpT
QU1MOjIuMDphYzpjbGFzc2VzOnVuc3BlY2lmaWVkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVm
Pjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0
ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0id29ya2RheUlEIj48c2FtbDpBdHRyaWJ1
dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5z
OnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBl
PSJ4czpzdHJpbmciPkMyMDAwMTAzODwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmli
dXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzYU1BY2NvdW50TmFtZSI+PHNhbWw6QXR0cmlidXRl
VmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4
c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0i
eHM6c3RyaW5nIj5hZGt1bWFyMGNhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1
dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImRlcGFydG1lbnQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVl
IHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJo
dHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0
cmluZyI+SW5mb3JtYXRpb24gVGVjaG5vbG9neTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6
QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlbWFpbCI+PHNhbWw6QXR0cmlidXRlVmFs
dWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9
Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6
c3RyaW5nIj5hZGt1bWFyQGFsbHN0YXRlLmNhPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpB
dHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Ik5hbWUiPjxzYW1sOkF0dHJpYnV0ZVZhbHVl
IHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJo
dHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0
cmluZyI+S3VtYXIsIEFkaXR5YTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRl
Pjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3Bv
bnNlPg==
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] INFO c.b.s.c.SamlResponseController - Relay State: e197a15c-a012-4122-944f-3256855327ac
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl'
2026-05-06 09:20:16 [https-jsse-nio-443-exec-91] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential
SAML BOX
SAML BOX is brought to you by Boston Identity