Server Logs Viewer

Back

Lines

Wrap Lines

Spring Boot Server Logs Viewer

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter.doFilterInternal(Saml2LogoutResponseFilter.java:112) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter.doFilterInternal(Saml2LogoutRequestFilter.java:126) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:243) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:238) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:362) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:278) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) at java.base/java.lang.Thread.run(Thread.java:1583) 2026-03-20 05:31:13 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 05:31:13 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 05:31:13 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 05:31:13 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 05:31:13 [https-jsse-nio-443-exec-533] ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception java.lang.IllegalArgumentException: Invalid registration ID at com.bostonidentity.samlbox.repository.DynamicRelyingPartyRegistrationRepository.findByRegistrationId(DynamicRelyingPartyRegistrationRepository.java:205) at org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository.findUniqueByAssertingPartyEntityId(RelyingPartyRegistrationRepository.java:45) at com.bostonidentity.samlbox.config.EntityIdRelyingPartyRegistrationResolver.resolve(EntityIdRelyingPartyRegistrationResolver.java:28) at org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter.convert(Saml2AuthenticationTokenConverter.java:65) at com.bostonidentity.samlbox.config.EntityIdLookupAuthenticationConverter.convert(EntityIdLookupAuthenticationConverter.java:57) at org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter.attemptAuthentication(Saml2WebSsoAuthenticationFilter.java:123) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:231) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter.doFilterInternal(Saml2WebSsoAuthenticationRequestFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter.doFilterInternal(Saml2LogoutResponseFilter.java:112) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter.doFilterInternal(Saml2LogoutRequestFilter.java:126) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:243) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:238) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:362) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:278) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) at java.base/java.lang.Thread.run(Thread.java:1583) 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T09:38:45.921Z' against 'skewed now' time '2026-03-20T09:43:46.244968454Z' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T10:38:45.916Z' against 'skewed now' time '2026-03-20T09:33:46.244968454Z' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T09:43:45.933Z' against 'skewed now' time '2026-03-20T09:33:46.245141678Z' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [_8c94fd7c-3332-4a53-8e21-757f39e9d4d9] 2026-03-20 09:38:46 [https-jsse-nio-443-exec-574] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@4e6126cc, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=216.250.229.2, SessionId=null], Granted Authorities=[ROLE_USER]] 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfOGM5NGZkN2MtMzMzMi00YTUzLThlMjEtNzU3ZjM5ZTlkNGQ5IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQwOTozODo0NS45MTFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9zYW1sLWJveC5jb20vbG9naW4vc2FtbDIvc3NvIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcGV4Y29uZHVjdG9yLXFhLmFwZXhhbmFseXRpeC5hcHAvc2FtbC9pZHA8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjXzhjOTRmZDdjLTMzMzItNGE1My04ZTIxLTc1N2YzOWU5ZDRkOSI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiIC8+PERpZ2VzdFZhbHVlPklZRnVYTnpUbC9aaEV5djF4VC9mbTdLYllleTBiSnFZcGtqOEl3Rk5ncjg9PC9EaWdlc3RWYWx1ZT48L1JlZmVyZW5jZT48L1NpZ25lZEluZm8+PFNpZ25hdHVyZVZhbHVlPm1CU1Z2d2d5OThhNzVFTjRzanNXVEw3VmdHS0dUMU1seEc2SnkveFlUUnZKaHNBbjl6Qy96ZjRpSGpsci9LYmZMdzUwK3l5bW0wbWI1ZzZkVHU0MnhRbDdmRUZ3U3NON0NZelVzcGFodUdaN2NMc01CZmszMXRsREJJUWM3eWdUdFdvQmM1ZXVDbkNCREZzdWF3U2ZYR1hhRGZic0haQmJLZUpSZnFaRVNDZDlwdC8wVkZiVGNLUytGUHVLcGw0WjA5Kzh4dU1MdFlSYkhESzJTREJia1Y2Mi9nZC95YlBTaDhIRm85NGxIbG1pYmNRL1pSMnZKMlhJN1hWK1RjVnNoamtXeEdhSVNHZFVuaEw4N0N2eGZWbmUxRzJSa01WOEFXMVF6VmlzWi8rZ0JzejY3czhneFZPZnNod0dXT0VKdjNNWXFHN0JHSjhHVURhZDdNTzZPZz09PC9TaWduYXR1cmVWYWx1ZT48S2V5SW5mbz48WDUwOURhdGE+PFg1MDlDZXJ0aWZpY2F0ZT5NSUlHK1RDQ0JlR2dBd0lCQWdJUUJIMk43dXFBZnlLcGJ0dnhHYkpIWlRBTkJna3Foa2lHOXcwQkFRc0ZBREJaTVFzd0NRWURWUVFHRXdKVlV6RVZNQk1HQTFVRUNoTU1SR2xuYVVObGNuUWdTVzVqTVRNd01RWURWUVFERXlwRWFXZHBRMlZ5ZENCSGJHOWlZV3dnUnpJZ1ZFeFRJRkpUUVNCVFNFRXlOVFlnTWpBeU1DQkRRVEV3SGhjTk1qVXdOREkwTURBd01EQXdXaGNOTWpZd05USTFNak0xT1RVNVdqQjFNUXN3Q1FZRFZRUUdFd0pWVXpFWE1CVUdBMVVFQ0JNT1RtOXlkR2dnUTJGeWIyeHBibUV4RXpBUkJnTlZCQWNUQ2tkU1JVVk9VMEpQVWs4eEd6QVpCZ05WQkFvVEVrRndaWGdnUVc1aGJIbDBhWGdzSUV4TVF6RWJNQmtHQTFVRUF3d1NLaTVoY0dWNFlXNWhiSGwwYVhndVlYQndNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTJwd1FSdldWazg1RG9mNTJJOXZGUlZiSTNWQWw3OWFWejFRTXJORmI4N1dmQ1hPVHNFQ3M1bWMwck9vUnBlVkFxNUVmTktpbjBxN0p2QkxJbFlZN2t2a1A4MEYxNnJVMTMycEhXSXRIMDlDajBwWjlSbFJNMFB2dHJDbEtSV2c3RUdaS0lKeDZHNEVtUlN4SGpIbzZKcFJDTjhlTUpQU2tsVnN6NlVSbUlFRGd0d3lDVURaM0htcGc4c3JVMDlsNXAxbXZGbXA3QnFBblNXdng0NGVRVmJLQm9PK1ZmMG80T3dldG1kOUY3bTdUbHJzTHlNOFNJRVBnNjdEUDFaaVovL3haUit6QzhPVUloZHVwS3dMNjF3d1hFejNtdHkwOG01U1MxZlI0cHl0a2c0MUw2ODBBNTlMSE4rSVhDRTZhVkxGbkRkanNIc3ZDNUhpVFBJeGFCUUlEQVFBQm80SURuekNDQTVzd0h3WURWUjBqQkJnd0ZvQVVkSVdBd0diSDN6ZmV6NzBwTjZvREhiN3R6UmN3SFFZRFZSME9CQllFRkY1SDVicW4wcS9hU1A2N0tPellvaEdGWFBMTk1DOEdBMVVkRVFRb01DYUNFaW91WVhCbGVHRnVZV3g1ZEdsNExtRndjSUlRWVhCbGVHRnVZV3g1ZEdsNExtRndjREErQmdOVkhTQUVOekExTURNR0JtZUJEQUVDQWpBcE1DY0dDQ3NHQVFVRkJ3SUJGaHRvZEhSd09pOHZkM2QzTG1ScFoybGpaWEowTG1OdmJTOURVRk13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWpDQm53WURWUjBmQklHWE1JR1VNRWlnUnFCRWhrSm9kSFJ3T2k4dlkzSnNNeTVrYVdkcFkyVnlkQzVqYjIwdlJHbG5hVU5sY25SSGJHOWlZV3hITWxSTVUxSlRRVk5JUVRJMU5qSXdNakJEUVRFdE1TNWpjbXd3U0tCR29FU0dRbWgwZEhBNkx5OWpjbXcwTG1ScFoybGpaWEowTG1OdmJTOUVhV2RwUTJWeWRFZHNiMkpoYkVjeVZFeFRVbE5CVTBoQk1qVTJNakF5TUVOQk1TMHhMbU55YkRDQmh3WUlLd1lCQlFVSEFRRUVlekI1TUNRR0NDc0dBUVVGQnpBQmhoaG9kSFJ3T2k4dmIyTnpjQzVrYVdkcFkyVnlkQzVqYjIwd1VRWUlLd1lCQlFVSE1BS0dSV2gwZEhBNkx5OWpZV05sY25SekxtUnBaMmxqWlhKMExtTnZiUzlFYVdkcFEyVnlkRWRzYjJKaGJFY3lWRXhUVWxOQlUwaEJNalUyTWpBeU1FTkJNUzB4TG1OeWREQU1CZ05WSFJNQkFmOEVBakFBTUlJQmZRWUtLd1lCQkFIV2VRSUVBZ1NDQVcwRWdnRnBBV2NBZFFBT1Y1Uzg4NjZwUGpNYkxKa0hzL2VRMzV2Q1BYRXlKZDBocVNXc1ljVk9JUUFBQVpab1pPaHVBQUFFQXdCR01FUUNJQ083SEJvZUNJZlA1bFN1b3pQM1FLYkdyekpHVkU2dmxveU9heTRrci9zbUFpQjRqd2lTSFVGakxWbDFmQTlFdkFQZlZBdGgzMklkUndDbFJpMmNjR0tzQ3dCMkFHUVJ4R3lrRXV5bmlSeWlBaTRBdkt0UEtBZlVIalVucStyKzFRUEpmYzN3QUFBQmxtaGs2SzBBQUFRREFFY3dSUUloQVBXTkdHK2VOS0hmbFJRWkh6U1R5Sm5BZnZ2MDJpeU0wamJ0bVI1eXRqdktBaUEwc1M4ZHFZRjUyQ1JnZmEzeFd0MW1QdnBrY3Jpai9XUVc1MDNibFhUSjBRQjJBRW1jbTJuZUhYenMvRGJlellka3ByaGJyd3FIZ0JuUlZWTDc2ZXNwM2ZqREFBQUJsbWhrNk1zQUFBUURBRWN3UlFJaEFMdEphdzVEYXFQUDBKZnZ0TEFMV3pXNXB1bXJOTU5oa0wyTWdxekVsQXNTQWlBazZuSDM1OWZ6dXV2MUFWamhja3RwdFNRQTVvL1VJRnJvUTdqOWYydjlnVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSXZoN2NNdDI3bjNZdUxEMlE1MEYzcldYcWE0dXFrYTlDeWdwWDlDd2xZS1NIQTVwUkJ2RkhMeFFWTlJuZGxuaHNseHlRYUZmdm5KSTJ1MjRMaWlXa3BMMHpTRHVCQmJFT2Vqci9UakV1S1drMGVmcC85ZkR0cDk1bTZaV2FKakhnVjlwOFEvbmlaeHlHTi83UE85Nys5Z3FNcmVQRmcxdzZzVGxIc0FNSkN6RStMTlVHYXJuS3BmczZLODM3Q0VhaStRT3hnbzNvYTViUU9pWlAyc1pXODIzTTk4ZXM2NnB1WUxpQVV0aHFFQ09nMFdUcGJCR01BdHM5eGU2L0lqTXNtNStTbXh3SmtPaGVuUlRYLzVEQ0RQV2tpVTZNYkt2ZzhaNUE4U3lueUdMb1RrQWN2RjB2d01PWXVQNGExQ2Uwekp3M0pWS0p1N2xlSVZ0SXpWSFVnPT08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiIC8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIElEPSJfMGRkZWZhZjMtMTViMS00NDlmLTkyZDMtYWRmOTBkYTMyZTk3IiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMDk6Mzg6NDUuOTE4WiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcGV4Y29uZHVjdG9yLXFhLmFwZXhhbmFseXRpeC5hcHAvc2FtbC9pZHA8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjXzBkZGVmYWYzLTE1YjEtNDQ5Zi05MmQzLWFkZjkwZGEzMmU5NyI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiIC8+PERpZ2VzdFZhbHVlPjI2MEJtR1A5YW9YcFFxc0dCZU4vWStwdXoyMW9yM2pnc0Y4aU9qR1ZxTEk9PC9EaWdlc3RWYWx1ZT48L1JlZmVyZW5jZT48L1NpZ25lZEluZm8+PFNpZ25hdHVyZVZhbHVlPlNSWFdkQU9PU3l1YkdaWG9XSHltdWhIck5qcG80UmhOWlFJeGdvb2dSYzFpNkZ1ZldrSDJQKy82RzNlLzlWTDFkd3A2NGpBOUsrSWRKLzgwR0Z3RTZIdFd6bVpHamlDQ1V2M1U0Z0RDOUU0U2l6VUpDOXh2U3lQK01BbWhGSXM1anhGam14VWIvZFBhcXp6RXlvTXRwNVZpYk9FcW5hN3h2aS9ST2J1bXFkd1UxdWxKb3JNOUkrV2JyZ1Nkc1hCZUQ3RmVlMWpmWkllSjBKNFQwVGdSWnUvMGJYeGlaaFJ2RFpGdkx0Yk9PQksyMDFtTWgxMEhJKzU1SmRtOTNwNnFHZHBES1hkeE5xdmxIQlkxZVhWV0dCTGZWTVVqWjZUZVJLRXkwWGNYUnNTWTFhcUVSek1IZDhaTkIwSWNmOTFRTjh1VWJjT2psZzhrTGx6dGM1YWpoZz09PC9TaWduYXR1cmVWYWx1ZT48S2V5SW5mbz48WDUwOURhdGE+PFg1MDlDZXJ0aWZpY2F0ZT5NSUlHK1RDQ0JlR2dBd0lCQWdJUUJIMk43dXFBZnlLcGJ0dnhHYkpIWlRBTkJna3Foa2lHOXcwQkFRc0ZBREJaTVFzd0NRWURWUVFHRXdKVlV6RVZNQk1HQTFVRUNoTU1SR2xuYVVObGNuUWdTVzVqTVRNd01RWURWUVFERXlwRWFXZHBRMlZ5ZENCSGJHOWlZV3dnUnpJZ1ZFeFRJRkpUUVNCVFNFRXlOVFlnTWpBeU1DQkRRVEV3SGhjTk1qVXdOREkwTURBd01EQXdXaGNOTWpZd05USTFNak0xT1RVNVdqQjFNUXN3Q1FZRFZRUUdFd0pWVXpFWE1CVUdBMVVFQ0JNT1RtOXlkR2dnUTJGeWIyeHBibUV4RXpBUkJnTlZCQWNUQ2tkU1JVVk9VMEpQVWs4eEd6QVpCZ05WQkFvVEVrRndaWGdnUVc1aGJIbDBhWGdzSUV4TVF6RWJNQmtHQTFVRUF3d1NLaTVoY0dWNFlXNWhiSGwwYVhndVlYQndNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTJwd1FSdldWazg1RG9mNTJJOXZGUlZiSTNWQWw3OWFWejFRTXJORmI4N1dmQ1hPVHNFQ3M1bWMwck9vUnBlVkFxNUVmTktpbjBxN0p2QkxJbFlZN2t2a1A4MEYxNnJVMTMycEhXSXRIMDlDajBwWjlSbFJNMFB2dHJDbEtSV2c3RUdaS0lKeDZHNEVtUlN4SGpIbzZKcFJDTjhlTUpQU2tsVnN6NlVSbUlFRGd0d3lDVURaM0htcGc4c3JVMDlsNXAxbXZGbXA3QnFBblNXdng0NGVRVmJLQm9PK1ZmMG80T3dldG1kOUY3bTdUbHJzTHlNOFNJRVBnNjdEUDFaaVovL3haUit6QzhPVUloZHVwS3dMNjF3d1hFejNtdHkwOG01U1MxZlI0cHl0a2c0MUw2ODBBNTlMSE4rSVhDRTZhVkxGbkRkanNIc3ZDNUhpVFBJeGFCUUlEQVFBQm80SURuekNDQTVzd0h3WURWUjBqQkJnd0ZvQVVkSVdBd0diSDN6ZmV6NzBwTjZvREhiN3R6UmN3SFFZRFZSME9CQllFRkY1SDVicW4wcS9hU1A2N0tPellvaEdGWFBMTk1DOEdBMVVkRVFRb01DYUNFaW91WVhCbGVHRnVZV3g1ZEdsNExtRndjSUlRWVhCbGVHRnVZV3g1ZEdsNExtRndjREErQmdOVkhTQUVOekExTURNR0JtZUJEQUVDQWpBcE1DY0dDQ3NHQVFVRkJ3SUJGaHRvZEhSd09pOHZkM2QzTG1ScFoybGpaWEowTG1OdmJTOURVRk13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWpDQm53WURWUjBmQklHWE1JR1VNRWlnUnFCRWhrSm9kSFJ3T2k4dlkzSnNNeTVrYVdkcFkyVnlkQzVqYjIwdlJHbG5hVU5sY25SSGJHOWlZV3hITWxSTVUxSlRRVk5JUVRJMU5qSXdNakJEUVRFdE1TNWpjbXd3U0tCR29FU0dRbWgwZEhBNkx5OWpjbXcwTG1ScFoybGpaWEowTG1OdmJTOUVhV2RwUTJWeWRFZHNiMkpoYkVjeVZFeFRVbE5CVTBoQk1qVTJNakF5TUVOQk1TMHhMbU55YkRDQmh3WUlLd1lCQlFVSEFRRUVlekI1TUNRR0NDc0dBUVVGQnpBQmhoaG9kSFJ3T2k4dmIyTnpjQzVrYVdkcFkyVnlkQzVqYjIwd1VRWUlLd1lCQlFVSE1BS0dSV2gwZEhBNkx5OWpZV05sY25SekxtUnBaMmxqWlhKMExtTnZiUzlFYVdkcFEyVnlkRWRzYjJKaGJFY3lWRXhUVWxOQlUwaEJNalUyTWpBeU1FTkJNUzB4TG1OeWREQU1CZ05WSFJNQkFmOEVBakFBTUlJQmZRWUtLd1lCQkFIV2VRSUVBZ1NDQVcwRWdnRnBBV2NBZFFBT1Y1Uzg4NjZwUGpNYkxKa0hzL2VRMzV2Q1BYRXlKZDBocVNXc1ljVk9JUUFBQVpab1pPaHVBQUFFQXdCR01FUUNJQ083SEJvZUNJZlA1bFN1b3pQM1FLYkdyekpHVkU2dmxveU9heTRrci9zbUFpQjRqd2lTSFVGakxWbDFmQTlFdkFQZlZBdGgzMklkUndDbFJpMmNjR0tzQ3dCMkFHUVJ4R3lrRXV5bmlSeWlBaTRBdkt0UEtBZlVIalVucStyKzFRUEpmYzN3QUFBQmxtaGs2SzBBQUFRREFFY3dSUUloQVBXTkdHK2VOS0hmbFJRWkh6U1R5Sm5BZnZ2MDJpeU0wamJ0bVI1eXRqdktBaUEwc1M4ZHFZRjUyQ1JnZmEzeFd0MW1QdnBrY3Jpai9XUVc1MDNibFhUSjBRQjJBRW1jbTJuZUhYenMvRGJlellka3ByaGJyd3FIZ0JuUlZWTDc2ZXNwM2ZqREFBQUJsbWhrNk1zQUFBUURBRWN3UlFJaEFMdEphdzVEYXFQUDBKZnZ0TEFMV3pXNXB1bXJOTU5oa0wyTWdxekVsQXNTQWlBazZuSDM1OWZ6dXV2MUFWamhja3RwdFNRQTVvL1VJRnJvUTdqOWYydjlnVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSXZoN2NNdDI3bjNZdUxEMlE1MEYzcldYcWE0dXFrYTlDeWdwWDlDd2xZS1NIQTVwUkJ2RkhMeFFWTlJuZGxuaHNseHlRYUZmdm5KSTJ1MjRMaWlXa3BMMHpTRHVCQmJFT2Vqci9UakV1S1drMGVmcC85ZkR0cDk1bTZaV2FKakhnVjlwOFEvbmlaeHlHTi83UE85Nys5Z3FNcmVQRmcxdzZzVGxIc0FNSkN6RStMTlVHYXJuS3BmczZLODM3Q0VhaStRT3hnbzNvYTViUU9pWlAyc1pXODIzTTk4ZXM2NnB1WUxpQVV0aHFFQ09nMFdUcGJCR01BdHM5eGU2L0lqTXNtNStTbXh3SmtPaGVuUlRYLzVEQ0RQV2tpVTZNYkt2ZzhaNUE4U3lueUdMb1RrQWN2RjB2d01PWXVQNGExQ2Uwekp3M0pWS0p1N2xlSVZ0SXpWSFVnPT08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+cGFsbGF2aXRlc3RndDExNEB5b3BtYWlsLmNvbTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQwOTo0Mzo0NS45MzNaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIgLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAyNi0wMy0yMFQwOTozODo0NS45MjFaIiBOb3RPbk9yQWZ0ZXI9IjIwMjYtMDMtMjBUMTA6Mzg6NDUuOTE2WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5zYW1sLWJveDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT5wYWxsYXZpdGVzdGd0MTE0QHlvcG1haWwuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImZpcnN0bmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+UEFMTEFWSTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJsYXN0bmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+VEVTVDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1c2VybmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+cGFsbGF2aXRlc3RndDExNEB5b3BtYWlsLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDI2LTAzLTIwVDA5OjM4OjQ1LjkzMloiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+ 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] INFO c.b.s.c.SamlResponseController - Relay State: null 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 09:38:46 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 09:55:22 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 09:55:22 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 09:55:22 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 09:55:22 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 09:55:22 [https-jsse-nio-443-exec-590] ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception java.lang.IllegalArgumentException: Invalid registration ID at com.bostonidentity.samlbox.repository.DynamicRelyingPartyRegistrationRepository.findByRegistrationId(DynamicRelyingPartyRegistrationRepository.java:205) at org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository.findUniqueByAssertingPartyEntityId(RelyingPartyRegistrationRepository.java:45) at com.bostonidentity.samlbox.config.EntityIdRelyingPartyRegistrationResolver.resolve(EntityIdRelyingPartyRegistrationResolver.java:28) at org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter.convert(Saml2AuthenticationTokenConverter.java:65) at com.bostonidentity.samlbox.config.EntityIdLookupAuthenticationConverter.convert(EntityIdLookupAuthenticationConverter.java:57) at org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter.attemptAuthentication(Saml2WebSsoAuthenticationFilter.java:123) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:231) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter.doFilterInternal(Saml2WebSsoAuthenticationRequestFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter.doFilterInternal(Saml2LogoutResponseFilter.java:112) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter.doFilterInternal(Saml2LogoutRequestFilter.java:126) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:243) at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:238) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:362) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:278) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) at java.base/java.lang.Thread.run(Thread.java:1583) 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: https://apexconductor-qa.apexanalytix.app/saml/idp 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T10:01:31.096Z' against 'skewed now' time '2026-03-20T10:06:32.126553004Z' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T11:01:31.096Z' against 'skewed now' time '2026-03-20T09:56:32.126553004Z' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T10:06:31.097Z' against 'skewed now' time '2026-03-20T09:56:32.126640715Z' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [_a9101d6d-3548-49cc-88e5-4173e8d8e911] 2026-03-20 10:01:32 [https-jsse-nio-443-exec-580] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@42ba62ee, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=216.250.229.2, SessionId=null], Granted Authorities=[ROLE_USER]] 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfYTkxMDFkNmQtMzU0OC00OWNjLTg4ZTUtNDE3M2U4ZDhlOTExIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMDowMTozMS4wOTZaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9zYW1sLWJveC5jb20vbG9naW4vc2FtbDIvc3NvIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcGV4Y29uZHVjdG9yLXFhLmFwZXhhbmFseXRpeC5hcHAvc2FtbC9pZHA8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjX2E5MTAxZDZkLTM1NDgtNDljYy04OGU1LTQxNzNlOGQ4ZTkxMSI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiIC8+PERpZ2VzdFZhbHVlPk9HK0J2YUhaU010YnZtQTN5V2p2WWM1SkR5eHNoMUVqWWF5ZldXbDkyODA9PC9EaWdlc3RWYWx1ZT48L1JlZmVyZW5jZT48L1NpZ25lZEluZm8+PFNpZ25hdHVyZVZhbHVlPlVaRFZvV0pLbDluVWdWS1hTeFNkL3Jwdk9BUGNKN3lLRlUzV29GTXhCeWFvRnJIQ0crS1pBYnlzVk9LVXBzbnJaK0U4Q051cFZFMnEzYVFib0IzYlNGeUtIbXQ0Nm14RnorMzJwZ2VpMTB5NnJZUkVzQzF6N0ZCYlNhdEZsb1VCcEV6Z3BSclBhSjR5cnU0SFMrN1ppMjJBU3kvMTRPbTgyd1J5bkhxcUdDSlZrY1JiL09kTFdhRTVld205cVNOSGtINWgwY2gzdlR2WEFWM21MMmtFZUVkblBOazFOZjh3aXpoNGcvZ3E3T1dJaWZHa2pTcHR3Z3dQNXh1U3MraW4rMzdhd3FTSGFTaUQrU1dyNWgxd0xhNkdDeW5NTEpFYjY2UEVwR0k2SVgxT3BCRXVOSkNLcmhrbk5hK01xQTRMVWhmd1BmdTVwMi9vc090Q1JJL2ttQT09PC9TaWduYXR1cmVWYWx1ZT48S2V5SW5mbz48WDUwOURhdGE+PFg1MDlDZXJ0aWZpY2F0ZT5NSUlHK1RDQ0JlR2dBd0lCQWdJUUJIMk43dXFBZnlLcGJ0dnhHYkpIWlRBTkJna3Foa2lHOXcwQkFRc0ZBREJaTVFzd0NRWURWUVFHRXdKVlV6RVZNQk1HQTFVRUNoTU1SR2xuYVVObGNuUWdTVzVqTVRNd01RWURWUVFERXlwRWFXZHBRMlZ5ZENCSGJHOWlZV3dnUnpJZ1ZFeFRJRkpUUVNCVFNFRXlOVFlnTWpBeU1DQkRRVEV3SGhjTk1qVXdOREkwTURBd01EQXdXaGNOTWpZd05USTFNak0xT1RVNVdqQjFNUXN3Q1FZRFZRUUdFd0pWVXpFWE1CVUdBMVVFQ0JNT1RtOXlkR2dnUTJGeWIyeHBibUV4RXpBUkJnTlZCQWNUQ2tkU1JVVk9VMEpQVWs4eEd6QVpCZ05WQkFvVEVrRndaWGdnUVc1aGJIbDBhWGdzSUV4TVF6RWJNQmtHQTFVRUF3d1NLaTVoY0dWNFlXNWhiSGwwYVhndVlYQndNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTJwd1FSdldWazg1RG9mNTJJOXZGUlZiSTNWQWw3OWFWejFRTXJORmI4N1dmQ1hPVHNFQ3M1bWMwck9vUnBlVkFxNUVmTktpbjBxN0p2QkxJbFlZN2t2a1A4MEYxNnJVMTMycEhXSXRIMDlDajBwWjlSbFJNMFB2dHJDbEtSV2c3RUdaS0lKeDZHNEVtUlN4SGpIbzZKcFJDTjhlTUpQU2tsVnN6NlVSbUlFRGd0d3lDVURaM0htcGc4c3JVMDlsNXAxbXZGbXA3QnFBblNXdng0NGVRVmJLQm9PK1ZmMG80T3dldG1kOUY3bTdUbHJzTHlNOFNJRVBnNjdEUDFaaVovL3haUit6QzhPVUloZHVwS3dMNjF3d1hFejNtdHkwOG01U1MxZlI0cHl0a2c0MUw2ODBBNTlMSE4rSVhDRTZhVkxGbkRkanNIc3ZDNUhpVFBJeGFCUUlEQVFBQm80SURuekNDQTVzd0h3WURWUjBqQkJnd0ZvQVVkSVdBd0diSDN6ZmV6NzBwTjZvREhiN3R6UmN3SFFZRFZSME9CQllFRkY1SDVicW4wcS9hU1A2N0tPellvaEdGWFBMTk1DOEdBMVVkRVFRb01DYUNFaW91WVhCbGVHRnVZV3g1ZEdsNExtRndjSUlRWVhCbGVHRnVZV3g1ZEdsNExtRndjREErQmdOVkhTQUVOekExTURNR0JtZUJEQUVDQWpBcE1DY0dDQ3NHQVFVRkJ3SUJGaHRvZEhSd09pOHZkM2QzTG1ScFoybGpaWEowTG1OdmJTOURVRk13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWpDQm53WURWUjBmQklHWE1JR1VNRWlnUnFCRWhrSm9kSFJ3T2k4dlkzSnNNeTVrYVdkcFkyVnlkQzVqYjIwdlJHbG5hVU5sY25SSGJHOWlZV3hITWxSTVUxSlRRVk5JUVRJMU5qSXdNakJEUVRFdE1TNWpjbXd3U0tCR29FU0dRbWgwZEhBNkx5OWpjbXcwTG1ScFoybGpaWEowTG1OdmJTOUVhV2RwUTJWeWRFZHNiMkpoYkVjeVZFeFRVbE5CVTBoQk1qVTJNakF5TUVOQk1TMHhMbU55YkRDQmh3WUlLd1lCQlFVSEFRRUVlekI1TUNRR0NDc0dBUVVGQnpBQmhoaG9kSFJ3T2k4dmIyTnpjQzVrYVdkcFkyVnlkQzVqYjIwd1VRWUlLd1lCQlFVSE1BS0dSV2gwZEhBNkx5OWpZV05sY25SekxtUnBaMmxqWlhKMExtTnZiUzlFYVdkcFEyVnlkRWRzYjJKaGJFY3lWRXhUVWxOQlUwaEJNalUyTWpBeU1FTkJNUzB4TG1OeWREQU1CZ05WSFJNQkFmOEVBakFBTUlJQmZRWUtLd1lCQkFIV2VRSUVBZ1NDQVcwRWdnRnBBV2NBZFFBT1Y1Uzg4NjZwUGpNYkxKa0hzL2VRMzV2Q1BYRXlKZDBocVNXc1ljVk9JUUFBQVpab1pPaHVBQUFFQXdCR01FUUNJQ083SEJvZUNJZlA1bFN1b3pQM1FLYkdyekpHVkU2dmxveU9heTRrci9zbUFpQjRqd2lTSFVGakxWbDFmQTlFdkFQZlZBdGgzMklkUndDbFJpMmNjR0tzQ3dCMkFHUVJ4R3lrRXV5bmlSeWlBaTRBdkt0UEtBZlVIalVucStyKzFRUEpmYzN3QUFBQmxtaGs2SzBBQUFRREFFY3dSUUloQVBXTkdHK2VOS0hmbFJRWkh6U1R5Sm5BZnZ2MDJpeU0wamJ0bVI1eXRqdktBaUEwc1M4ZHFZRjUyQ1JnZmEzeFd0MW1QdnBrY3Jpai9XUVc1MDNibFhUSjBRQjJBRW1jbTJuZUhYenMvRGJlellka3ByaGJyd3FIZ0JuUlZWTDc2ZXNwM2ZqREFBQUJsbWhrNk1zQUFBUURBRWN3UlFJaEFMdEphdzVEYXFQUDBKZnZ0TEFMV3pXNXB1bXJOTU5oa0wyTWdxekVsQXNTQWlBazZuSDM1OWZ6dXV2MUFWamhja3RwdFNRQTVvL1VJRnJvUTdqOWYydjlnVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSXZoN2NNdDI3bjNZdUxEMlE1MEYzcldYcWE0dXFrYTlDeWdwWDlDd2xZS1NIQTVwUkJ2RkhMeFFWTlJuZGxuaHNseHlRYUZmdm5KSTJ1MjRMaWlXa3BMMHpTRHVCQmJFT2Vqci9UakV1S1drMGVmcC85ZkR0cDk1bTZaV2FKakhnVjlwOFEvbmlaeHlHTi83UE85Nys5Z3FNcmVQRmcxdzZzVGxIc0FNSkN6RStMTlVHYXJuS3BmczZLODM3Q0VhaStRT3hnbzNvYTViUU9pWlAyc1pXODIzTTk4ZXM2NnB1WUxpQVV0aHFFQ09nMFdUcGJCR01BdHM5eGU2L0lqTXNtNStTbXh3SmtPaGVuUlRYLzVEQ0RQV2tpVTZNYkt2ZzhaNUE4U3lueUdMb1RrQWN2RjB2d01PWXVQNGExQ2Uwekp3M0pWS0p1N2xlSVZ0SXpWSFVnPT08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiIC8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIElEPSJfYjY4Y2JiZGMtMGI4NC00ZmQ3LWFiMDQtOWQ5NzQ1MzYxNzk2IiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTA6MDE6MzEuMDk2WiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcGV4Y29uZHVjdG9yLXFhLmFwZXhhbmFseXRpeC5hcHAvc2FtbC9pZHA8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjX2I2OGNiYmRjLTBiODQtNGZkNy1hYjA0LTlkOTc0NTM2MTc5NiI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiIC8+PERpZ2VzdFZhbHVlPlNraVRSS3BHci9GSVVtYTZia2Z0SlNjR0FHMnVmNnBQdGdtWkxiUTgySEU9PC9EaWdlc3RWYWx1ZT48L1JlZmVyZW5jZT48L1NpZ25lZEluZm8+PFNpZ25hdHVyZVZhbHVlPm5RV05SdldGa2ovZ2hERzh1bHFBSGllREh0aDdockZ5aFFURTBMYjhnZ25WSTdZeTRNMDVBZjB2K3pmMW92RTRpSkRuWVFCRkJIVmROd2huZUlvNStkbnZTOWN2RHI2RGo5cGRDNC9oMk10OG9BNXRXWUpqWWVhMlpTeHZzd1RQZ2FqZlZHeThQajI4WStZbGJOblM0eGhmTHFCY01WVXFUNXo1YkZUT1ZLUGJWUTY3L2wzUEl3ZEZmTFFsRVpITWRDaCszOE5OdFdwUWdTeVBhc0ppRXBEbXBTRnorM0JWNlNJcVdDRVE2T2k4bGV2NWR2Vnc3c3lNZFFDTGpTNEZ5RDk0UjdlK2tnT2VMMHVwYi9VQWw4VHVGSEtrcCsyMHpiZ0d3dm02LzlCL3l6V3pyRGg3TlZKRGxmaEREaDhZaml3c0tWZU43bUF2TFpNdjBkaWRIUT09PC9TaWduYXR1cmVWYWx1ZT48S2V5SW5mbz48WDUwOURhdGE+PFg1MDlDZXJ0aWZpY2F0ZT5NSUlHK1RDQ0JlR2dBd0lCQWdJUUJIMk43dXFBZnlLcGJ0dnhHYkpIWlRBTkJna3Foa2lHOXcwQkFRc0ZBREJaTVFzd0NRWURWUVFHRXdKVlV6RVZNQk1HQTFVRUNoTU1SR2xuYVVObGNuUWdTVzVqTVRNd01RWURWUVFERXlwRWFXZHBRMlZ5ZENCSGJHOWlZV3dnUnpJZ1ZFeFRJRkpUUVNCVFNFRXlOVFlnTWpBeU1DQkRRVEV3SGhjTk1qVXdOREkwTURBd01EQXdXaGNOTWpZd05USTFNak0xT1RVNVdqQjFNUXN3Q1FZRFZRUUdFd0pWVXpFWE1CVUdBMVVFQ0JNT1RtOXlkR2dnUTJGeWIyeHBibUV4RXpBUkJnTlZCQWNUQ2tkU1JVVk9VMEpQVWs4eEd6QVpCZ05WQkFvVEVrRndaWGdnUVc1aGJIbDBhWGdzSUV4TVF6RWJNQmtHQTFVRUF3d1NLaTVoY0dWNFlXNWhiSGwwYVhndVlYQndNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTJwd1FSdldWazg1RG9mNTJJOXZGUlZiSTNWQWw3OWFWejFRTXJORmI4N1dmQ1hPVHNFQ3M1bWMwck9vUnBlVkFxNUVmTktpbjBxN0p2QkxJbFlZN2t2a1A4MEYxNnJVMTMycEhXSXRIMDlDajBwWjlSbFJNMFB2dHJDbEtSV2c3RUdaS0lKeDZHNEVtUlN4SGpIbzZKcFJDTjhlTUpQU2tsVnN6NlVSbUlFRGd0d3lDVURaM0htcGc4c3JVMDlsNXAxbXZGbXA3QnFBblNXdng0NGVRVmJLQm9PK1ZmMG80T3dldG1kOUY3bTdUbHJzTHlNOFNJRVBnNjdEUDFaaVovL3haUit6QzhPVUloZHVwS3dMNjF3d1hFejNtdHkwOG01U1MxZlI0cHl0a2c0MUw2ODBBNTlMSE4rSVhDRTZhVkxGbkRkanNIc3ZDNUhpVFBJeGFCUUlEQVFBQm80SURuekNDQTVzd0h3WURWUjBqQkJnd0ZvQVVkSVdBd0diSDN6ZmV6NzBwTjZvREhiN3R6UmN3SFFZRFZSME9CQllFRkY1SDVicW4wcS9hU1A2N0tPellvaEdGWFBMTk1DOEdBMVVkRVFRb01DYUNFaW91WVhCbGVHRnVZV3g1ZEdsNExtRndjSUlRWVhCbGVHRnVZV3g1ZEdsNExtRndjREErQmdOVkhTQUVOekExTURNR0JtZUJEQUVDQWpBcE1DY0dDQ3NHQVFVRkJ3SUJGaHRvZEhSd09pOHZkM2QzTG1ScFoybGpaWEowTG1OdmJTOURVRk13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWpDQm53WURWUjBmQklHWE1JR1VNRWlnUnFCRWhrSm9kSFJ3T2k4dlkzSnNNeTVrYVdkcFkyVnlkQzVqYjIwdlJHbG5hVU5sY25SSGJHOWlZV3hITWxSTVUxSlRRVk5JUVRJMU5qSXdNakJEUVRFdE1TNWpjbXd3U0tCR29FU0dRbWgwZEhBNkx5OWpjbXcwTG1ScFoybGpaWEowTG1OdmJTOUVhV2RwUTJWeWRFZHNiMkpoYkVjeVZFeFRVbE5CVTBoQk1qVTJNakF5TUVOQk1TMHhMbU55YkRDQmh3WUlLd1lCQlFVSEFRRUVlekI1TUNRR0NDc0dBUVVGQnpBQmhoaG9kSFJ3T2k4dmIyTnpjQzVrYVdkcFkyVnlkQzVqYjIwd1VRWUlLd1lCQlFVSE1BS0dSV2gwZEhBNkx5OWpZV05sY25SekxtUnBaMmxqWlhKMExtTnZiUzlFYVdkcFEyVnlkRWRzYjJKaGJFY3lWRXhUVWxOQlUwaEJNalUyTWpBeU1FTkJNUzB4TG1OeWREQU1CZ05WSFJNQkFmOEVBakFBTUlJQmZRWUtLd1lCQkFIV2VRSUVBZ1NDQVcwRWdnRnBBV2NBZFFBT1Y1Uzg4NjZwUGpNYkxKa0hzL2VRMzV2Q1BYRXlKZDBocVNXc1ljVk9JUUFBQVpab1pPaHVBQUFFQXdCR01FUUNJQ083SEJvZUNJZlA1bFN1b3pQM1FLYkdyekpHVkU2dmxveU9heTRrci9zbUFpQjRqd2lTSFVGakxWbDFmQTlFdkFQZlZBdGgzMklkUndDbFJpMmNjR0tzQ3dCMkFHUVJ4R3lrRXV5bmlSeWlBaTRBdkt0UEtBZlVIalVucStyKzFRUEpmYzN3QUFBQmxtaGs2SzBBQUFRREFFY3dSUUloQVBXTkdHK2VOS0hmbFJRWkh6U1R5Sm5BZnZ2MDJpeU0wamJ0bVI1eXRqdktBaUEwc1M4ZHFZRjUyQ1JnZmEzeFd0MW1QdnBrY3Jpai9XUVc1MDNibFhUSjBRQjJBRW1jbTJuZUhYenMvRGJlellka3ByaGJyd3FIZ0JuUlZWTDc2ZXNwM2ZqREFBQUJsbWhrNk1zQUFBUURBRWN3UlFJaEFMdEphdzVEYXFQUDBKZnZ0TEFMV3pXNXB1bXJOTU5oa0wyTWdxekVsQXNTQWlBazZuSDM1OWZ6dXV2MUFWamhja3RwdFNRQTVvL1VJRnJvUTdqOWYydjlnVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSXZoN2NNdDI3bjNZdUxEMlE1MEYzcldYcWE0dXFrYTlDeWdwWDlDd2xZS1NIQTVwUkJ2RkhMeFFWTlJuZGxuaHNseHlRYUZmdm5KSTJ1MjRMaWlXa3BMMHpTRHVCQmJFT2Vqci9UakV1S1drMGVmcC85ZkR0cDk1bTZaV2FKakhnVjlwOFEvbmlaeHlHTi83UE85Nys5Z3FNcmVQRmcxdzZzVGxIc0FNSkN6RStMTlVHYXJuS3BmczZLODM3Q0VhaStRT3hnbzNvYTViUU9pWlAyc1pXODIzTTk4ZXM2NnB1WUxpQVV0aHFFQ09nMFdUcGJCR01BdHM5eGU2L0lqTXNtNStTbXh3SmtPaGVuUlRYLzVEQ0RQV2tpVTZNYkt2ZzhaNUE4U3lueUdMb1RrQWN2RjB2d01PWXVQNGExQ2Uwekp3M0pWS0p1N2xlSVZ0SXpWSFVnPT08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+bWFyY2gyMHN1bW1lckB5b3BtYWlsLmNvbTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMDowNjozMS4wOTdaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIgLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAyNi0wMy0yMFQxMDowMTozMS4wOTZaIiBOb3RPbk9yQWZ0ZXI9IjIwMjYtMDMtMjBUMTE6MDE6MzEuMDk2WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5zYW1sLWJveDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT5tYXJjaDIwc3VtbWVyQHlvcG1haWwuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImZpcnN0bmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+UlVDSEk8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibGFzdG5hbWUiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPkdBVVRBTTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1c2VybmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWU+bWFyY2gyMHN1bW1lckB5b3BtYWlsLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDI2LTAzLTIwVDEwOjAxOjMxLjA5N1oiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+ 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] INFO c.b.s.c.SamlResponseController - Relay State: asdsdsf 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 10:01:32 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:26:51.614Z' against 'skewed now' time '2026-03-20T13:31:53.788150165Z' 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:27:51.614Z' against 'skewed now' time '2026-03-20T13:21:53.788150165Z' 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:27:51.614Z' against 'skewed now' time '2026-03-20T13:21:53.788366774Z' 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ48bb34b-5029-4772-95c0-a661a78eb0de 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ48bb34b-5029-4772-95c0-a661a78eb0de 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_7636aac5-57ae-4577-ac43-d265051f38da] 2026-03-20 13:26:53 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@30aec817, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=725C08482E66BF317D569F8AAA836E2E], Granted Authorities=[ROLE_USER]] 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF83NjM2YWFjNS01N2FlLTQ1NzctYWM0My1kMjY1MDUxZjM4ZGEiIEluUmVzcG9uc2VUbz0iQVJRNDhiYjM0Yi01MDI5LTQ3NzItOTVjMC1hNjYxYTc4ZWIwZGUiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyNjo1My42MTVaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfNzYzNmFhYzUtNTdhZS00NTc3LWFjNDMtZDI2NTA1MWYzOGRhIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+dUpySEpIT2ZlTnV6cG9COUlHM1p6Z2RVVVlhd2hoekR5ejlod2FGV2hidz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5XMTk0Z3hxVUNiaVN4VWVzaTVjSjYyTERZd2RMVG9CdTF2aGk0Y3BkcEdMVWVQdlNOYnZ0MUFMVHM2bXVxTXZSWVNCd0UvSkFzZXpjOHUyL1I0NUwrcUZJMllERmpXbTgrTC9xdmlKbW9RNFd4aWRBMGsxRVBtbmVtOFRZc2ovd0k3UjYvbE1JNVc4UE0rakM3TTd0RmpMTkZFemVhYkpVZDhKdmFXZ3pTaklzT1B4Z1VVQkE2bXVpNXd2L0VwSDBocms4bkZERS9QZGlZUjA1dUNwOEdKNXdSRXFnakpXNGk1Zm1MY3M1UGdnbUJUdDhWMVNDckxTaW9rc2VUQ2FtOU1ud0FlMDNXNUV2dlBRNEhvUXd6NjBlbE0rSWdUS3pKQ0hCUStmRmRuWkVtV2x2MENEY0NMVE1XSjRaYmI3cWVJZ2l3aG9pTXVVNFJsYldGZHVVeHc9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfZDRhM2EzYjMtN2EyOC00M2FlLThjYzAtNDM1MTlmNThiM2VhIiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6MjY6NTMuNjE0WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRNDhiYjM0Yi01MDI5LTQ3NzItOTVjMC1hNjYxYTc4ZWIwZGUiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzoyNzo1MS42MTRaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjI2OjUxLjYxNFoiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzoyNzo1MS42MTRaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyNjo1My42MTZaIiBTZXNzaW9uSW5kZXg9IlQwNzhFbUFPSWpuMTVxc2x3cVFJakZVcTo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjI2OjUzLjYxNloiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm51bGwgbnVsbDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9IlNvbHV0aW9uLUUtTWFpbCIgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvZW1haWxhZGRyZXNzIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVtYV9hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLWV2ZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmNyZWF0ZS1jbGllbnQ8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtdXNlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZWZhdWx0LXJvbGVzLW1hc3Rlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctdXNlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5vZmZsaW5lX2FjY2Vzczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmltcGVyc29uYXRpb248L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtYWNjb3VudC1saW5rczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctZXZlbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktdXNlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj52aWV3LXByb2ZpbGU8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5xdWVyeS1yZWFsbXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtYXV0aG9yaXphdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LWdyb3Vwczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmNyZWF0ZS1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctYXV0aG9yaXphdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcmVhbG08L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj52aWV3LWlkZW50aXR5LXByb3ZpZGVyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LWNsaWVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtYWNjb3VudDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLWNsaWVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+ 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] INFO c.b.s.c.SamlResponseController - Relay State: 4d3a8541-938d-4e4e-ba27-502aa5b39e76 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:26:53 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:27:14.260Z' against 'skewed now' time '2026-03-20T13:32:16.407644679Z' 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:28:14.260Z' against 'skewed now' time '2026-03-20T13:22:16.407644679Z' 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:28:14.260Z' against 'skewed now' time '2026-03-20T13:22:16.407750560Z' 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQc44754f-ada2-4731-ace5-6429c385f1ec 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQc44754f-ada2-4731-ace5-6429c385f1ec 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_52c2ac71-cc97-41ec-a3f7-01d408ed3cfd] 2026-03-20 13:27:16 [https-jsse-nio-443-exec-589] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@30aec817, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=77A857A39AA74DB886F8E8A6FE773EC1], Granted Authorities=[ROLE_USER]] 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF81MmMyYWM3MS1jYzk3LTQxZWMtYTNmNy0wMWQ0MDhlZDNjZmQiIEluUmVzcG9uc2VUbz0iQVJRYzQ0NzU0Zi1hZGEyLTQ3MzEtYWNlNS02NDI5YzM4NWYxZWMiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyNzoxNi4yNjBaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfNTJjMmFjNzEtY2M5Ny00MWVjLWEzZjctMDFkNDA4ZWQzY2ZkIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+QzQwQVFrVnB6RTFsL0JtbnN2UkZpQ3U1NDRJTVZDSFl2MGxpV25IaGpDaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5SaE5LOVJQSUwxNmVlZGIxa3VvZ1U0dzRtVTVEazdDaDMzSUN1WnA5aXlZYkptMXdGbTk3ck02S1FrSVpFZnVqbC9NRWFDVVhiRDJPZDBOSGRuOWRQWVNJNDh6M21BUEpnM1BLVDU3citZb2NDWVlPcG82OFZmS0MxMGxOVDc2bnpId0lWRWJTdDRtSDJkT2ttK2tvTXJGWUZMZ3NJdnV6SHRmRWpQNm9KZFh0S3YvUlZuWHNDdXY4clJsUGRHQmRGTjNSY1VVMDM2eE5xM21GdjVNdlhSOXAvRGVSZHdBUDlvbFhqalNlL2QxQzdBZlI2WS8vT3VrUjM0Q3FQaThqcWQrZTlBeElBdjBueXY3SG84MHNRUDNZRDRac215Si9hOGNWeno0VVhPZktLbERKSDZiZlZSMHArbWFhWjJJenUxWTduUzdZMEVpbjR3OXdNL3I4R0E9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfN2E0MGMwNzMtYTRhOS00ZTY4LWEzMmQtM2VlMTcwYzJkOTI1IiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6Mjc6MTYuMjYwWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRYzQ0NzU0Zi1hZGEyLTQ3MzEtYWNlNS02NDI5YzM4NWYxZWMiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzoyODoxNC4yNjBaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjI3OjE0LjI2MFoiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzoyODoxNC4yNjBaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyNzoxNi4yNjFaIiBTZXNzaW9uSW5kZXg9IlQwNzhFbUFPSWpuMTVxc2x3cVFJakZVcTo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjI3OjE2LjI2MVoiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkxvcmVueiBLb2NrPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iU29sdXRpb24tRS1NYWlsIiBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Z2xhZGlhdG9yQHZhdGVyLXNvbHV0aW9uLmRlPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dW1hX2F1dGhvcml6YXRpb248L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtZXZlbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1jbGllbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLWNsaWVudDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmRlZmF1bHQtcm9sZXMtbWFzdGVyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm9mZmxpbmVfYWNjZXNzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+aW1wZXJzb25hdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50LWxpbmtzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1ldmVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5xdWVyeS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LXJlYWxtczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktZ3JvdXBzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctaWRlbnRpdHktcHJvdmlkZXJzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4= 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] INFO c.b.s.c.SamlResponseController - Relay State: 36a0278b-690f-452d-a6de-12f7fed499b2 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:27:16 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:29:41.729Z' against 'skewed now' time '2026-03-20T13:34:44.110178573Z' 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:30:41.729Z' against 'skewed now' time '2026-03-20T13:24:44.110178573Z' 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:30:41.729Z' against 'skewed now' time '2026-03-20T13:24:44.110269194Z' 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ27fbedf-f1f1-4f4c-a58d-7aa0d5d74aac 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] WARN o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Valid InResponseTo was not available from the validation context, unable to evaluate SubjectConfirmationData@InResponseTo 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.o.s.s.a.SAML20AssertionValidator - No subject confirmation methods were met for assertion with ID 'ID_9bf8c38d-cbb9-45cb-9602-12a126755e92' 2026-03-20 13:29:44 [https-jsse-nio-443-exec-580] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Found 2 validation errors in SAML response [ID_a8f005f7-5e11-4ea0-ab76-6a78f896ddc2] 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:29:47.554Z' against 'skewed now' time '2026-03-20T13:34:49.714850702Z' 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:30:47.554Z' against 'skewed now' time '2026-03-20T13:24:49.714850702Z' 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:30:47.554Z' against 'skewed now' time '2026-03-20T13:24:49.715078248Z' 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ20574c7-5b05-42b1-900b-00b55421f65f 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ20574c7-5b05-42b1-900b-00b55421f65f 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_734daefc-8d13-486e-a5c2-bab0c2a17cae] 2026-03-20 13:29:49 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@30aec817, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=277B6F19FAB43F0F5559CF226312C612], Granted Authorities=[ROLE_USER]] 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF83MzRkYWVmYy04ZDEzLTQ4NmUtYTVjMi1iYWIwYzJhMTdjYWUiIEluUmVzcG9uc2VUbz0iQVJRMjA1NzRjNy01YjA1LTQyYjEtOTAwYi0wMGI1NTQyMWY2NWYiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyOTo0OS41NTRaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfNzM0ZGFlZmMtOGQxMy00ODZlLWE1YzItYmFiMGMyYTE3Y2FlIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+ZUtKUWJpeGJuTVNNTWpxbGE2SGNsa0J6QmpZMlhYWFRHdkczZHN3a2RJUT08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5id0svUW1NNWtUQ2F1eUJJRWVzanhPY28wL1p1QW51dnNWSk9BWUZOUjAvQTJVZ0JLWTUrWXZINldLWmpWYWMrd1VMemtERThtYlJyQSt4RUdqc3VUK1Rjb3VvaFVwdVROZVVTT3ZkRG81R3k2VXdyajNaQmJSbGFMeDEzZ0t6OVgyV3lRSHJmNWcwaHN1YVd0TFgzZmpYTXZGWk5rR09qNW50Rk9ncnE0bURUOEFwWDNuRlRxYUJZMURoWGI0RlY2TjVFa1EwWWtOQk5yd1VZZG0xSUU3YkhRbFVhaDRUY0kzQ3pnYm5rT1h6dVo2eFU2RDc1eVNnS2IwR2ZRbk1HdGJOS01xV0hJVjJseFQrNnVreUpTazFSbnYzeXJoeWl0VTl5SjRka0hhbUMwL1FNZXZrdU9FTllGVWxGZXR5Y3lkTjgrc2RZT0l6ajRrWkMzMjZqR0E9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfZGI3ZDdhYzYtODJjYS00YzNlLWJjOTgtMjQzNDNlMzMzYTEwIiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6Mjk6NDkuNTU0WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRMjA1NzRjNy01YjA1LTQyYjEtOTAwYi0wMGI1NTQyMWY2NWYiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMDo0Ny41NTRaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjI5OjQ3LjU1NFoiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMDo0Ny41NTRaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzoyOTo0OS41NTVaIiBTZXNzaW9uSW5kZXg9IlQwNzhFbUFPSWpuMTVxc2x3cVFJakZVcTo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjI5OjQ5LjU1NVoiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkxvcmVueiBLb2NrPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iU29sdXRpb24tRS1NYWlsIiBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Z2xhZGlhdG9yQHZhdGVyLXNvbHV0aW9uLmRlPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dW1hX2F1dGhvcml6YXRpb248L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtZXZlbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1jbGllbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLWNsaWVudDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmRlZmF1bHQtcm9sZXMtbWFzdGVyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm9mZmxpbmVfYWNjZXNzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+aW1wZXJzb25hdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50LWxpbmtzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1ldmVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5xdWVyeS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LXJlYWxtczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktZ3JvdXBzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctaWRlbnRpdHktcHJvdmlkZXJzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4= 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] INFO c.b.s.c.SamlResponseController - Relay State: 77876fb9-9f58-41e7-94be-7eb43d446cf1 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:29:49 [https-jsse-nio-443-exec-533] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:30:48 [https-jsse-nio-443-exec-574] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Found 3 validation errors in SAML response [ID_581f6881-530b-4289-8b60-bf7850f6a02c] 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:30:55 [https-jsse-nio-443-exec-508] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Found 3 validation errors in SAML response [ID_cb797b79-d237-463c-b644-1781fe669ab3] 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:31:20.392Z' against 'skewed now' time '2026-03-20T13:36:22.528014875Z' 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:32:20.392Z' against 'skewed now' time '2026-03-20T13:26:22.528014875Z' 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:32:20.392Z' against 'skewed now' time '2026-03-20T13:26:22.528144935Z' 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQ875596e-a67d-4d55-9671-baba27b5dc6d 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQ875596e-a67d-4d55-9671-baba27b5dc6d 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_49f9da29-0df2-4682-ac94-250887a5ec5e] 2026-03-20 13:31:22 [https-jsse-nio-443-exec-508] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@51cb4537, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=732BF6280412E936BA37084D63F62FDA], Granted Authorities=[ROLE_USER]] 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF80OWY5ZGEyOS0wZGYyLTQ2ODItYWM5NC0yNTA4ODdhNWVjNWUiIEluUmVzcG9uc2VUbz0iQVJRODc1NTk2ZS1hNjdkLTRkNTUtOTY3MS1iYWJhMjdiNWRjNmQiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMToyMi4zOTJaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfNDlmOWRhMjktMGRmMi00NjgyLWFjOTQtMjUwODg3YTVlYzVlIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+MGR0Tk0xdkdpUjFDNnJVOWhoRVV1WFZzNTZrTU9CZjNYa3FjWFZxb3NLYz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5CUzVmZU81RUd6c0dGLzY0SnpCdjRVUHYzMXpDY3Z5SkhWRDBsOWVFdk5vMm5EQ0huTmpscWNrWWVVdERLbVpXRG5jSFFYYW95MEx5cHN2M0tlSTNNb2tjbXQ5emJ4akYweER5bXF1d1cvNnhKeGlndmdwaWorMENsYW9tVHFNejlOOGpjZ05QRXR5eXlrNkJHTGVzMUppcGhmbEQ4OTZtb0FQRGtmL0tlajh5NUh6bXZ5N1kveE9SbUM4dzRHQ2JQTXBTRzhiWlRmbitab29FRnNxeGRlalZQSTloUHVlbzlKT0NJeFNYai9Ncm9qWnRGdzZNR3pwekU2QnJtTDBaWmdGOWp4OFJVa0NuL1d0VFgwc0o0VWFyYTgzd1VTY2d6a1RVTUcwMWhQT1lCU0ZVYU5tRWluMmx4cklkd3ZRL1d1YWdpTVpNdUpDWWc2UWZ5SjdUNFE9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfYzBiNTY3ZGYtZjYyNy00NTYzLTljNzMtMGEzNWI2NTA5OGQ4IiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6MzE6MjIuMzkyWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmJsYUB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRODc1NTk2ZS1hNjdkLTRkNTUtOTY3MS1iYWJhMjdiNWRjNmQiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjoyMC4zOTJaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjMxOjIwLjM5MloiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjoyMC4zOTJaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMToyMi4zOTJaIiBTZXNzaW9uSW5kZXg9IkROQ2E5SFYtRUJIaHBsRnB0UTBFUTdybzo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjMxOjIyLjM5MloiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPiA8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJTb2x1dGlvbi1FLU1haWwiIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL2VtYWlsYWRkcmVzcyIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5ibGFAdmF0ZXItc29sdXRpb24uZGU8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZWZhdWx0LXJvbGVzLW1hc3Rlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVtYV9hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+b2ZmbGluZV9hY2Nlc3M8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtYWNjb3VudC1saW5rczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+ 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] INFO c.b.s.c.SamlResponseController - Relay State: edd4aec0-5162-4740-a67f-f4816b5e8756 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:22 [https-jsse-nio-443-exec-578] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:31:46.428Z' against 'skewed now' time '2026-03-20T13:36:48.569874508Z' 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:32:46.428Z' against 'skewed now' time '2026-03-20T13:26:48.569874508Z' 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:32:46.428Z' against 'skewed now' time '2026-03-20T13:26:48.569985893Z' 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQfc621bc-c394-49e0-9083-f89a85093345 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQfc621bc-c394-49e0-9083-f89a85093345 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_f582d800-169b-424c-9cb3-39f81be1885d] 2026-03-20 13:31:48 [https-jsse-nio-443-exec-590] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@30aec817, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=37910AEC6C73FA5142234490FC15B23B], Granted Authorities=[ROLE_USER]] 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF9mNTgyZDgwMC0xNjliLTQyNGMtOWNiMy0zOWY4MWJlMTg4NWQiIEluUmVzcG9uc2VUbz0iQVJRZmM2MjFiYy1jMzk0LTQ5ZTAtOTA4My1mODlhODUwOTMzNDUiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMTo0OC40MjhaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfZjU4MmQ4MDAtMTY5Yi00MjRjLTljYjMtMzlmODFiZTE4ODVkIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+RmtMTmJZZ0hIRE1EMEVLTVhjem85NWxVTjUydXdOeXF4K25XZDFHeHF2WT08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5BWllTSTRkNkg3QXR5SC9TOGYzOVJhRVdIbTNMVFA4b000WVZNRXRjRTRqbTNuVTZ2Yi9IL2srN1FQZkdTT1FZVUxqdmpYSmdGeWtVUmJ5d1JPQzFyeUl0dDFJUm1KMnhMRTNUQyt3bmhSSGluS0lKQW10QzQ2dEN6RkhKbEoyaE9OMXJtRFNvSTIxMXhQWkIrQi9mZ01GR1JtNjNtdnF5YWFlYy9lanZvMFQ0aDZHVjhrM1Z3aFhWSzRxVlg0Umg5S1cwUW5xaWhzVVhxZkUvTXhTRHJ6VzdxNzNoRWUzWGpVR0MybEducjNBeHNSd1RFY0hnZ09KeTdubWI5MklWT1lQdUQ3SVNoKzJyRDR5RDlIVCtiUzhiNStabW9GNDh6dDZQTmNGd2daRmd6cHJRRTZMR2pyTXJTeWZNeTFteFdvblQyeXpSNGVKRElMUUk1VUpGNXc9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfMWZjODJmNGItODRiNS00ZGQ4LWI4NGItNzQ5NTE1MDc1MDYyIiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6MzE6NDguNDI4WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRZmM2MjFiYy1jMzk0LTQ5ZTAtOTA4My1mODlhODUwOTMzNDUiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjo0Ni40MjhaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjMxOjQ2LjQyOFoiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjo0Ni40MjhaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMTo0OC40MjhaIiBTZXNzaW9uSW5kZXg9IlQwNzhFbUFPSWpuMTVxc2x3cVFJakZVcTo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjMxOjQ4LjQyOFoiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkxvcmVueiBLb2NrPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iU29sdXRpb24tRS1NYWlsIiBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Z2xhZGlhdG9yQHZhdGVyLXNvbHV0aW9uLmRlPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dW1hX2F1dGhvcml6YXRpb248L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtZXZlbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1jbGllbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLWNsaWVudDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmRlZmF1bHQtcm9sZXMtbWFzdGVyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm9mZmxpbmVfYWNjZXNzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+aW1wZXJzb25hdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50LWxpbmtzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1ldmVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5xdWVyeS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LXJlYWxtczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktZ3JvdXBzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctaWRlbnRpdHktcHJvdmlkZXJzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4= 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] INFO c.b.s.c.SamlResponseController - Relay State: 32f49455-982b-473c-ab1e-d8d016e5c11d 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:31:48 [https-jsse-nio-443-exec-580] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Processing SAML response from http://localhost:8080/realms/master 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.i.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion for criteria class org.opensaml.security.criteria.KeyAlgorithmCriterion 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry located evaluable criteria class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion for criteria class org.opensaml.security.criteria.UsageCriterion 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.saml.metadata.criteria.role.impl.EvaluableProtocolRoleDescriptorCriterion 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to verify signature and establish trust using KeyInfo-derived credentials 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Found 0 key names: [] 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child with QName: {http://www.w3.org/2000/09/xmldsig#}X509Data 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.ECKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Provider org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider doesn't handle objects of type {http://www.w3.org/2000/09/xmldsig#}X509Data, skipping 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Processing KeyInfo child {http://www.w3.org/2000/09/xmldsig#}X509Data with provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Attempting to extract credential from an X509Data 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 1 X509Certificates 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Found 0 X509CRLs 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.p.InlineX509DataProvider - Single certificate was present, treating as end-entity certificate 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.k.i.BasicProviderKeyInfoCredentialResolver - A total of 1 credentials were resolved 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.c.c.i.EvaluableCredentialCriteriaRegistry - Registry could not locate evaluable criteria for criteria class org.opensaml.xmlsec.keyinfo.KeyInfoCriterion 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.SignatureValidationProvider - Using a validation provider of implementation: org.opensaml.xmlsec.signature.support.impl.provider.ApacheSantuarioSignatureValidationProviderImpl 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Attempting to validate signature using key from supplied credential 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Accessing XMLSignature object 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validating signature with signature algorithm URI: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.p.ApacheSantuarioSignatureValidationProviderImpl - Signature validated with key from supplied credential 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Signature validation using candidate credential was successful 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully verified signature using KeyInfo-derived credential 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Attempting to establish trust of KeyInfo-derived credential 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.t.i.ExplicitKeyTrustEvaluator - Successfully validated untrusted credential against trusted key 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.x.s.s.i.BaseSignatureTrustEngine - Successfully established trust of KeyInfo-derived credential 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Assertion Issuer of : http://localhost:8080/realms/master 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - Matched valid issuer: http://localhost:8080/realms/master 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - No Conditions were indicated as required 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotBefore '2026-03-20T13:32:31.869Z' against 'skewed now' time '2026-03-20T13:37:34.029679135Z' 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - Evaluating Conditions NotOnOrAfter '2026-03-20T13:33:31.869Z' against 'skewed now' time '2026-03-20T13:27:34.029679135Z' 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Evaluating the Assertion's AudienceRestriction/Audience values against the list of valid audiences: [saml-box] 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AudienceRestrictionConditionValidator - Matched valid audience: saml-box 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.SAML20AssertionValidator - Assertion contains at least 1 SubjectConfirmation, proceeding with subject confirmation 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData NotOnOrAfter '2026-03-20T13:33:31.869Z' against 'skewed now' time '2026-03-20T13:27:34.029766540Z' 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@Recipient of : https://saml-box.com/login/saml2/sso 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid recipient: https://saml-box.com/login/saml2/sso 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Evaluating SubjectConfirmationData@InResponseTo of: ARQa53c312-2f5a-47b5-8a69-13dcde150faf 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.o.s.s.a.i.AbstractSubjectConfirmationValidator - Matched valid InResponseTo: ARQa53c312-2f5a-47b5-8a69-13dcde150faf 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.s.s.s.p.s.a.BaseOpenSamlAuthenticationProvider - Successfully processed SAML Response [ID_d2ce5a0c-7c0c-4b87-875c-53477f6d4af6] 2026-03-20 13:32:34 [https-jsse-nio-443-exec-568] DEBUG o.s.s.s.p.s.w.a.Saml2WebSsoAuthenticationFilter - Set SecurityContextHolder to Saml2Authentication [Principal=org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal@30aec817, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=91.66.138.30, SessionId=8C9957B9DE6B298CDAC5CB76235CA74F], Granted Authorities=[ROLE_USER]] 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF9kMmNlNWEwYy03YzBjLTRiODctODc1Yy01MzQ3N2Y2ZDRhZjYiIEluUmVzcG9uc2VUbz0iQVJRYTUzYzMxMi0yZjVhLTQ3YjUtOGE2OS0xM2RjZGUxNTBmYWYiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMjozMy44NjlaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfZDJjZTVhMGMtN2MwYy00Yjg3LTg3NWMtNTM0NzdmNmQ0YWY2Ij48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+V3lTM3ltcW9uQ2N3N1hJWVM2cEhaeVhadnY5YnlTS0l2dmt3R0lyL2RSUT08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5qTGRnSjNUS3UvTDJSQmZWOU5pU1JoY3l0QUJrdHJIYkpWRmo0THp3TUNSZGk3ZFRQUkRIeTFBRnhtN1NiVXNJNlRhckhZWDBzd1NuL1RVZWNUWUZYd3BTa2FPQ0QvVEVZL29RU09oRC90UGlIVVltbXdFdVhCQzhFeFpFdm5iSi9SMXpHb08wVkhyKzY4SnB0Zyt3cG1yMEh6U1haWmtVZitRRkVmcDVYSGo5VzNwc0dwQlR4dVpaMWpZcjliazhORXIvZEptWXcwVUFSTTBJalFRa3JOMDZRTmZ1QTFIYW9IMUcxR3daQjJ0MTQ2TFk2VUczUTlYSWZXdThvK04rUExHb1E4Y3VFU1J0ZzQvbm5WN05GVzBOM0cxZllGbDdJWWpjNXJESythSnBRcmZUWEp0ZHJDN1JFYVplc1h0MEZTNkN3VlNneGMwVCt4bTNlb1ZaVmc9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfOGE0MmE5OGYtNmUyZi00NDVjLTk4YmUtZjRiMTg0NDk3NjlmIiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6MzI6MzMuODY5WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmdsYWRpYXRvckB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRYTUzYzMxMi0yZjVhLTQ3YjUtOGE2OS0xM2RjZGUxNTBmYWYiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMzozMS44NjlaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjMyOjMxLjg2OVoiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMzozMS44NjlaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMjozMy44NjlaIiBTZXNzaW9uSW5kZXg9IlQwNzhFbUFPSWpuMTVxc2x3cVFJakZVcTo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjMyOjMzLjg2OVoiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkxvcmVueiBLb2NrPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iU29sdXRpb24tRS1NYWlsIiBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Z2xhZGlhdG9yQHZhdGVyLXNvbHV0aW9uLmRlPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dW1hX2F1dGhvcml6YXRpb248L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtZXZlbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1jbGllbnRzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLWNsaWVudDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmRlZmF1bHQtcm9sZXMtbWFzdGVyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm9mZmxpbmVfYWNjZXNzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+aW1wZXJzb25hdGlvbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50LWxpbmtzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1ldmVudHM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5xdWVyeS11c2Vyczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnF1ZXJ5LXJlYWxtczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktZ3JvdXBzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+Y3JlYXRlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmlldy1yZWFsbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctaWRlbnRpdHktcHJvdmlkZXJzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+cXVlcnktY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlLXJlYWxtPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtY2xpZW50czwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4= 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] INFO c.b.s.c.SamlResponseController - Relay State: a938d609-be95-4a5b-808a-356aff25eb24 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:32:34 [https-jsse-nio-443-exec-574] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] INFO c.b.s.c.SamlResponseController - SAML Response: PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwczovL3NhbWwtYm94LmNvbS9sb2dpbi9zYW1sMi9zc28iIElEPSJJRF80OWY5ZGEyOS0wZGYyLTQ2ODItYWM5NC0yNTA4ODdhNWVjNWUiIEluUmVzcG9uc2VUbz0iQVJRODc1NTk2ZS1hNjdkLTRkNTUtOTY3MS1iYWJhMjdiNWRjNmQiIElzc3VlSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMToyMi4zOTJaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL21hc3Rlcjwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjSURfNDlmOWRhMjktMGRmMi00NjgyLWFjOTQtMjUwODg3YTVlYzVlIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+PGRzaWc6RGlnZXN0VmFsdWU+MGR0Tk0xdkdpUjFDNnJVOWhoRVV1WFZzNTZrTU9CZjNYa3FjWFZxb3NLYz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48L2RzaWc6U2lnbmVkSW5mbz48ZHNpZzpTaWduYXR1cmVWYWx1ZT5CUzVmZU81RUd6c0dGLzY0SnpCdjRVUHYzMXpDY3Z5SkhWRDBsOWVFdk5vMm5EQ0huTmpscWNrWWVVdERLbVpXRG5jSFFYYW95MEx5cHN2M0tlSTNNb2tjbXQ5emJ4akYweER5bXF1d1cvNnhKeGlndmdwaWorMENsYW9tVHFNejlOOGpjZ05QRXR5eXlrNkJHTGVzMUppcGhmbEQ4OTZtb0FQRGtmL0tlajh5NUh6bXZ5N1kveE9SbUM4dzRHQ2JQTXBTRzhiWlRmbitab29FRnNxeGRlalZQSTloUHVlbzlKT0NJeFNYai9Ncm9qWnRGdzZNR3pwekU2QnJtTDBaWmdGOWp4OFJVa0NuL1d0VFgwc0o0VWFyYTgzd1VTY2d6a1RVTUcwMWhQT1lCU0ZVYU5tRWluMmx4cklkd3ZRL1d1YWdpTVpNdUpDWWc2UWZ5SjdUNFE9PTwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDbXpDQ0FZTUNCZ0dkQWFJbWVqQU5CZ2txaGtpRzl3MEJBUXNGQURBUk1ROHdEUVlEVlFRRERBWnRZWE4wWlhJd0hoY05Nall3TXpFNE1UVTBOak0zV2hjTk16WXdNekU0TVRVME9ERTNXakFSTVE4d0RRWURWUVFEREFadFlYTjBaWEl3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzUvL0pzMTdCRlEyUjlzNytpSm1vdjE1QzhTd09rY0gzSjJTTk13WmJ0K3RHUjNzSkEwMVRGbkxvZVZQTFpXZDRiYXM1WGdhTGtCQzQvcFVCelpCN0x2RkxOWHhIdnZsMUZvN3lCT0dyQnRuVVRuTHdsbi9MTDd5VkpNMzZ4VUVRK2t1ZjVCVGg3V0xDMjJvektjV2tWdUJOV21RWjJUMmRqRk5BdElKVzJucE9BbTRTMHlSSk4xUVNxR2lUY2s1TWpldjhQTU01MURHbmlzeGtUVUxFY1BOYTVsL1FPR1VIQ3M0S3pEMnRINVUyUFNxTXM1M0FBMDMwUzVqV2h4UVJhNXVHVTNqLzFKQ1VjNnZXak1ZRU8zK2tNYjZDOThpejJmWm9SUFJQcUJhMm4wQkpwMmtQanpnMHVtWk9hSjREU2ROWEpKOXdsdGNnenJhcjdDelFaQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBTE5VK3NwNVpoZDZjNVdMVTRnRzdKKzBPalJXZG14bTVZRHNtRnNmemdjOGVvNTIxdUx5WEVCK0ZPR0hTdERNMHN1aFVVenNKdlE4RlhlRmcvbS9CVWVySmxteWt3K1ltSGF6bWczYkI4WHdsNSt0a09aUEx0T1VGZzBlWHU5djAwQ3FOZllRaWJ1Z2ZhNHBkSDFzUE84SW5zMFJ0QmVzZzlta3F6Y2JFbGkxdlZXQWpxSWZlVE1WYlhOT1pTVHNKVHBPQ1VBTGxEeXVpdnJIWE9FL3J3UStwK2dPTWdjNXJ3ODdHa0tVTlRucEMvTktYK0dQTCtISzZjd05DYXhrcC9NQnBMbUJCbDl5QXh3MWtjMnRnUnhBYXM5MFp5UnowRUI3VHB1QVAzSFh0OXZYS1RDbWYxZzZiT3Z6RmszaGN4ZEJWdkVUMEVOOFJ0VWM2cDcyU2ZFPTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjwvZHNpZzpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfYzBiNTY3ZGYtZjYyNy00NTYzLTljNzMtMGEzNWI2NTA5OGQ4IiBJc3N1ZUluc3RhbnQ9IjIwMjYtMDMtMjBUMTM6MzE6MjIuMzkyWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL3JlYWxtcy9tYXN0ZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPmJsYUB2YXRlci1zb2x1dGlvbi5kZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iQVJRODc1NTk2ZS1hNjdkLTRkNTUtOTY3MS1iYWJhMjdiNWRjNmQiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjoyMC4zOTJaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2FtbC1ib3guY29tL2xvZ2luL3NhbWwyL3NzbyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI2LTAzLTIwVDEzOjMxOjIwLjM5MloiIE5vdE9uT3JBZnRlcj0iMjAyNi0wMy0yMFQxMzozMjoyMC4zOTJaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnNhbWwtYm94PC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAyNi0wMy0yMFQxMzozMToyMi4zOTJaIiBTZXNzaW9uSW5kZXg9IkROQ2E5SFYtRUJIaHBsRnB0UTBFUTdybzo6NGVjMWM4M2MtODEwOS00ZGE2LWFiNTktN2E4ODY5NTUxZWNjIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDI2LTAzLTIwVDIzOjMxOjIyLjM5MloiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iQW56ZWlnZW5hbWUiIE5hbWU9ImRpc3BsYXlOYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPiA8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJTb2x1dGlvbi1FLU1haWwiIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL2VtYWlsYWRkcmVzcyIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5ibGFAdmF0ZXItc29sdXRpb24uZGU8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZWZhdWx0LXJvbGVzLW1hc3Rlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVtYV9hdXRob3JpemF0aW9uPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+b2ZmbGluZV9hY2Nlc3M8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iUm9sZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5tYW5hZ2UtYWNjb3VudC1saW5rczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZpZXctcHJvZmlsZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1hbmFnZS1hY2NvdW50PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+ 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] INFO c.b.s.c.SamlResponseController - Relay State: edd4aec0-5162-4740-a67f-f4816b5e8756 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2026-03-20 13:33:19 [https-jsse-nio-443-exec-567] DEBUG o.o.x.s.impl.SignatureUnmarshaller - Adding KeyInfo to Signature