serac · October 9, 2012 18:04
diff --git a/samlValidateResponse-opensaml1.xml b/samlValidateResponse-opensaml1.xml
 <?xml version="1.0" encoding="utf-8" ?>
 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header />
  <SOAP-ENV:Body>
    <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
    xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="2008-12-10T14:10:30.341Z"
    MajorVersion="1" MinorVersion="1" Recipient="https://hostname.example.com/service"
    ResponseID="_10767f54021bf5c76185783070e1e664">
      <Status>
        <StatusCode Value="samlp:Success">
        </StatusCode>
      </Status>
      <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_eace8873fe6b5d320b947e34b448eb9d"
      IssueInstant="2008-12-10T14:10:30.341Z" Issuer="localhost" MajorVersion="1"
      MinorVersion="1">
        <Conditions NotBefore="2008-12-10T14:10:30.341Z" NotOnOrAfter="2008-12-10T14:11:00.341Z">
          <AudienceRestrictionCondition>
            <Audience>
              https://hostname.example.com/service
            </Audience>
          </AudienceRestrictionCondition>
        </Conditions>
        <AttributeStatement>
          <Subject>
            <NameIdentifier>
              johnq
            </NameIdentifier>
            <SubjectConfirmation>
              <ConfirmationMethod>
                urn:oasis:names:tc:SAML:1.0:cm:artifact
              </ConfirmationMethod>
            </SubjectConfirmation>
          </Subject>
          <Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <AttributeValue>
              12345
            </AttributeValue>
          </Attribute>
          <Attribute AttributeName="memberOf" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <AttributeValue>
              cn=group1,ou=Groups,dc=vt,dc=edu
            </AttributeValue>
          </Attribute>
          <Attribute AttributeName="eduPersonAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <AttributeValue>
              employee
            </AttributeValue>
            <AttributeValue>
              staff
            </AttributeValue>
            <AttributeValue>
              student
            </AttributeValue>
          </Attribute>
          <Attribute AttributeName="accountState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <AttributeValue>
              ACTIVE
            </AttributeValue>
          </Attribute>
        </AttributeStatement>
        <AuthenticationStatement AuthenticationInstant="2008-12-10T14:10:30.129Z"
        AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:X509-PKI">
          <Subject>
            <NameIdentifier>
              johnq
            </NameIdentifier>
            <SubjectConfirmation>
              <ConfirmationMethod>
                urn:oasis:names:tc:SAML:1.0:cm:artifact
              </ConfirmationMethod>
            </SubjectConfirmation>
          </Subject>
        </AuthenticationStatement>
      </Assertion>
    </Response>
  </SOAP-ENV:Body>
 </SOAP-ENV:Envelope>
diff --git a/samlValidateResponse-opensaml2.xml b/samlValidateResponse-opensaml2.xml
 <?xml version="1.0" encoding="utf-8"?>
 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Body>
    <saml1p:Response xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"
        IssueInstant="2012-10-08T14:03:50.897Z" MajorVersion="1"
        MinorVersion="1" Recipient="https://hostname.example.com/service"
        ResponseID="_65fbcb817a14ed59993faa21335680f7">
      <saml1p:Status>
        <saml1p:StatusCode Value="saml1p:Success" />
      </saml1p:Status>
      <saml1:Assertion xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
          AssertionID="_52232897a0bda15c83ed1939c0a5884a"
          IssueInstant="2012-10-08T14:03:50.897Z" Issuer="localhost"
          MajorVersion="1" MinorVersion="1">
        <saml1:Conditions NotBefore="2012-10-08T14:03:50.897Z" NotOnOrAfter="2012-10-08T14:04:20.897Z">
          <saml1:AudienceRestrictionCondition>
            <saml1:Audience>https://hostname.example.com/service</saml1:Audience>
          </saml1:AudienceRestrictionCondition>
        </saml1:Conditions>
      <saml1:AuthenticationStatement AuthenticationInstant="2012-10-08T13:51:31.379Z"
          AuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport">
        <saml1:Subject>
          <saml1:NameIdentifier>somebody</saml1:NameIdentifier>
          <saml1:SubjectConfirmation>
            <saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
          </saml1:SubjectConfirmation>
        </saml1:Subject>
      </saml1:AuthenticationStatement>
      <saml1:AttributeStatement>
        <saml1:Subject>
          <saml1:NameIdentifier>somebody</saml1:NameIdentifier>
          <saml1:SubjectConfirmation>
            <saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
            </saml1:SubjectConfirmation>
        </saml1:Subject>
          <saml1:Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">8675309</saml1:AttributeValue>
          </saml1:Attribute>
          <saml1:Attribute AttributeName="passwordState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">ACTIVE</saml1:AttributeValue>
          </saml1:Attribute>
          <saml1:Attribute AttributeName="accountState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">ACTIVE</saml1:AttributeValue>
            </saml1:Attribute>
          <saml1:Attribute AttributeName="username" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">somebody</saml1:AttributeValue>
                </saml1:Attribute>
          <saml1:Attribute AttributeName="eduPersonAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">student</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">affiliate</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">alum</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">employee</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">staff</saml1:AttributeValue>
          </saml1:Attribute>
          <saml1:Attribute AttributeName="groupMembership" AttributeNamespace="http://www.ja-sig.org/products/cas/">
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">cn=group1,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">cn=group2,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">cn=group3,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">cn=group4,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
            <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:type="xs:string">cn=group5,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
          </saml1:Attribute>
        </saml1:AttributeStatement>
      </saml1:Assertion>
    </saml1p:Response>
  </SOAP-ENV:Body>
 </SOAP-ENV:Envelope>
	<?xml version="1.0" encoding="utf-8" ?>
	<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Header />
	<SOAP-ENV:Body>
	<Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
	xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="2008-12-10T14:10:30.341Z"
	MajorVersion="1" MinorVersion="1" Recipient="https://hostname.example.com/service"
	ResponseID="_10767f54021bf5c76185783070e1e664">
	<Status>
	<StatusCode Value="samlp:Success">
	</StatusCode>
	</Status>
	<Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_eace8873fe6b5d320b947e34b448eb9d"
	IssueInstant="2008-12-10T14:10:30.341Z" Issuer="localhost" MajorVersion="1"
	MinorVersion="1">
	<Conditions NotBefore="2008-12-10T14:10:30.341Z" NotOnOrAfter="2008-12-10T14:11:00.341Z">
	<AudienceRestrictionCondition>
	<Audience>
	https://hostname.example.com/service
	</Audience>
	</AudienceRestrictionCondition>
	</Conditions>
	<AttributeStatement>
	<Subject>
	<NameIdentifier>
	johnq
	</NameIdentifier>
	<SubjectConfirmation>
	<ConfirmationMethod>
	urn:oasis:names:tc:SAML:1.0:cm:artifact
	</ConfirmationMethod>
	</SubjectConfirmation>
	</Subject>
	<Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<AttributeValue>
	12345
	</AttributeValue>
	</Attribute>
	<Attribute AttributeName="memberOf" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<AttributeValue>
	cn=group1,ou=Groups,dc=vt,dc=edu
	</AttributeValue>
	</Attribute>
	<Attribute AttributeName="eduPersonAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<AttributeValue>
	employee
	</AttributeValue>
	<AttributeValue>
	staff
	</AttributeValue>
	<AttributeValue>
	student
	</AttributeValue>
	</Attribute>
	<Attribute AttributeName="accountState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<AttributeValue>
	ACTIVE
	</AttributeValue>
	</Attribute>
	</AttributeStatement>
	<AuthenticationStatement AuthenticationInstant="2008-12-10T14:10:30.129Z"
	AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:X509-PKI">
	<Subject>
	<NameIdentifier>
	johnq
	</NameIdentifier>
	<SubjectConfirmation>
	<ConfirmationMethod>
	urn:oasis:names:tc:SAML:1.0:cm:artifact
	</ConfirmationMethod>
	</SubjectConfirmation>
	</Subject>
	</AuthenticationStatement>
	</Assertion>
	</Response>
	</SOAP-ENV:Body>
	</SOAP-ENV:Envelope>
	<?xml version="1.0" encoding="utf-8"?>
	<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Body>
	<saml1p:Response xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"
	IssueInstant="2012-10-08T14:03:50.897Z" MajorVersion="1"
	MinorVersion="1" Recipient="https://hostname.example.com/service"
	ResponseID="_65fbcb817a14ed59993faa21335680f7">
	<saml1p:Status>
	<saml1p:StatusCode Value="saml1p:Success" />
	</saml1p:Status>
	<saml1:Assertion xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
	AssertionID="_52232897a0bda15c83ed1939c0a5884a"
	IssueInstant="2012-10-08T14:03:50.897Z" Issuer="localhost"
	MajorVersion="1" MinorVersion="1">
	<saml1:Conditions NotBefore="2012-10-08T14:03:50.897Z" NotOnOrAfter="2012-10-08T14:04:20.897Z">
	<saml1:AudienceRestrictionCondition>
	<saml1:Audience>https://hostname.example.com/service</saml1:Audience>
	</saml1:AudienceRestrictionCondition>
	</saml1:Conditions>
	<saml1:AuthenticationStatement AuthenticationInstant="2012-10-08T13:51:31.379Z"
	AuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport">
	<saml1:Subject>
	<saml1:NameIdentifier>somebody</saml1:NameIdentifier>
	<saml1:SubjectConfirmation>
	<saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
	</saml1:SubjectConfirmation>
	</saml1:Subject>
	</saml1:AuthenticationStatement>
	<saml1:AttributeStatement>
	<saml1:Subject>
	<saml1:NameIdentifier>somebody</saml1:NameIdentifier>
	<saml1:SubjectConfirmation>
	<saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</saml1:ConfirmationMethod>
	</saml1:SubjectConfirmation>
	</saml1:Subject>
	<saml1:Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">8675309</saml1:AttributeValue>
	</saml1:Attribute>
	<saml1:Attribute AttributeName="passwordState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">ACTIVE</saml1:AttributeValue>
	</saml1:Attribute>
	<saml1:Attribute AttributeName="accountState" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">ACTIVE</saml1:AttributeValue>
	</saml1:Attribute>
	<saml1:Attribute AttributeName="username" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">somebody</saml1:AttributeValue>
	</saml1:Attribute>
	<saml1:Attribute AttributeName="eduPersonAffiliation" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">student</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">affiliate</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">alum</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">employee</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">staff</saml1:AttributeValue>
	</saml1:Attribute>
	<saml1:Attribute AttributeName="groupMembership" AttributeNamespace="http://www.ja-sig.org/products/cas/">
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">cn=group1,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">cn=group2,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">cn=group3,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">cn=group4,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
	<saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:type="xs:string">cn=group5,ou=Groups,dc=example,dc=com</saml1:AttributeValue>
	</saml1:Attribute>
	</saml1:AttributeStatement>
	</saml1:Assertion>
	</saml1p:Response>
	</SOAP-ENV:Body>
	</SOAP-ENV:Envelope>