Received SAML2 Response from idp-site-url
Has 1 candidate keys for validation.
Validation with key #0 succeeded. Has 1 candidate keys for validation. Validation with key #0 failed without exception. Filter config for idp-sp sites here array ( 0 => sspmod_saml_Auth_Process_NameIDAttribute::__set_state(array( 'attribute' => 'nameid', 'format' => array ( 0 => '', 1 => 'Value', 2 => false, ), 'priority' => 77, )),) Deleting state: '_3fe4e8d09edc2d83279aa1eff454cb8cfc1104161c'
and here is the actual saml response recieved by ssp-sp
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://ssp-sp-site.com/wp-content/plugins/sso-plugin/saml/www/module.php/saml/sp/saml2-acs.php/1" ID="_c9f0367ef60b15ad3931657d7e8eee47" InResponseTo="_3fe4e8d09edc2d83279aa1eff454cb8cfc1104161c" IssueInstant="2016-05-01T12:12:15.709Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://shib-idp-site.com/idp/shibboleth</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#_c9f0367ef60b15ad3931657d7e8eee47">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>7dpZor2qtxfpp/fyh8880qBE6rVQFd6Ar91vye6CHds=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>signature_value_here_removed_for_brevity=</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>Cert_removed_for_brevity</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_0e481ad534c7abe8b67cdeafe08876f1" IssueInstant="2016-05-01T12:12:15.709Z" Version="2.0">
<saml2:Issuer>http://shib-idp-site.com/idp/shibboleth</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="http://shib-idp-site.com/idp/shibboleth" SPNameQualifier="http://ssp-sp-site.com">use...@user-acc-site.com</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData Address="User_IP_Address_replaced" InResponseTo="_3fe4e8d09edc2d83279aa1eff454cb8cfc1104161c" NotOnOrAfter="2016-05-01T12:17:15.716Z" Recipient="http://ssp-sp-site.com/wp-content/plugins/saml-20-single-sign-on/saml/www/module.php/saml/sp/saml2-acs.php/1"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2016-05-01T12:12:15.709Z" NotOnOrAfter="2016-05-01T12:17:15.709Z">
<saml2:AudienceRestriction>
<saml2:Audience>http://ssp-sp-site.com</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2016-05-01T12:12:15.703Z" SessionIndex="_9ef829f98bfd2d121466f870ee2cacb9">
<saml2:SubjectLocality Address="clinet_ip_address_here"/>
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>