From d256090056cc0af4ae418d0611df6060bc9df63b Mon Sep 17 00:00:00 2001
From: Keith Hazelton <khazelton@gmail.com>
Date: Thu, 4 Apr 2019 14:40:20 -0500
Subject: [PATCH] Add files via upload

---
 Sources/SIS/shib-idp/bin/init-idp.sh          |  31 +++
 Sources/SIS/shib-idp/bin/run-jetty.sh         |  16 ++
 .../conf/attribute-filter.xml                 |  55 +++++
 .../conf/attribute-resolver.xml               | 187 +++++++++++++++
 .../conf/cas-protocol.xml                     |  84 +++++++
 .../customized-shibboleth-idp/conf/global.xml |  28 +++
 .../conf/ldap.properties                      |  63 ++++++
 .../conf/metadata-providers.xml               |  82 +++++++
 .../conf/saml-nameid.xml                      |  62 +++++
 .../credentials/idp-backchannel.crt           |  19 ++
 .../credentials/idp-backchannel.p12           | Bin 0 -> 2490 bytes
 .../credentials/idp-browser.p12               | Bin 0 -> 2805 bytes
 .../credentials/idp-encryption.crt            |  19 ++
 .../credentials/idp-encryption.key            |  27 +++
 .../credentials/idp-signing.crt               |  19 ++
 .../credentials/idp-signing.key               |  27 +++
 .../credentials/jetty.crt                     |  28 +++
 .../credentials/jetty.key                     |  30 +++
 .../credentials/sealer.jks                    | Bin 0 -> 500 bytes
 .../credentials/sealer.kver                   |   2 +
 .../metadata/idp-metadata.xml                 | 213 ++++++++++++++++++
 .../metadata/web-app.xml                      |  58 +++++
 .../client-storage/client-storage-read.vm     |  53 +++++
 .../client-storage/client-storage-write.vm    |  53 +++++
 .../customized-shibboleth-idp/views/duo.vm    |  83 +++++++
 .../customized-shibboleth-idp/views/error.vm  |  73 ++++++
 .../views/intercept/attribute-release.vm      | 158 +++++++++++++
 .../views/intercept/expiring-password.vm      |  54 +++++
 .../views/intercept/terms-of-use.vm           |  67 ++++++
 .../views/login-error.vm                      |  24 ++
 .../customized-shibboleth-idp/views/login.vm  | 140 ++++++++++++
 .../views/logout-complete.vm                  |  59 +++++
 .../views/logout-propagate.vm                 |  58 +++++
 .../customized-shibboleth-idp/views/logout.vm |  91 ++++++++
 .../views/spnego-unavailable.vm               |  49 ++++
 .../views/user-prefs.vm                       |  60 +++++
 .../webapp/css/consent.css                    | 150 ++++++++++++
 .../webapp/css/logout.css                     |  12 +
 .../webapp/css/main.css                       | 165 ++++++++++++++
 .../webapp/images/TIER_logo-249.png           | Bin 0 -> 4485 bytes
 .../webapp/images/dummylogo-mobile.png        | Bin 0 -> 8208 bytes
 .../webapp/images/dummylogo.png               | Bin 0 -> 7120 bytes
 .../webapp/images/failure-32x32.png           | Bin 0 -> 2580 bytes
 .../webapp/images/success-32x32.png           | Bin 0 -> 2448 bytes
 .../webapp/js/Duo-Web-v2.min.js               |   1 +
 .../webapp/js/jquery-2.1.4.min.js             |   4 +
 .../shib-jetty-base/etc/jetty-backchannel.xml |  81 +++++++
 .../opt/shib-jetty-base/etc/jetty-logging.xml |  33 +++
 .../shib-jetty-base/etc/jetty-ssl-context.xml |  32 +++
 .../shib-jetty-base/modules/backchannel.mod   |   8 +
 .../shib-jetty-base/start.d/backchannel.ini   |   8 +
 .../opt/shib-jetty-base/start.d/ssl.ini       |   7 +
 .../shib-idp/opt/shib-jetty-base/start.ini    |  24 ++
 .../opt/shib-jetty-base/webapps/idp.xml       |   7 +
 .../opt/shibboleth-idp/conf/logback.xml       | 179 +++++++++++++++
 55 files changed, 2783 insertions(+)
 create mode 100644 Sources/SIS/shib-idp/bin/init-idp.sh
 create mode 100644 Sources/SIS/shib-idp/bin/run-jetty.sh
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js
 create mode 100644 Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-backchannel.xml
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-logging.xml
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-ssl-context.xml
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/modules/backchannel.mod
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/backchannel.ini
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/ssl.ini
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/start.ini
 create mode 100644 Sources/SIS/shib-idp/opt/shib-jetty-base/webapps/idp.xml
 create mode 100644 Sources/SIS/shib-idp/opt/shibboleth-idp/conf/logback.xml

diff --git a/Sources/SIS/shib-idp/bin/init-idp.sh b/Sources/SIS/shib-idp/bin/init-idp.sh
new file mode 100644
index 0000000..aa6305e
--- /dev/null
+++ b/Sources/SIS/shib-idp/bin/init-idp.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+export JAVA_HOME=/opt/jre-home
+export PATH=$PATH:$JAVA_HOME/bin
+
+cd /opt/shibboleth-idp/bin
+
+# Remove existing config to build starts with an empty config
+rm -r ../conf/
+
+echo "Please complete the following for your IdP environment:"
+./build.sh -Didp.target.dir=/opt/shibboleth-idp init gethostname askscope metadata-gen
+
+mkdir -p /ext-mount/customized-shibboleth-idp/conf/
+
+# Copy the essential and routinely customized config to out Docker mount.
+cd ..
+cp -r credentials/ /ext-mount/customized-shibboleth-idp/
+cp -r metadata/ /ext-mount/customized-shibboleth-idp/
+cp conf/{attribute-resolver.xml,attribute-filter.xml,cas-protocol.xml,idp.properties,ldap.properties,metadata-providers.xml,relying-party.xml,saml-nameid.xml} /ext-mount/customized-shibboleth-idp/conf/
+
+# Copy the basic UI components, which are routinely customized
+cp -r views/ /ext-mount/customized-shibboleth-idp/
+mkdir /ext-mount/customized-shibboleth-idp/webapp/
+cp -r webapp/css/ /ext-mount/customized-shibboleth-idp/webapp/
+cp -r webapp/images/ /ext-mount/customized-shibboleth-idp/webapp/
+cp -r webapp/js/ /ext-mount/customized-shibboleth-idp/webapp/
+rm -r /ext-mount/customized-shibboleth-idp/views/user-prefs.js
+
+echo "A basic Shibboleth IdP config and UI has been copied to ./customized-shibboleth-idp/ (assuming the default volume mapping was used)."
+echo "Most files, if not being customized can be removed from what was exported/the local Docker image and baseline files will be used."
diff --git a/Sources/SIS/shib-idp/bin/run-jetty.sh b/Sources/SIS/shib-idp/bin/run-jetty.sh
new file mode 100644
index 0000000..05a9174
--- /dev/null
+++ b/Sources/SIS/shib-idp/bin/run-jetty.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+#set -x
+
+export JAVA_HOME=/opt/jre-home
+export PATH=$PATH:$JAVA_HOME/bin
+
+if [ -e "/opt/shibboleth-idp/ext-conf/idp-secrets.properties" ]; then
+  export JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=`gawk 'match($0,/^jetty.backchannel.sslContext.keyStorePassword=\s?(.*)\s?$/, a) {print a[1]}' /opt/shibboleth-idp/ext-conf/idp-secrets.properties`
+  export JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=`gawk 'match($0,/^jetty\.sslContext\.keyStorePassword=\s?(.*)\s?$/, a) {print a[1]}' /opt/shibboleth-idp/ext-conf/idp-secrets.properties`
+fi
+
+export JETTY_ARGS="jetty.sslContext.keyStorePassword=$JETTY_BROWSER_SSL_KEYSTORE_PASSWORD jetty.backchannel.sslContext.keyStorePassword=$JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD"
+sed -i "s/^-Xmx.*$/-Xmx$JETTY_MAX_HEAP/g" /opt/shib-jetty-base/start.ini
+
+exec /etc/init.d/jetty run
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml
new file mode 100644
index 0000000..0df6a7b
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+    This file is an EXAMPLE policy file.  While the policy presented in this 
+    example file is illustrative of some simple cases, it relies on the names of
+    non-existent example services and the example attributes demonstrated in the
+    default attribute-resolver.xml file.
+    
+    Deployers should refer to the documentation for a complete list of components
+    and their options.
+-->
+
+<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
+        xmlns="urn:mace:shibboleth:2.0:afp"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd">
+
+    <!-- Release everything to everything for this demo. -->
+    <AttributeFilterPolicy id="DEFAULT">
+        <PolicyRequirementRule xsi:type="ANY" />
+
+        <AttributeRule attributeID="eduPersonPrincipalName">
+            <PermitValueRule xsi:type="ANY" />
+        </AttributeRule>
+
+        <!-- you wouldn't want to do this in a federation. You should use EPPN -->
+        <AttributeRule attributeID="uid">
+            <PermitValueRule xsi:type="ANY" />
+        </AttributeRule>
+
+        <!-- mail attribute I'm "generating" based on uid. -->
+        <!-- eventually get this from ldap -->
+        <AttributeRule attributeID="mail">
+            <PermitValueRule xsi:type="ANY" />
+        </AttributeRule>
+
+        <!-- eduPerson stuff -->
+        <AttributeRule attributeID="eduPersonEntitlement"> 
+            <PermitValueRule xsi:type="ANY"/> 
+        </AttributeRule>
+
+        <AttributeRule attributeID="eduPersonAffiliation"> 
+            <PermitValueRule xsi:type="ANY"/> 
+        </AttributeRule>
+
+        <!-- name stuff -->
+        <AttributeRule attributeID="commonName"> <PermitValueRule xsi:type="ANY" /> </AttributeRule>
+        <AttributeRule attributeID="surname"> <PermitValueRule xsi:type="ANY" /> </AttributeRule>
+        <AttributeRule attributeID="givenName"> <PermitValueRule xsi:type="ANY" /> </AttributeRule>
+
+        <!--  Release isMemberOf to anyone -->
+        <AttributeRule attributeID="isMemberOf"> <PermitValueRule xsi:type="ANY"/> </AttributeRule>
+
+    </AttributeFilterPolicy>
+
+</AttributeFilterPolicyGroup>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml
new file mode 100644
index 0000000..14cf67d
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml
@@ -0,0 +1,187 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+    This file is an EXAMPLE configuration file. While the configuration
+    presented in this example file is semi-functional, it isn't very
+    interesting. It is here only as a starting point for your deployment
+    process.
+    
+    Very few attribute definitions and data connectors are demonstrated,
+    and the data is derived statically from the logged-in username and a
+    static example connector.
+
+    Attribute-resolver-full.xml contains more examples of attributes,
+    encoders, and data connectors. Deployers should refer to the Shibboleth
+    documentation for a complete list of components and their options.
+-->
+<AttributeResolver
+        xmlns="urn:mace:shibboleth:2.0:resolver" 
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd">
+
+
+    <!-- ========================================== -->
+    <!--      Attribute Definitions                 -->
+    <!-- ========================================== -->
+
+    <!--
+    The EPPN is the "standard" federated username in higher ed.
+    For guidelines on the implementation of this attribute, refer
+    to the Shibboleth and eduPerson documentation. Above all, do
+    not expose a value for this attribute without considering the
+    long term implications. 
+    -->
+    <AttributeDefinition id="eduPersonPrincipalName" xsi:type="Scoped" scope="%{idp.scope}" sourceAttributeID="uid">
+        <Dependency ref="uid" />
+        <AttributeEncoder xsi:type="SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
+        <AttributeEncoder xsi:type="SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
+    </AttributeDefinition>
+
+    <!--
+    The uid is the closest thing to a "standard" LDAP attribute
+    representing a local username, but you should generally *never*
+    expose uid to federated services, as it is rarely globally unique.
+    -->
+    <AttributeDefinition id="uid" xsi:type="PrincipalName">
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
+    </AttributeDefinition>
+
+    <!--
+    In the rest of the world, the email address is the standard identifier,
+    despite the problems with that practice. Consider making the EPPN
+    value the same as your official email addresses whenever possible.
+    -->
+    <AttributeDefinition id="mail" xsi:type="Simple" sourceAttributeID="email">
+        <Dependency ref="registryDB" />
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
+    </AttributeDefinition>
+
+<!-- attributes from ldap -->
+<AttributeDefinition id="commonName" xsi:type="Simple" sourceAttributeID="fullName">
+    <Dependency ref="registryDB" />
+    <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:cn" />
+    <AttributeEncoder xsi:type="SAML2String" name="urn:oid:2.5.4.3" friendlyName="cn" />
+</AttributeDefinition>
+
+    <AttributeDefinition xsi:type="Simple" id="givenName" sourceAttributeID="givenname">
+        <Dependency ref="registryDB"/>
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:givenName"/>
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:2.5.4.42" friendlyName="givenName"/>
+    </AttributeDefinition>
+
+   <AttributeDefinition xsi:type="Simple" id="surname" sourceAttributeID="surname">
+        <Dependency ref="registryDB"/>
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:sn"/>
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:2.5.4.4" friendlyName="sn"/>
+    </AttributeDefinition>
+
+    <AttributeDefinition xsi:type="Simple" id="eduPersonAffiliation" sourceAttributeID="affiliation">
+        <Dependency ref="staticAttributes"/>
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:eduPersonAffiliation"/>
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation"/>
+    </AttributeDefinition>
+
+
+   <AttributeDefinition xsi:type="Simple" id="eduPersonEntitlement" sourceAttributeID="entitlement">
+        <Dependency ref="staticAttributes"/>
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:eduPersonEntitlement"/>
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement"/>
+    </AttributeDefinition>
+
+
+   <AttributeDefinition xsi:type="Simple" id="isMemberOf" sourceAttributeID="GROUP_NAME">
+        <Dependency ref="grouperDB"/>
+        <AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:isMemberOf"/>
+        <AttributeEncoder xsi:type="SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.5.1.1" friendlyName="isMemberOf"/>
+    </AttributeDefinition>
+
+
+
+    <!-- ========================================== -->
+    <!--      Data Connectors                       -->
+    <!-- ========================================== -->
+
+    <DataConnector id="staticAttributes" xsi:type="Static">
+        <Attribute id="affiliation">
+            <Value>member</Value>
+        </Attribute>
+        <Attribute id="entitlement">
+            <Value>urn:mace:example.edu:demoservice:demo-user</Value>
+        </Attribute>
+    </DataConnector>
+
+<!-- LDAP Data connector -->
+<!-- most of these settings are set in ldap.properties file -->
+<!-- 
+
+NOTE: no longer used...attributes come from DB based registry in this version...
+
+<DataConnector id="myLDAP" xsi:type="LDAPDirectory"
+    ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
+    baseDN="%{idp.attribute.resolver.LDAP.baseDN}"
+    principal="%{idp.attribute.resolver.LDAP.bindDN}"
+    principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
+    useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}">
+    <FilterTemplate>
+        <![CDATA[
+            %{idp.attribute.resolver.LDAP.searchFilter}
+        ]]>
+    </FilterTemplate>
+    <ReturnAttributes>*</ReturnAttributes>
+</DataConnector> -->
+
+<!-- Restricting based on entityID or default release: -->
+<DataConnector id="grouperDB" xsi:type="RelationalDatabase" readOnlyConnection="false" queryTimeout="PT3S">
+  <Dependency ref="uid"/>
+  <BeanManagedConnection>MyDataSource</BeanManagedConnection>
+  <QueryTemplate><![CDATA[
+      #if (${uid.size()} > 0)
+           SELECT DISTINCT grouper_memberships_lw_v.group_name
+           FROM grouper.grouper_aval_asn_group_v
+           JOIN grouper.grouper_memberships_lw_v
+           USING (group_id)
+           WHERE subject_id='$uid.get(0)'
+               AND grouper_aval_asn_group_v.attribute_def_name_name='etc:attribute:ShibEntityId:ShibEntityId'
+               AND (value_string = '$requestContext.getPeerEntityId()' OR value_string='DEFAULT')
+               AND grouper_aval_asn_group_v.enabled='T'
+           ORDER BY group_name ASC;
+      #else
+          SELECT 1
+      #end
+  ]]></QueryTemplate>
+ </DataConnector>
+
+<!-- Every single membership to isMemberOf: -->
+<!--
+<DataConnector id="grouperDB" xsi:type="RelationalDatabase" readOnlyConnection="false" queryTimeout="PT3S">
+  <Dependency ref="uid"/>
+  <BeanManagedConnection>MyDataSource</BeanManagedConnection>
+  <QueryTemplate><![CDATA[
+      #if (${uid.size()} > 0)
+          SELECT DISTINCT GROUP_NAME 
+          FROM grouper.grouper_memberships_lw_v
+          WHERE SUBJECT_ID='$uid.get(0)'
+      #else
+          SELECT 1
+      #end
+  ]]></QueryTemplate>
+ </DataConnector>
+-->
+
+<DataConnector id="registryDB" xsi:type="RelationalDatabase" readOnlyConnection="false" queryTimeout="PT3S">
+  <Dependency ref="uid"/>
+  <BeanManagedConnection>MyDataSource</BeanManagedConnection>
+  <QueryTemplate><![CDATA[
+      #if (${uid.size()} > 0)
+          select givenname, surname, fullName, email from myapp_development.users where uid='$uid.get(0)'
+      #else
+          SELECT 1
+      #end
+  ]]></QueryTemplate>
+ </DataConnector>
+
+
+
+
+</AttributeResolver>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml
new file mode 100644
index 0000000..d0b3d55
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
+       default-init-method="initialize"
+       default-destroy-method="destroy">
+
+    <!--
+       | The CAS service registry defines verified relying parties by endpoint URI.
+       | The default implementation treats the ID of each entry as a regular expression defining a logical group of
+       | services whose URIs match the expression.
+       |
+       | This bean is reloaded periodically according to %{idp.home}/conf/services.properties.
+       -->
+    <bean id="reloadableServiceRegistry"
+          class="%{idp.cas.serviceRegistryClass:net.shibboleth.idp.cas.service.PatternServiceRegistry}">
+        <property name="definitions">
+            <list>
+                <!--
+                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
+                      c:regex="https://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
+                      p:group="proxying-services"
+                      p:authorizedToProxy="true"
+                      p:singleLogoutParticipant="true" />
+                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
+                      c:regex="http://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
+                      p:group="non-proxying-services"
+                      p:authorizedToProxy="false" /
+                -->
+            </list>
+        </property>
+    </bean>
+
+    <!--
+       | The default ticket service as of 3.3.0 serializes ticket data into the opaque section of the ticket ID
+       | for service tickets and proxy tickets. Proxy-granting tickets still require server-side storage, and
+       | a StorageService defined by the idp.cas.StorageService is used. Thus for deployers that do not require
+       | CAS proxy capabilities, no stateful storage mechanism is required; that means no memcached or database
+       | is required for HA deployments that want CAS (without proxy) support. A notable limitation of the new
+       | component is that the one-time use feature of service and proxy tickets is not available due to the lack
+       | of a ticket-tracking mechanism. Instead, tickets expire when their expiration period is exceeded.
+       | If this limitation is of concern, one may consider decreasing ticketValidityPeriod on the profile
+       | configuration from the default 15000ms.
+       -->
+    <alias name="encodingTicketService" alias="shibboleth.CASTicketService" />
+
+    <!--
+       | Uncomment the following element and comment out the above to enable the previous default ticket service
+       | that uses a StorageService for ticket persistence. Use this if the one-time use limitation of
+       | EncodingTicketService is problematic and can't be mitigated by decreasing ticketValidityPeriod.
+       -->
+    <!--<alias name="simpleTicketService" alias="shibboleth.CASTicketService" /> -->
+
+    <!--
+       | The predicate used to determine whether IdP session validation is performed during the process of granting
+       | a proxy ticket. When the predicate evaluates to true, an IdP session is resolved and validated prior to
+       | granting a proxy ticket. This feature prevents issuing proxy tickets when an IdP session is expired, but comes
+       | at the cost of requiring server-side storage of IdP session data. If this is configured to a predicate that
+       | evaluates to true under any condition, a server-side storage service must be enabled for IdP session
+       | storage. The most common non-default value is "alwaysTrue."
+       -->
+    <bean id="shibboleth.CASProxyValidateIdPSessionPredicate"
+          class="com.google.common.base.Predicates"
+          factory-method="alwaysFalse" />
+
+
+    <!-- ============== Advanced CAS Configuration ============== -->
+
+    <!-- Configure a third-party ticket service. -->
+    <!--
+    <bean id="shibboleth.CASTicketService"
+          class="org.example.idp.cas.CustomTicketService" />
+    -->
+
+    <!-- Configure a third-party proxy authenticator. -->
+    <!--
+    <bean id="shibboleth.CASProxyAuthenticator"
+          class="org.example.idp.cas.CustomProxyAuthenticator" />
+    -->
+</beans>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml
new file mode 100644
index 0000000..3f709bd
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
+                           
+       default-init-method="initialize"
+       default-destroy-method="destroy">
+
+<bean id="MyDataSource" class="org.apache.commons.dbcp.BasicDataSource"
+      p:driverClassName="com.mysql.jdbc.Driver"
+      p:url="jdbc:mysql://tier-demo-mysql:3306/grouper?autoReconnect=true"
+      p:username="root"
+      p:password=""
+      p:maxActive="10"
+      p:maxIdle="5"
+      p:maxWait="15000"
+      p:testOnBorrow="true"
+      p:validationQuery="select 1"
+      p:validationQueryTimeout="5" />
+
+
+</beans>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties
new file mode 100644
index 0000000..2f4d905
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties
@@ -0,0 +1,63 @@
+# LDAP authentication configuration, see authn/ldap-authn-config.xml
+# Note, this doesn't apply to the use of JAAS
+
+## Authenticator strategy, either anonSearchAuthenticator, bindSearchAuthenticator, directAuthenticator, adAuthenticator
+idp.authn.LDAP.authenticator                   = bindSearchAuthenticator
+
+## Connection properties ##
+idp.authn.LDAP.ldapURL                          = ldap://tier-demo-ldap:389
+idp.authn.LDAP.useStartTLS                     = false
+idp.authn.LDAP.useSSL                          = false
+# Time in milliseconds that connects will block
+#idp.authn.LDAP.connectTimeout                  = PT3S
+# Time in milliseconds to wait for responses
+#idp.authn.LDAP.responseTimeout                 = PT3S
+
+## SSL configuration, either jvmTrust, certificateTrust, or keyStoreTrust
+#idp.authn.LDAP.sslConfig                       = certificateTrust
+## If using certificateTrust above, set to the trusted certificate's path
+idp.authn.LDAP.trustCertificates                = %{idp.home}/credentials/ldap-server.crt
+## If using keyStoreTrust above, set to the truststore path
+idp.authn.LDAP.trustStore                       = %{idp.home}/credentials/ldap-server.truststore
+
+## Return attributes during authentication
+idp.authn.LDAP.returnAttributes                 = passwordExpirationTime,loginGraceRemaining
+
+## DN resolution properties ##
+
+# Search DN resolution, used by anonSearchAuthenticator, bindSearchAuthenticator
+# for AD: CN=Users,DC=example,DC=org
+idp.authn.LDAP.baseDN                           = ou=people,dc=example,dc=edu
+#idp.authn.LDAP.subtreeSearch                   = false
+idp.authn.LDAP.userFilter                       = (uid={user})
+# bind search configuration
+# for AD: idp.authn.LDAP.bindDN=adminuser@domain.com
+idp.authn.LDAP.bindDN                           = cn=admin,dc=example,dc=edu
+idp.authn.LDAP.bindDNCredential                 = password
+
+# Format DN resolution, used by directAuthenticator, adAuthenticator
+# for AD use idp.authn.LDAP.dnFormat=%s@domain.com
+idp.authn.LDAP.dnFormat                         = uid=%s,ou=people,dc=example,dc=edu
+
+# LDAP attribute configuration, see attribute-resolver.xml
+# Note, this likely won't apply to the use of legacy V2 resolver configurations
+idp.attribute.resolver.LDAP.ldapURL             = %{idp.authn.LDAP.ldapURL}
+idp.attribute.resolver.LDAP.connectTimeout      = %{idp.authn.LDAP.connectTimeout:PT3S}
+idp.attribute.resolver.LDAP.responseTimeout     = %{idp.authn.LDAP.responseTimeout:PT3S}
+idp.attribute.resolver.LDAP.baseDN              = %{idp.authn.LDAP.baseDN:undefined}
+idp.attribute.resolver.LDAP.bindDN              = %{idp.authn.LDAP.bindDN:undefined}
+idp.attribute.resolver.LDAP.bindDNCredential    = %{idp.authn.LDAP.bindDNCredential:undefined}
+idp.attribute.resolver.LDAP.useStartTLS         = %{idp.authn.LDAP.useStartTLS:true}
+idp.attribute.resolver.LDAP.trustCertificates   = %{idp.authn.LDAP.trustCertificates:undefined}
+idp.attribute.resolver.LDAP.searchFilter        = (uid=$resolutionContext.principal)
+
+# LDAP pool configuration, used for both authn and DN resolution
+#idp.pool.LDAP.minSize                          = 3
+#idp.pool.LDAP.maxSize                          = 10
+#idp.pool.LDAP.validateOnCheckout               = false
+#idp.pool.LDAP.validatePeriodically             = true
+#idp.pool.LDAP.validatePeriod                   = PT5M
+#idp.pool.LDAP.prunePeriod                      = PT5M
+#idp.pool.LDAP.idleTime                         = PT10M
+#idp.pool.LDAP.blockWaitTime                    = PT3S
+#idp.pool.LDAP.failFastInitialize               = false
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml
new file mode 100644
index 0000000..fbd2a6d
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This file is an EXAMPLE metadata configuration file. -->
+<MetadataProvider id="ShibbolethMetadata" xsi:type="ChainingMetadataProvider"
+    xmlns="urn:mace:shibboleth:2.0:metadata"
+    xmlns:resource="urn:mace:shibboleth:2.0:resource"
+    xmlns:security="urn:mace:shibboleth:2.0:security"
+    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
+                        urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd 
+                        urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
+                        urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd">
+                        
+    <!-- ========================================================================================== -->
+    <!--                             Metadata Configuration                                         -->
+    <!--                                                                                            -->
+    <!--  Below you place the mechanisms which define how to load the metadata for SP(s) you will   -->
+    <!--  provide service to.                                                                       -->
+    <!--                                                                                            -->
+    <!--  Two examples are provided.  The Shibboleth Documentation at                               -->
+    <!--  https://wiki.shibboleth.net/confluence/display/IDP30/MetadataConfiguration                -->
+    <!--  provides more details.                                                                    --> 
+    <!--                                                                                            -->
+    <!--  NOTE.  This file SHOULD NOT contain the metadata for this IdP.                            -->
+    <!-- ========================================================================================== -->
+
+    <!--
+    Example HTTP metadata provider.  Use this if you want to download the metadata
+    from a remote source.
+
+    You *MUST* provide the SignatureValidationFilter in order to function securely.
+    Get the public key certificate from the party publishing the metadata, and validate
+    it with them via some out of band mechanism (e.g., a fingerprint on a secure page).
+
+    The EntityRoleWhiteList saves memory by only loading metadata from SAML roles
+    that the IdP needs to interoperate with. 
+    -->
+    
+    <!--
+    <MetadataProvider id="HTTPMetadata"
+                      xsi:type="FileBackedHTTPMetadataProvider"
+                      backingFile="%{idp.home}/metadata/localCopyFromXYZHTTP.xml"
+                      metadataURL="http://WHATEVER"> 
+        
+        <MetadataFilter xsi:type="SignatureValidation" certificateFile="%{idp.home}/credentials/metaroot.pem" />
+        <MetadataFilter xsi:type="RequiredValidUntil" maxValidityInterval="P30D"/>
+        <MetadataFilter xsi:type="EntityRoleWhiteList">
+            <RetainedRole>md:SPSSODescriptor</RetainedRole>
+        </MetadataFilter>
+    </MetadataProvider>
+    -->   
+
+    <!--
+    Example file metadata provider.  Use this if you want to load metadata
+    from a local file.  You might use this if you have some local SPs
+    which are not "federated" but you wish to offer a service to.
+    
+    If you do not provide a SignatureValidation filter, then you have the
+    responsibility to ensure that the contents on disk are trustworthy.
+    -->
+    
+    <!--
+    <MetadataProvider id="LocalMetadata"  xsi:type="FilesystemMetadataProvider" metadataFile="PATH_TO_YOUR_METADATA"/>
+    -->
+
+<!-- you can use this idp against testshib.org -->  
+<MetadataProvider id="HTTPMetadataTESTSHIB"
+                  xsi:type="FileBackedHTTPMetadataProvider"
+                  backingFile="%{idp.home}/metadata/testshib-providers.xml"
+                  metadataURL="http://www.testshib.org/metadata/testshib-providers.xml"/>
+ 
+<!-- demo web app -->
+<MetadataProvider id="WebAppDemoMetadata"  xsi:type="FilesystemMetadataProvider" metadataFile="%{idp.home}/metadata/web-app.xml"/>
+
+<!-- Canvas -->
+<MetadataProvider id="canvas" 
+                  xsi:type="FileBackedHTTPMetadataProvider"
+                  xmlns="urn:mace:shibboleth:2.0:metadata" 
+                  metadataURL="https://tier.instructure.com/saml2" 
+                  backingFile="%{idp.home}/metadata/canvas-metadata-bak.xml" />
+    
+</MetadataProvider>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml
new file mode 100644
index 0000000..ea97448
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
+                           
+       default-init-method="initialize"
+       default-destroy-method="destroy">
+
+    <!-- ========================= SAML NameID Generation ========================= -->
+
+    <!--
+    These generator lists handle NameID/Nameidentifier generation going forward. By default,
+    transient IDs for both SAML versions are enabled. The commented examples are for persistent IDs
+    and generating more one-off formats based on resolved attributes. The suggested approach is to
+    control their use via release of the underlying source attribute in the filter policy rather
+    than here, but you can set a property on any generator called "activationCondition" to limit
+    use in the most generic way.
+    
+    Most of the relevant configuration settings are controlled using properties; an exception is
+    the generation of arbitrary/custom formats based on attribute information, examples of which
+    are shown below.
+    
+    -->
+    
+    <!-- SAML 2 NameID Generation -->
+    <util:list id="shibboleth.SAML2NameIDGenerators">
+    
+        <ref bean="shibboleth.SAML2TransientGenerator" />
+        
+        <!-- Uncommenting this bean requires configuration in saml-nameid.properties. -->
+        <!--
+        <ref bean="shibboleth.SAML2PersistentGenerator" />
+        -->
+
+        <!--
+        <bean parent="shibboleth.SAML2AttributeSourcedGenerator"
+            p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+            p:attributeSourceIds="#{ {'mail'} }" />
+        -->
+                
+    </util:list>
+
+    <!-- SAML 1 NameIdentifier Generation -->
+    <util:list id="shibboleth.SAML1NameIdentifierGenerators">
+
+        <ref bean="shibboleth.SAML1TransientGenerator" />
+
+        <!--
+        <bean parent="shibboleth.SAML1AttributeSourcedGenerator"
+            p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+            p:attributeSourceIds="#{ {'mail'} }" />
+        -->
+                
+    </util:list>
+    
+</beans>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt
new file mode 100644
index 0000000..ef29ec6
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx
+MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL
+sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM
+ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1
+kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF
+KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy
+Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E
+FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo
+dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
+AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX
+ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC
+t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT
+BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/
+SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX
+xDkRFm7ZnBhVnGde7W9xjmw+eA==
+-----END CERTIFICATE-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12 b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6e4487ac368cd437971eb26221a1f1701bd7a6d0
GIT binary patch
literal 2490
zcmY+EcQ_l08pgAPDAf|9v{Z@F8bK7Xs*YKk8r6uE8dX#ss&<6fqh_iIt=dwD8nsug
zs#Rk3IAR@IGqzi<^E~&Sd(R)=^M23!e&6@s_e0`gwICoEiHCVZVK<|6qYhYsj6gCT
z<^aLNFz2=n63^iIkB9*a!86#N+g9gg4!!W7Ef!`Vh>V9EBk_=Zq!^U>zxMfYUI^SM
z`A<yHJI=WhLV(P2jZ<ZXkyRxK1OY(skluP%n-0eH4Cfd5jw?}HB`?@2ggdj$`{|q0
zDw&}_n|LopO9ooi7&Z15NT5O1=8pte5`Fkjvzt-k>A|nQEfWYP(^rn}+-JFXKd>76
z8by+iZg{@7#~kX{_ifXJw^x#r+^~I8I%`JEvCB0?wMXuqoD3bx-{>ko{19%^ZCLrR
z#RMqgPdI253C}9E-v*8z5nmNKb$jnrO9o+SN~)XOil=#`C2_mJBhotJ^>+fxrr}di
z(ehmbQPMqG%Zc&v#NBH5+&2LBjJ$MQtM{s32+jvTuI&3&lKE=C=)}Iac`d|OJLIsd
zJSVi2Q0DLbHNnX5_P0V8Yf3G=sx~Pn-iG85nkXP%V>doGG3>9--D5U>KsB^%Gk4hL
zY^e1TsVg#v%Eo$T&siM^yuxx0^iY*=m6eEk%@SWzwD_OGZ3%wJ#b?ZHSuT4N&heHO
zQN60gV!2gxg+WPsbGSFHg|!XJwz9BrLy2T`(_TF;jj~>+O)qONPLBRE^tpf5==F=P
z6qS=ZN#t3jZuJ6iRUfyupF_BAAwfo?i^;0g^Zn>=H6jUKea6bz1ci>eINob5s=#7>
z`^rPIdTaWp=o-Z=D7DBi)-KR!g<9C;F}I8cZ4#4H1j=Ak|6igbXWaVp$zi4e&ao}5
zV!w<Edmg7P-Z~=s4q$RwhFrFuXOQo%y(}NzDlZ6DM3mFSABR?{rnYj3`=Y;a@e!WY
zSXBU}K6<K$3-Wsm3tm9+DZ(*LmnMq=X~#~&pE4v4z4*V_(OHH&VmB!zC~zJ<*x03{
zQ!dWpyM?MF^eE!fXP7=;f04&#%%z2ZeiQApFfk5chB)kxA{=76cUMt2s<B0(UKium
zPE+Vuu?A(fagXWhr&Bq?4~m~yO1AZvlZGVw-yA5Oe7#y1fU;k78@Z`bAtx;XkC}AZ
zZG+@NcB9x(Iy%)CL!bXFMo=B9mVc#rY-8Rg?8fP&%XJ!rJmjXg>`GKhC!JD8H}vJh
zuI2g`;rR$jzxu6q`P^XI%lwzQkcgfo(_HYvnZl97i(m(s)XV$qC%->E<zNMR>bFT)
zalMiiV)`s&>6YX9N5Fh|UHs%JQF(Kqra5x@S(R&WI|@WVTb!<EH_;DfM1|kK9=`2<
zwKLtht^4vabtmgiW%=kDptQ{6w|XH#F{m<;T#tB*A=39fmG@#c9t}q7{#@Pn*X(WI
zEH$zCE+&??hh{Y}uAav&9h>%XZ?QWE53*#WW;9r8`_Mkf;}lw&$cx*l?{JxQ1-(g9
z8&Neph@%gY2x5DoIA%L55%x}+%lHyK0MT(@=HO%Hk{ZqZ+RKQ05ym&wYLsbWnNUX;
zK4t8;&19wYY=m+i_=*%ax797IX}3*Y*V;97HP;ffEcNDala~jO-i`J+uw*Yt@Ie0n
zq&<~RnS5YiHDX&^H=nOLFH*LY$IQ^EkoQoTT^&WDVwzAD0)h)YJT^Mc-(?L|li9tY
zx77xi<=Etw(p<!@TW(z0QY5MQ$J*vk&>K!0XILi#8gqL40lN)=@Ut%iE9)QAh6-st
z48YZ5w3xJ%_X0|Y9~N4~W8I|ng}I6S(>*n!G7X|fnkl>zi0F}<--)2;OQtd^JMqhC
zBL)8^B@8YD=Vu3a0K5QB0EcsRJ@1|YeE)xhQw9!Uw{UxcyDo!Ll9iEBlv6?>QAi{n
zyzuuOMkpB%{(5c=gMff@>HA*-{0C;Ce__@*Un}cww3=~QLW$lqE7#75CA0Nkm<_{&
zlf$BQ)Vc|utmD&kVzwXI+93J5{c}Q0f9(6yQRpGSfr^)mv93_ja#sGw)Sw8GJI8xB
z4vuk)hTv?jq}V3zoMuh?9Tt7haqv%~B2FM|$!sIvz0=RrA+?giHOOClI>=Zfvcae;
z8Nls&gxXL3HXftY`E}aiEnFh?dxwR}D#&;2J@~pCFXnQb!ec2t6L~(b3k_!%OX;Gi
zfn>u&D}k*%S^96S&Q)Q%2Cmz^rOiU`e!vCA2HFJY*9ddccXwNZ1<{{z?^lNCT1#Qh
z{XP|lhdY!|icc;fm)cw$DT}l4PFDbr+nF&^f9F({-#8P$Ex#OO8}PC#L6a|DdJ?8s
zBM!xqt0?y@=QCcRUQPw?T`0-!j<_or>wQN7OX9m|cA%*wzsQ;0@uJTZXI9DjgZ4^K
zJ>f&etY4#J?J>CjZNl;!AmgNeWf#_PjI?NB9rMgv>5+Aaok&%Rm+%xtRJU_qbhJN9
z<*DNsW6$X11+z`WJ2f1+)F&!!oSbddD$G-xb{5(F;`wW;WY1UoMTCexn}+xUrqPMt
zkHzi^JMJ<)rqq|3-Pdph?cgiBJp}G44689G(cIc=scR||0r%7HRH^U6S2V}<)NS>l
z_6>W$h?8W4vnEIV2L>F&jjcldBvE-6CbeYChO#jxXTx}<vuZoR*5R%lxSK|yMsGa-
z#W9Ve-T2WCG`S5skMS??S#Ine2^+4t^X*OeP~x^M%ZU(0KsJTl*S1DFfP{<CSE88b
z;TQv&smpe?H?jugl;V10GK4ZtD=||F$DVuZ20<bhuY?SaMFc92F@^`F>?ELXo{TVh
z9}}zW5x&v6QQGkO%Z;Yj$xb6+;<X2r;@H874PVpNLwJ&zKjf%$T~}y(jn2GRdUXBm
zjAp3T&w+^j&e993;qZU4`izvy8oIN#-EMVk*jl;T<PUxvD0f=Z5`;U{!pxNB{P|b{
z8|nb=yJU1aSyZ>O1KOMp60ul_?Bhs5?`>CfO7Zzw_k6ytbBpEuni<JheEMB64@6>&
z>lO?vIL}+)!)Q3vNGsgUctq<t!Ekx>$rH?76jD`bt5@1*ZcKfg0=3Sf2d8+-pCZje
zIuoV5KQfQ-NdB=bHizY_Oi<}mJDakwK8X*%;gx`>PJCh~IZ>bB%%~BxOdTJ0c;cR&
zWiaHxJfx*_`ryP<^A8Q!s8#B{^#|4xFLl{xW00yyK_m>yaO)x%#LEDHz_l?@JX9f5
qI4|=t+f0;WH0$%>WC+|lZrz4h9eZ5;QzGfIM!R7V&h_(OFa2-$`<qMv

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12 b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12
new file mode 100644
index 0000000000000000000000000000000000000000..7c0df5316440ff315bbc3eeebb255a924d6fdd05
GIT binary patch
literal 2805
zcmY+^cQhM}8V2x)B#8OhC3cJ&u}AEx8m(2eXVs=bYSgL`qf!(VM56??R~4;YMQxwW
z*P@EpYSU8V_B-d^``!D;d){-N=bY!ypA-hV4<sX(!a(0cs6^xS;(ySRQIHWa&{7Zv
z`ucZFl)`{5|EVBE3|Q}Xqzxnk{C;ZxG-OgR2=w0zG-MDdIuIot@!JvfFxv_Uqy$7^
zzzplZd>-_?_l>d29jf%pLmDWmIa1lS&PZ(`47w-e;5;?t@#Yi^C4Axw=e4h$p}tjK
z=H+bzIe~aB0fZ~lz=oUv>J}<c?c}mja-;a$V80tRM62JS9)6cb9|>%YY2051=dSD3
z8G{rDfevwpZ%#BBVc(Gjq}Wj5g}2rBogEDebj%}@@chrly>Ayr+zv_2cVIk@NMn|$
z<F+(tgD7ZuDe&3BW!Xz8L=CqFIh@%?+gUc)H+a*JuY0Dvg_(A%#KkRhHX~qq9qStH
z_G62|>8LxSvI%lZUtllu7jG(PrPd7exDrMWO*I9(>yzmafkKWJ+CHei;2F;bkVAjG
zb#Yj!q95CM$oMOp!=TPx)%nJGjrA9tDZ})s{kBr9=y<7hjpWgmtmF5EbQ@MNqX`|q
zkQU9B5zOJ`)GKjFi(!ZzA0$XxVa`GXuk~zKyE$js!dJ~>oHgU^OXhSHNC2irQi=9O
zg)EYO4Le@an;eLJ0kVji#v{_U=$GzQzrmIZoU{%rtCydD=5#jh3PQL&KDEyuDQIP9
zV-ffUy$kLIthi6gJ}AZZ-PXx6esWS-F8haVxja8?pxnh1CsXq4`+gCCefog$%-2Lm
z56Ek*J++G>vq|JdRpR>Gvb=E@>X&NQ)MZocIA=P?)YPqsH2qAY1Fn=iZuQ&}vz@s)
zeiDLD6Pt?llfQ4wlj(5j^CniZz#zsw1?xRgbh8-9iB+uGhg|x%4)CL<VcyqpP$QLM
zKJT87<~+mDu*bzt2+fNRR5r4D1WuNfoQWuDj7ueBuYE4cOUa2;AeBR|8#cv;9*-W*
zl-zirzMpMWmX1T}8(wL$+0<_;-Z>(F8@lpP)%8wC*&suVgBO<S=<G<JL2$=WSBC)f
z&7<XYzI?QTd^eJ!v9Y$azijY0>Z_#|hscEX{4I;kyw%o87T=a9k%fQNi!&gT1Rl3<
z*3d0p=gYlx<k44`BN8Q_Bb<Wrd<V2GCWBP=%Hm<&&0<9tYkWF+D^5SPIdX6?g0_nD
z{qZhlE=op29W2(uzb80f5|{cBZ5m)`jf@DQ{i-Znd*?}#g9zp%n6qnj&tpEQGHj_$
zr}<ZO5O1u{F`vkXvg+s^m)Ba>m2W0*rko#f5}<5=TzH(!`amyWpK@?+=WDuP2}M5o
zl^xcZ`S_`ymvAmla%efb>-^JYP+D!C;QGyGj!<IfM7Wkral)Uw(~oUzNPT%6?~a1^
zqOb8dQ^G&+s5gW?S_r3nE<<%YGV{i!Kp{Gr!sPn>F`&}&kp57le1k5^r*WL6hyWRd
zx<0J{<QKVTtMh(VP-)XukTb#1k!OiDv*n8vs<9~UOW7OB4M|5_CDSpXG5#-g^bD53
z-phXNMz7mo1n=$FfOi5nXk8Sanx_1C1aF|L{^lUB=Fev)Qr158ENoXkWI4YfWAKe*
z|Mi7L5TjvnrkKHxFl!U9qdU9A6NB71-ZeK?<wi6Lj7pMMi~JSNvB>u-R>g!jHQxPD
zr<Xl;Tf{EhXB=z%KB_vCyQp7uF1fg^PlC2@9`J-%&tSV8bSMkw)|L=G_pXU7k?;3C
zGsUMxt|jC+&U9VVjh`p6?&Mf2&t-B7E@gVNWwjR1oR6d;!zddj=mfx)?nu&uM`IM1
zOqBPVAzxL=VSo+~-^k!L9YWuMeB*iV5zFcr|B%7j_M&WK+!+#0*2(Hp63twl@*B__
z{{!f6T4g{OFyePC`ul_+)c@fWN(LliKs!<x(B}UsOa8aAvqDurHoSMs|5g@+0rg#l
znjM??bh?rUPFqwoh=_e#k`vx$F>NxlSYc@B1fSA2>FqD<&)|%pH4Y)2efQ1|?uiyb
z{M*|Ev@x5S+UbnC-DU>|L$r}MRHss<6^l8c`~k!Fbk>`}E+P|U$;38N+Spn64V+<s
zE>JJHnlF{QN)zQk@_$Ll47B(NC~==kXjdu4Hj6B38RRFTpVzI=d`!Gxr+dhQp5`<W
z{sff)NM5V*D|<6%{whhi-oAUeMC0yH75XQC`q}2}K2EqA;Ph*ZGhRQiYLQg#_ZOEo
ztFFzGIFBrpIUY1qMc7k$fY2d8-K|P`+UJea74e>pBge`N#8|B&vzYpCZ9j4lMQX9O
z^Ksa7jSS(wX@*_4L`ir_#biv$u!{>n<Ll<rHq}ROC$03TLGv13Stt920`X{M1=U_%
zucENZjc22EF*w?z4%NqT!MTCj@0>5(Db#^$Dr#=G`JKhOH7*}W7k`AXVjom})v(n9
z$^J!c6mnM-zRGSbBu9AC=y`a>kME}Di>TaOsH^K}k--k@J5}8orE%cQFo@I0Jh_E9
zz|VyC?#6in62K}z(xuEvW131FJKeP^dNsG7JHb+1-(Nj7TyBdM|NL1fi`J{3?mY6?
zmSnnNM-v7N^-AHCU_oB5>9X{t`0@V!(^c8SVMU>|Ve562o%iR#kk$j5jTudIJZTsH
zMWiRhH_-}i9g6VBVx9KRZ<&Gh{wOwrVR}$3$}!EW`0Sr2U!aI!VSAUhnNohXZ19(f
z*mhiv74KeFPm*#!eR%=f(hq3y8RXHy%FQa`iWS#Yz+m$bnp}t9pmqeso8X(;t3;je
z79e(8w%&xTR9_p#?4jFeeYxzYTcU)>HF71)#0Ze<>8Go7M3wPy(Tr8tgQ=RxvckGd
zIm0t(=$Ve%c)Rww?}_AiYbGB=pr&WgDQYC=1^w!H!L_3i-mxXzy3l+1k=U8jIDGW1
zbWH-dgYA|jEIT5yzKgY~v96EB-1=gKvyD5&G1=%BE7lrJ2TwWZzULS(QBjKboI156
ze?EV6%4laEo!63Ypz4YKdJ$0>)VaGYb-K;2*jZCIH-w!YUFy$C`ZAn(2k>bqaQ@W6
z>z7=z5)UBY^PW3jiStSg+(+p}nC#VTf-zAroNaOf@vbc5g$Fq&U@FHF7SrLbHr!-f
z?;Rqy9vehgbzfh&RX=GLCdzb$*O#Yw_cE<{ZDqvLjwa2NiAsJfDe~h&1%=mqH^ed{
za45A{Y!@y$py(Bla(`D=Hry6L)9HbVwny7g7Cz+pN<A()mA2TRcj4RUHCuW}N6Brv
zW%)!sx?CN-C`iJ@&uTU>rIoBZk+#{!iw8d?dx>Ol;eYNVVFab)wP4<j1Sq*UsSUy!
zJvUh+Lt4$3-}HY>C@9{ljG$SCMW`W}w{y5-qh5tdYFA+m&b)Wg)02O4-)(i3dJoPN
za!oY-uvXha^&N*Zgg4h$m^i0qkxwg_)F!ZSH{rQ5oc8-2qW?^<R;Vq~A7t5DhtLmm
zm2O5?*oq+b!b%A)J&!Uiy}-EA@*Q*1Eejfq>-mJUwddva(;4$fr_r*)hc?mAZ>ft_
z+xP4Yj~hw5#ZHQUpW-^E=**+#C??uV3rY$6S4S!qX;u)k<rOgV!NhD+cyUX5FFsH~
zY3`o7l(ZC|6cq$4Mn?|h00ThGBl88~G}kQ`di&{vEONH@CkW5IL6mj`q%hfgN&MeR
F{tNz?BEJ9t

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt
new file mode 100644
index 0000000..2f3e4a4
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0
+MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS
+x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99
+3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl
+P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws
+nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A
+dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O
+BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6
+i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ
+OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF
+fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV
+FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA
+3ffQkUP9K+ZGyGQijt6gAEJXcsw=
+-----END CERTIFICATE-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key
new file mode 100644
index 0000000..5240e81
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAlukSX4yAG4pziDMaeLvqBxA7+xr8i6mgrZFGycYQo9LHur3d
+kJ7j9NMhHxkCuTtqhO06tXezvGE6W/DCVSZASEi6ke2TQQPJbFdXjEryL33euo2R
+hwcz8LWJl+gpygSHBDmkFW6QSDG1IgB+w3tQITzyhNE+FMdXxcmQ2PDrpWU/UwGw
+7kpBqgpb8Cnzqe6ENQcw0UC3+MnZQUaERWV7i5tyQFOW2tkNX3ybqEdhTCycK5EY
+Re6wYOyqAS33cLzNGMBWHI0E2n6NBQcIE/L/pMbsBnROQ+5DcDGEO3fjLoB2BJoI
+ObLmwjXihrVLVRqBIq3wBenMLRqjynCrP63y6wIDAQABAoIBABemmXGOFHm8fhTH
+ZYusb6YBvlTBSvkccYkiLoTq3KrAGvtCTFog/Lre5972zX14OV5xy3SrOOj6F+pW
+1i4AG6z4cPzzzdMvo76uBZOAH2qgAGseSsNtto8v9EtxYDM/+GUKH5QYStZ1q9yT
+VUqPpeQ/qAZ2wJMDFtdxmpjVUSkPcnSW5yGQ0kZ82gNCUC4matqwN9glyhNenYKq
+y9h+5Rj+JjP3Xyf7lzJqzyKel9qJ/aSyMpzpA4JeyVbHdAAFL4GihaBnmSBkNrX4
+DuHghMLS+WOk4EeGLRaZIatwKvSBMqeb2gyI6vPyPRxzaQd2OevGvATOsltqjmow
+5ocwAgECgYEAytEE5jKjDMRVvEC42aH2dg6QUXWirz8DmlWaF8C5FJjaJISdUmny
+pxhLZ/GyD1XwaH/RQawBYSq+HPyaUO0xIIzduxyLaZmlu/bLuA/+riLtfvdp3k3z
+j1NlPzer4MnrJ8yZfHehNDm+6tv2PcySxZyXXvW8joQZ52FymqqIsesCgYEAvnuf
+bnnA+4nH2mE+0WOziZ+yDhUQqBB4PCWdjlvHWw/iv1yCxSreS2jD8acJgbBmhOhl
+Di4pncoG4NM0182EW6VVGjEaHnTUwFoCEIjEbCSc+oo8dnsqK2gwb0XNGKI+I/OY
+uAOyP8iqYqae6cUQyHWlg5cmdRCKpc9TI6XOgwECgYEAg+VChmHP33GfP/nnPMEz
+grsd55vU3JriQPACcggHVPnCg5Uqqnn0L+6Au2xXG9oLqinVcBvoGcSuNjOgN5jJ
+Jh315MU/dMFTItXwzha4zY4xXSyRUNzo1ACsC1ytDlbB8vP/rQ4va8NSAXJixPXR
+TWn0lvDAWv5Vyj95RFQ66VkCgYA5OFupTSvapAYEJOhA8ElTk0RilJNfWSs1LjuJ
+MyrMwRXlVD34SqtiTcNmyT3C1qHFVSZePyHDQ5gTW37pQNR8z0qkRpHJCmGKsr8i
+BmOy9MCvRm1pThBZ37+E/ZvhxYMTO67pwDqAjKAaaGEealNjVGv2/qXPzrtHmeMo
+tzs1AQKBgE4zeVwa9ZzHjgAz+mkHtxdXvM1pEYa3drTqyME3eGvttwHj5JoF9P4k
+N9/BMeQqXMa5lS8Y7iL4LkTxxGS8Rld6L3WkY8XwvaMgGxsrPP8GQJp++Nt89dhB
+fd86T52Rs5vBmin6QVTmAfjleqnlk1/DIysc4vNugFTy2PWM5jB5
+-----END RSA PRIVATE KEY-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt
new file mode 100644
index 0000000..7318637
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0
+MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P
+lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0
+W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu
+84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0
+3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd
+bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O
+BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq
+VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np
+VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv
+KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX
+GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc
+SJ5zygjKVMFLsbAkzGUFYG1DbBM=
+-----END CERTIFICATE-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key
new file mode 100644
index 0000000..ebc8880
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA2tt4nKxEgh+dXg0IGSCUPtOeewGIA/yuZgyUo3MH/w+WHxPw
+D+bdlxJ8rlc6ihX0disnjOQ9hZB+YxNzuA+iG0SdW9TZPQGGpdUYi1E0+rRbw8/I
+mJp/lw9N6PZRTSa8SPpFfOzA+al1pu2L6EUwrWvAoMYCDI3Ps744Nu1R4S7zgHg5
+V6GOBzQM554gw6kJrRllRG0ZyZZrYn/YPw422xPpgvOsEdKN5rxqG7YycLTdOZDT
+TzJaVfO1aI2RxxWy1DtbBPVoSifqeLrTw61EtnrhQdGZozoxkd+3YNzJiB1sTvAC
+sqlq4uxwTMBdFpJ0niW+2AB2Od4AJs9tNem+BQIDAQABAoIBAQDFNE949S0CB1S4
+g4uRgK6z8eFyuw2BcjT/VUS2Bxfkd3nw5PlCiueOkiTwvz7LYD8YH4iSxrK84FdS
+FRwHdWa/pVMZhTB+bRqT4PEtz+2qHcw2I8t/3m8rganVSeY2W7n7FDB7AaZdEJon
+4RJZJ8dV7Kr085azEzFdqABlVfCasxX8SdG6XyTiSRBla1SHhw7DB1OYphWTHob5
+1NOM3GYefgI+hcMnCFDNyXJcdyYoHAMqt6dVbJjMFO5yu0AcSI5gxtNpU6bG7E36
+Bm/hGUG1WYdl1EkWFfogo0Fw0Sm9h4hZDyYgm0j/ZCdGh8PI6JSR2Dbs41aPpzHu
+9IFDnFqBAoGBAPTSKSLqDMiEQxyTFhkxnvZE6p7z27UW6sf9wwncEkM8bB9FmnZs
+/5x/HRnBjsQMxoYeKX+5w7XRo2qlAmAwo4wGAipkEswzqYmKIxXZaL1VquJ9zQWa
+G5nY6ybARLW2JEtod3rnqXYqL7/OkS5QN4JRkm/KWxOYWlXpYUwNOzohAoGBAOTZ
+zt1BjfXCWK3I1HmJRo2qLgJMqLlM9umOLFQ734xYbA7V9f5oMzjAUBSwT8v/Ls1F
+DTVdDOKroBpivhRkk5S3SRpuoNQhIJXIsqv91NPSDF3hXQyTU4F+ar5T19BWU5oz
+wS+LbIjHgY00517fwd4662c0Ib54RXZtI+lvZ+9lAoGBAIftg595+Zz/Kk/cLoHQ
+diTfwLB+TrctwS9G6po30P/5tUJrn8Yu4IDgZqTdPcoGGddvObVLy6jQe34Dnd0Q
+RE3DLEKjC3jLGk9eHfrMmgW9YcKc/E8m8DosIOuEBuIo/d/MYcIgi4srAxXot9zR
+9u/pIHfnD0hC560Zhcb29bJhAoGAYGw5EdZWFu9M5+QPSioB1RyYCBX+nRyFiECE
+AvW7KenzlYim/gsvUcENvLnQ1VXuhUSL3SkYjcTcT2G9TuBVojpbjcyA7QAMN6/5
+QChR7PG6ji+vQeYtMAlwtkKjUr+cuAMIaZzoHPVaa4GX3syOZbETkEdR1GvecJhp
+oihzdVUCgYEAqkMNBgZuVKaQA0WbrQvVfOp657kGFObvVu/lzCVHhGw83MN6kCUP
+cIMhZGxaBpSdXY4LqYnqP5A/NYMbpB+SHve5kMxTd5bGqmZRjleR2z5sH/nlGucP
+YTo0H8nFFUzK5h5Xi4X/uYMlv1o/7TqdCUfPCfVLRN0ZKv28N1C/11o=
+-----END RSA PRIVATE KEY-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt
new file mode 100644
index 0000000..7a58283
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIErTCCA5WgAwIBAgIJAOSlrj6xJUHHMA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCV0kxEDAOBgNVBAcTB01hZGlzb24xGDAWBgNVBAoT
+D1RJRVIgVW5pdmVyc2l0eTESMBAGA1UECxMJSW50ZXJuZXQyMRIwEAYDVQQDEwls
+b2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnRpZXItYXBpQGludGVybmV0Mi5lZHUw
+HhcNMTcwNDEzMjE0MzA5WhcNMTcwNTEzMjE0MzA5WjCBlTELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAldJMRAwDgYDVQQHEwdNYWRpc29uMRgwFgYDVQQKEw9USUVSIFVu
+aXZlcnNpdHkxEjAQBgNVBAsTCUludGVybmV0MjESMBAGA1UEAxMJbG9jYWxob3N0
+MSUwIwYJKoZIhvcNAQkBFhZ0aWVyLWFwaUBpbnRlcm5ldDIuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwTB3FgmlPOh/aw3wgD3xWxbVxLdsEQ5
+2py0IjLVEfFZyzXMIVjtzhS+9m3U5ER9L9XnXlHZTT46rb3M3f74o8/46xr7KGOb
+CVRqhjqWErjiYgGwbVoq1UuC1+AvRXX4adqTuIFaUL4ITMHxlm5v/bhPO9RKdUmK
+P9PRNdHeZLpMzo5uKINQUFt3DDI+Xf52fiLj7MbLvrVaabZBNRcwm+atSNai8RGn
+6bKC2L5dX9QxQ6JQ/uIUYawHETPEeoPsNkCcxq6VLJKNEpR7Dlt78mpty/N0M3y9
+3h8qODjI6XbL30Ug1iBOI4sum688YhePY/t3VCrWOwkEvffZcDAbRwIDAQABo4H9
+MIH6MB0GA1UdDgQWBBTXvg4SGbM+edkQP4ejVF3T2EPPpTCBygYDVR0jBIHCMIG/
+gBTXvg4SGbM+edkQP4ejVF3T2EPPpaGBm6SBmDCBlTELMAkGA1UEBhMCVVMxCzAJ
+BgNVBAgTAldJMRAwDgYDVQQHEwdNYWRpc29uMRgwFgYDVQQKEw9USUVSIFVuaXZl
+cnNpdHkxEjAQBgNVBAsTCUludGVybmV0MjESMBAGA1UEAxMJbG9jYWxob3N0MSUw
+IwYJKoZIhvcNAQkBFhZ0aWVyLWFwaUBpbnRlcm5ldDIuZWR1ggkA5KWuPrElQccw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZUN0cEMk61Okf8n+R4W1
+hpVgs7q7cpn77OfCG0d8X5mP+NMzrBCFTwHGpTK2FJAM4/B87Im81F9ydPXPCoVN
+dkldZddDU6ZcSwlxQQda/lwoosPu2xX3gE6dkrSV8lNvUAHq3b/RyFG3glU17NUB
+EtWP8iDpu2d6LuoBmlhSmA+6TsHxynU1wduNOIkDXisGJF19hExiR9ypEDCITvp3
+rfhiXaakPLTLcuVlwTpc1HUwmFQ4yWTH1pxid7ykjN1QRV2rP98RYCubrDpkd7bY
+ApwKcoTbcMmfabl13RvDlrrw9srBk4BDVsBTF2TQtFwBlMl1ZzXW1mkKJ/S22/7t
+JQ==
+-----END CERTIFICATE-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key
new file mode 100644
index 0000000..e6448e8
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,69574AB259C87F77
+
+rViCFIARC3FSSYAyrxeTvbow6OcpiWBs/aPJulxYsuJ0FE8QKwFSeBYkt+fP+5bs
+x/9OXImLaOgmcDc72URhlhqDF2bNGQJA/dorkUhe4v7co8kV/o1lGoCnF2irBOD7
+3IDv5SJUzveeocW9GCc5mng1YIHNmHh7rCQScAc17mVUEBWwvx46tQP2BNMA6VoP
+dVyfCJ/3UoCPCFwel74EMmh9dC7HyTgt/KweBZIEE17jxLFirS1VwKuZ4idDvXKL
+5ZvHkXV73OL8UVgWzgCfyKtKlaiZDq4L9/zgjfPK0+35thihzvOum0fB/m4hVDV9
+8iqcLBScRjWLJKfSANWsj/pQC6waXB2oXq/ulOT221EnUDRkITRp/RdkfDSPMNxj
+1X7/tVQhFF+Dle+909FRWHt43jK4edRJnMp982lF9YXGcZVe6D30tOomhTR8ABO/
+ANR0SmoR+M8oBTZOPGeTlE5UjzN24QSGFsLwj6ucuARfZU++NppYYe6TwKivxQow
+YmoK6QUsLHQthHUYwPB8ohZgP7YXrFZGxZvQFGehrl4JLdAgsQfm4QhcXBjkIrLA
+geaZZT9eopy+36adYlsAII4vVpl5YM1wDTF44IsofJYJj67OYF4qbCUmOe4pls9g
+lg8vq2C/fJRfWTb+F7q55/VbsHhvEvQtYnXLIlR8pzpDq9UxYOL6coxpBGvjJ8hh
+rmeEMqIpbFs5KjxbLN+AK6ZMi7V2q9neI7mHM98WpGuifdVltTa//qt3IwJl8xA2
+PxqYAZ0Mu87o5yKvKg/yoPHKAjx/OleUUckSH0IZ3Bh+xiaQi9TmcR3ohzFgBxgK
+TLXw//WjQZlVyIe/FS1JmeCnxT0WMAG/YZFxfrzFDRjYSRgMAAEHl26fFqODBjGF
+nnVM2jWwihWCt3gCOmbg+XuoXuWdWEYq2g0rvgn4J2YUmUQe5MEk/yzx+eBBtoZd
+4M/ji3GbxShvvPyerkC0GajrWKfr9uJaomFzAvwP2PVsbeLppDLz6px9hu0wdpeD
+ECVIPh85QH6/8prvSLsH9amaURhDHxhbI1XXAFqF4HpaAsQ5y2ZY6Y8O29I0onYR
+5qisReWIp/NB5cc8aRcyrOPCyxKGEKmsZk09nINwPMl4Kr6RWMQDIV+8F8AGSc/n
+bY8gPZYB5yZfZgPkd5J235JxsF6gJuoM4fV6S3WPeqPCabhTJ1ES5N6ZMynDalQh
+2jTYqGhLAKGPqHxNsok+Lr3+u4F+Y7AhK5MW6qIYWx4Gw0upon1PZCCUfyASUn5Z
+5EyicZvpRLY4UNnRFDjnsB5xdEay9GwJq9qLGicnfCE1Wf5gQEoU7Sk/7hDcEMVk
+6X4Z0XC549r6x8B/+IqVgPMbvdJRl8mYuNUluNQmKgsp4Qv7T3GiJGSISyN3GKlW
+AjXKAQ3ucBwfXo0ZRt86/Vdtd8hhMfXqoGLWELiLHDP+ey7nTcSQkTvQrpuergi3
+yx5qs65b3Z2+pxpGltos8YSyJGpgbKkD1n5bWf5TWbv3q1cZ/TyY7fD/aHdK/cGK
+CKmojrQ65VT6MALnmjoqftRvgq0bpvfhWiQCG8EFD99kv1toh1gDGQ==
+-----END RSA PRIVATE KEY-----
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks
new file mode 100644
index 0000000000000000000000000000000000000000..b015c5e07678c518b9ddbc2507ccae4360d93125
GIT binary patch
literal 500
zcmX?i?%X*B1_mY|W&~np2KM6A<f7CPLm)poQ~%+{HE$VMi;EbHlk;=+ic9nKl8Y(}
zO7iszit@`cQ&Nlcf>RT7Qd9hsvQm>v-13XOQ!4|C@=Ji6{Gzkrry`#l><$JRUQxs#
znUz?USOL?Itj*5McG=<WAq7kfEYS?Ssd>ryDXA#|iA9OI#U%_((N56}0zg5Ky{ReA
z`FSO&c_oDmbqq{C44egERgO97B@9A7APe+!67$magG-7s^U|$-K)y-L0ZN0^GglOp
z7J<xL^I7}{8%M|kkh=<ip5`~;W#P~?nz{65^bbxZMv+pGYF41c1Xe5eq;eJI)S1h!
z?@x&3`drNW_Q&Hr9uGG3{L1pZ=3SUP`@W5R-Tdsuaew_M7@b}@=XUc(Z|{gXzCH_P
zbGvg2SS0a0XLEYe`$qY>`lHv{a*ERH#3Ht-w|uWkP08SGofT_3{UIk`Wk|rAg(3no
zYm+PM|Gp7k@%%y#@7b-hgqwF9NqeG|xj^*Tas315jXWZvOBlogoLs{*OEP?2Oda!5
lLW(jAa#CGfgK<i<t`C1|q`UBp)w6G@)z%rwx7OU}1^~B2yvhIo

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver
new file mode 100644
index 0000000..189c664
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver
@@ -0,0 +1,2 @@
+#Thu Apr 13 21:19:57 UTC 2017
+CurrentVersion=1
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml
new file mode 100644
index 0000000..746ba46
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml
@@ -0,0 +1,213 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+     This is example metadata only. Do *NOT* supply it as is without review,
+     and do *NOT* provide it in real time to your partners.
+
+     This metadata is not dynamic - it will not change as your configuration changes.
+-->
+<EntityDescriptor  xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://localhost/idp/shibboleth">
+
+    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+
+        <Extensions>
+            <shibmd:Scope regexp="false">example.edu</shibmd:Scope>
+<!--
+    Fill in the details for your IdP here 
+
+            <mdui:UIInfo>
+                <mdui:DisplayName xml:lang="en">A Name for the IdP at localhost</mdui:DisplayName>
+                <mdui:Description xml:lang="en">Enter a description of your IdP at localhost</mdui:Description>
+                <mdui:Logo height="80" width="80">https://localhost/Path/To/Logo.png</mdui:Logo>
+            </mdui:UIInfo>
+-->
+        </Extensions>
+
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx
+MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL
+sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM
+ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1
+kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF
+KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy
+Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E
+FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo
+dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
+AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX
+ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC
+t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT
+BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/
+SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX
+xDkRFm7ZnBhVnGde7W9xjmw+eA==
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0
+MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P
+lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0
+W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu
+84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0
+3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd
+bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O
+BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq
+VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np
+VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv
+KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX
+GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc
+SJ5zygjKVMFLsbAkzGUFYG1DbBM=
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+        <KeyDescriptor use="encryption">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0
+MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS
+x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99
+3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl
+P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws
+nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A
+dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O
+BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6
+i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ
+OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF
+fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV
+FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA
+3ffQkUP9K+ZGyGQijt6gAEJXcsw=
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://localhost:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+        <!--
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost/idp/profile/SAML2/Redirect/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost/idp/profile/SAML2/POST/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://localhost/idp/profile/SAML2/POST-SimpleSign/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:8443/idp/profile/SAML2/SOAP/SLO"/>
+        -->
+
+        <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://localhost/idp/profile/Shibboleth/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost/idp/profile/SAML2/POST/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://localhost/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost/idp/profile/SAML2/Redirect/SSO"/>
+
+    </IDPSSODescriptor>
+
+
+    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+
+        <Extensions>
+            <shibmd:Scope regexp="false">example.edu</shibmd:Scope>
+        </Extensions>
+
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx
+MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL
+sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM
+ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1
+kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF
+KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy
+Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E
+FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo
+dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
+AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX
+ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC
+t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT
+BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/
+SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX
+xDkRFm7ZnBhVnGde7W9xjmw+eA==
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0
+MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P
+lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0
+W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu
+84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0
+3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd
+bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O
+BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq
+VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np
+VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv
+KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX
+GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc
+SJ5zygjKVMFLsbAkzGUFYG1DbBM=
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+        <KeyDescriptor use="encryption">
+            <ds:KeyInfo>
+                    <ds:X509Data>
+                        <ds:X509Certificate>
+MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB
+CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0
+MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS
+x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99
+3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl
+P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws
+nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A
+dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O
+BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg
+aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
+ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6
+i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ
+OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF
+fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV
+FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA
+3ffQkUP9K+ZGyGQijt6gAEJXcsw=
+                        </ds:X509Certificate>
+                    </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+
+        <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://localhost:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+        <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
+        <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
+
+    </AttributeAuthorityDescriptor>
+
+</EntityDescriptor>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml
new file mode 100644
index 0000000..0aeeee1
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+                     validUntil="2027-04-17T23:24:06Z"
+                     cacheDuration="PT604800S"
+                     entityID="https://localhost:9443/shibboleth">
+
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://localhost:9443/Shibboleth.sso/Login"/>
+    </md:Extensions>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAPytI1UztGxDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV BAMTDGY4NWM1NTNjMTQ5NjAeFw0xNzA0MTUyMjMwMDBaFw0yNzA0MTMyMjMwMDBa MBcxFTATBgNVBAMTDGY4NWM1NTNjMTQ5NjCCAaIwDQYJKoZIhvcNAQEBBQADggGP ADCCAYoCggGBAMffMetKpvMjTIDwDvztGCCMiY7od0QMwbmAKuMhIiU/eyqc1/2Z VFlwlABAq7s6fGZ+fbqbGNaP471K+KFme8gpFKWeAJ3ITGp2mIHHMqvgQXLantvE yF2fQadJtJW/10r5xvkgJBndOkNANJSbMq2vJuptU3wOYkyflxjRPfRjQmuy+1zS sPyW+cM1svjqq5/GO8Q70hRgko7Z/Y9KIdbT7/ULgGd7OoAhYBjJvSTTLZM0Y3FJ pSZXODEN0g2ZBBDqBXl9q1obQejVuzsFROZC7BN6t0WcIeacCIha3VgebbfRO5Cv FBGvUprqj9w/kkq5VkHDAwMxqdJ03GKq9T42wybuF86++1rQd95D+qhxUz79fnCJ JlW0TAHEJ86Wj04mb981xfIvztW2oyyj77hUljhddS6SL1UbunRa3f5ciOm4pdjK n/fw5unfs0YvLNPrHwcXUakf4ldCRuwNGJhqGVlcwp89Dou5VhWijEL4xz6kBPWU ECZD/JvWY2zL0wIDAQABozowODAXBgNVHREEEDAOggxmODVjNTUzYzE0OTYwHQYD VR0OBBYEFF1CDIxF0OQoxdFdJGjhqccMfJQkMA0GCSqGSIb3DQEBCwUAA4IBgQBE ofEja+2tqIAnTd2gGhA2oyGoC1uyxZIRtKyrakhuhpWpmQ4xgfTEcUGnACxZfjhD j4CvxwnJpEIqdVS3c0Bje2sep3Flr87jPJh5OWvmssoDNqQ+QANLBxV8MhmKsM8Z ZgVO+Fm83OciaKnxD0a9MJ7qtZPA1g8V7NGoeGzg9IwowuVg/wC1frCw4Pw5OD4K /GcgJVQGhkPxvn8z3MoDLv6y2BilQB0WCoxJ/rvVbVmPWU79srCwot74RFkPHRqj UhoUIht1wd3F+wTKHJ0cT2lQ1YRBOirOX43Nzc1K2fM0DQtlH/X42F4K+6qJQ8Cx FeuyEki6GgwLQ7xTblkmHCtMmRLBjjTlfqFSGFPy+MBE8UQzI08RRMyYtwR9/Z3T Rr+2DYvzBFoBQtsJhYb318Pjvs1Pr4uNzM5cuDwUQ6FQLRaCRAzSYLwUqCP0gVge jC3D/ZtBqA7uP5DQGPh8SXEH8Ivax4pmVSKX8wbTQBeUirVoOSw7/FMuC56bv48=</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAPytI1UztGxDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV BAMTDGY4NWM1NTNjMTQ5NjAeFw0xNzA0MTUyMjMwMDBaFw0yNzA0MTMyMjMwMDBa MBcxFTATBgNVBAMTDGY4NWM1NTNjMTQ5NjCCAaIwDQYJKoZIhvcNAQEBBQADggGP ADCCAYoCggGBAMffMetKpvMjTIDwDvztGCCMiY7od0QMwbmAKuMhIiU/eyqc1/2Z VFlwlABAq7s6fGZ+fbqbGNaP471K+KFme8gpFKWeAJ3ITGp2mIHHMqvgQXLantvE yF2fQadJtJW/10r5xvkgJBndOkNANJSbMq2vJuptU3wOYkyflxjRPfRjQmuy+1zS sPyW+cM1svjqq5/GO8Q70hRgko7Z/Y9KIdbT7/ULgGd7OoAhYBjJvSTTLZM0Y3FJ pSZXODEN0g2ZBBDqBXl9q1obQejVuzsFROZC7BN6t0WcIeacCIha3VgebbfRO5Cv FBGvUprqj9w/kkq5VkHDAwMxqdJ03GKq9T42wybuF86++1rQd95D+qhxUz79fnCJ JlW0TAHEJ86Wj04mb981xfIvztW2oyyj77hUljhddS6SL1UbunRa3f5ciOm4pdjK n/fw5unfs0YvLNPrHwcXUakf4ldCRuwNGJhqGVlcwp89Dou5VhWijEL4xz6kBPWU ECZD/JvWY2zL0wIDAQABozowODAXBgNVHREEEDAOggxmODVjNTUzYzE0OTYwHQYD VR0OBBYEFF1CDIxF0OQoxdFdJGjhqccMfJQkMA0GCSqGSIb3DQEBCwUAA4IBgQBE ofEja+2tqIAnTd2gGhA2oyGoC1uyxZIRtKyrakhuhpWpmQ4xgfTEcUGnACxZfjhD j4CvxwnJpEIqdVS3c0Bje2sep3Flr87jPJh5OWvmssoDNqQ+QANLBxV8MhmKsM8Z ZgVO+Fm83OciaKnxD0a9MJ7qtZPA1g8V7NGoeGzg9IwowuVg/wC1frCw4Pw5OD4K /GcgJVQGhkPxvn8z3MoDLv6y2BilQB0WCoxJ/rvVbVmPWU79srCwot74RFkPHRqj UhoUIht1wd3F+wTKHJ0cT2lQ1YRBOirOX43Nzc1K2fM0DQtlH/X42F4K+6qJQ8Cx FeuyEki6GgwLQ7xTblkmHCtMmRLBjjTlfqFSGFPy+MBE8UQzI08RRMyYtwR9/Z3T Rr+2DYvzBFoBQtsJhYb318Pjvs1Pr4uNzM5cuDwUQ6FQLRaCRAzSYLwUqCP0gVge jC3D/ZtBqA7uP5DQGPh8SXEH8Ivax4pmVSKX8wbTQBeUirVoOSw7/FMuC56bv48=</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:9443/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://localhost:9443/Shibboleth.sso/SLO/Artifact"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost:9443/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost:9443/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:9443/Shibboleth.sso/SLO/SOAP"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://localhost:9443/Shibboleth.sso/NIM/Artifact"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost:9443/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost:9443/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://localhost:9443/Shibboleth.sso/NIM/SOAP"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://localhost:9443/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://localhost:9443/Shibboleth.sso/SAML/POST" index="7"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://localhost:9443/Shibboleth.sso/SAML2/Artifact" index="8"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://localhost:9443/Shibboleth.sso/SAML2/ECP" index="9"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost:9443/Shibboleth.sso/SAML2/POST" index="10"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://localhost:9443/Shibboleth.sso/SAML2/POST-SimpleSign" index="11"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="technical">
+    <md:GivenName>TIER API and Ent Reg Working Group</md:GivenName>
+    <md:EmailAddress>tier-api@internet2.edu</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm
new file mode 100644
index 0000000..1993c14
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm
@@ -0,0 +1,53 @@
+##
+## Velocity template to read from local storage.
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## loadContext - context with details about the storage keys to load
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
+#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-read.suffix", "Loading Session Information"))
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8" />
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>$title - $titleSuffix</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+        <script>
+        <!--
+        #include( "client-storage/local-storage-read.js" )
+        // -->
+        </script>
+    </head>
+    <body onload="doLoad()">
+        <div class="wrapper">
+            <div class="container">
+                <header>
+                    <h3>$title - $titleSuffix</h3>
+                </header>
+                <div class="content">
+                $springMacroRequestContext.getMessage("idp.client-storage-read.text", "Loading login session information from the browser...")
+                </div>
+                <noscript>
+                    <div class="content">
+                    $springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
+                    </div>
+                </noscript>
+                #parse( "client-storage/read.vm" )
+            </div>
+            <footer>
+                <div class="container container-footer">
+                    <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+                </div>
+            </footer>
+        </div>
+    </body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm
new file mode 100644
index 0000000..4b92d6b
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm
@@ -0,0 +1,53 @@
+##
+## Velocity template to write to local storage.
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## saveContext - context with details about the storage data to save
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
+#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-write.suffix", "Saving Session Information..."))
+##
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+    <head>
+        <meta charset="utf-8" />
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>$title - $titleSuffix</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+        <script>
+        <!--
+        #include( "client-storage/local-storage-write.js" )
+        // -->
+        </script>
+    </head>
+    <body onload="doSave()">
+        <div class="wrapper">
+            <div class="container">
+                <header>
+                    <h3>$title - $titleSuffix</h3>
+                </header>
+                <div class="content">
+                $springMacroRequestContext.getMessage("idp.client-storage-write.text", "Saving login session information to the browser...")
+                </div>
+                <noscript>
+                    <div class="content">
+                    $springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
+                    </div>
+                </noscript>
+                #parse( "client-storage/write.vm" )
+            </div>
+            <footer>
+                <div class="container container-footer">
+                    <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+                </div>
+            </footer>
+        </div>
+    </body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm
new file mode 100644
index 0000000..cf4f96a
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm
@@ -0,0 +1,83 @@
+##
+## Velocity Template for Duo login view-state
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## authenticationContext - context with authentication request information
+## rpUIContext - the context with SP UI information from the metadata
+## canonicalUsername - name of user passed to Duo
+## duoHost - API hostname for Duo frame
+## duoRequest - signed Duo request message
+## duoScriptPath - path to Duo JavaScript source
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>#springMessageText("idp.title", "Web Login Service")</title>
+    <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    <style>
+      #duo_iframe {
+        width: 100%;
+        min-width: 304px;
+        max-width: 620px;
+        height: 330px;
+      }
+    </style>
+</head>
+<body>
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+        </header>
+
+        <div class="content">
+          <div class="column one">
+          
+            <h3>#springMessageText("idp.login.duoRequired", "Authentication with Duo is required for the requested service.")</h3>
+
+            <noscript>#springMessageText("idp.login.duoNoScript", "The Duo service requires JavaScript.")</noscript>          
+            <script src="$request.getContextPath()$duoScriptPath"></script>
+            <iframe id="duo_iframe"
+                data-host="$duoHost"
+                data-sig-request="$duoRequest"
+                data-post-action="$flowExecutionUrl"
+                frameborder="0"
+            >
+            </iframe>
+            <form id="duo_form" method="post">
+                <input type="hidden" name="_eventId" value="proceed" />
+
+            </form>
+            
+            <h3 style="text-align: center">
+                <a href="$flowExecutionUrl&_eventId=cancel">#springMessageText("idp.login.duoCancel", "Cancel this Request")</a>
+            </h3>
+          </div>
+          <div class="column two">
+            <ul class="list list-help">
+              <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
+            </ul>
+          </div>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+</body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm
new file mode 100644
index 0000000..dcb8e2b
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm
@@ -0,0 +1,73 @@
+##
+## Velocity Template for error end-state
+##
+## Velocity context will contain the following properties
+## flowRequestContext - the Spring Web Flow RequestContext
+## profileRequestContext - root of context tree
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
+#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error"))
+##
+#if ($flowRequestContext)
+	## This handles flow events, the most common case.
+    #set ($eventId = $flowRequestContext.getCurrentEvent().getId())
+    #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
+    #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
+    #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
+    #if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied")
+        $response.setStatus(403)
+    #elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected")
+        $response.setStatus(200)
+    #elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error")
+        $response.setStatus(500)
+    #else
+        $response.setStatus(400)
+    #end
+#elseif ($exception)
+	## This handles exceptions that reach the Spring-MVC exception handler.
+    #set ($eventId = $exception.getClass().getSimpleName())
+    #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
+    #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
+    #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
+#else
+	## This is a catch-all that theoretically shouldn't happen?
+    #set ($titleSuffix = $defaultTitleSuffix)
+    #set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred."))
+#end
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>$title - $titleSuffix</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    </head>
+  	
+    <body>
+    <div class="wrapper">
+    	<div class="container">
+        	<header>
+				<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+				<h3>$title - $titleSuffix</h3>
+			</header>
+		
+        	<div class="content">
+            #evaluate($message)
+            </div>
+    	</div>
+
+      	<footer>
+        	<div class="container container-footer">
+          		<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        	</div>
+      	</footer>
+      	
+    </div>
+    </body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm
new file mode 100644
index 0000000..0b74551
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm
@@ -0,0 +1,158 @@
+##
+## Velocity Template for DisplayAttributeReleasePage view-state
+##
+## Velocity context will contain the following properties :
+##
+## attributeReleaseContext - context holding consentable attributes
+## attributeReleaseFlowDescriptor - attribute consent flow descriptor
+## attributeDisplayNameFunction - function to display attribute name
+## consentContext - context representing the state of a consent flow
+## encoder - HTMLEncoder class
+## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl)
+## flowExecutionUrl - form action location
+## flowRequestContext - Spring Web Flow RequestContext
+## profileRequestContext - OpenSAML profile request context
+## request - HttpServletRequest
+## response - HttpServletResponse
+## rpUIContext - context with SP UI information from the metadata
+## environment - Spring Environment object for property resolution
+#set ($serviceName = $rpUIContext.serviceName)
+#set ($serviceDescription = $rpUIContext.serviceDescription)
+#set ($informationURL = $rpUIContext.informationURL)
+#set ($privacyStatementURL = $rpUIContext.privacyStatementURL)
+#set ($rpOrganizationLogo = $rpUIContext.getLogo())
+#set ($rpOrganizationName = $rpUIContext.organizationName)
+#set ($replaceDollarWithNewline = true)
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/consent.css">
+        <title>#springMessageText("idp.attribute-release.title", "Information Release")</title>
+    </head>
+    <body>
+        <form action="$flowExecutionUrl" method="post" style="padding:10px" >
+            <div class="box">
+                <header>
+                    <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")" class="federation_logo">
+                    #if ($rpOrganizationLogo)
+                        <img src="$encoder.encodeForHTMLAttribute($rpOrganizationLogo)" alt="logo for $encoder.encodeForHTMLAttribute($serviceName)" class="organization_logo">
+                    #end
+                </header>
+                #if ($serviceName)
+                    <p style="margin-top: 70px;">
+                        #springMessageText("idp.attribute-release.serviceNameLabel", "You are about to access the service:")<br>
+                        <span class="service_name">$serviceName</span>
+                        #if ($rpOrganizationName)
+                            #springMessageText("idp.attribute-release.of", "of") <span class="organization_name">$encoder.encodeForHTML($rpOrganizationName)</span>
+                        #end
+                    </p>
+                #end
+                #if ($serviceDescription)
+                    <p style="margin-top: 10px;">
+                        #springMessageText("idp.attribute-release.serviceDescriptionLabel", "Description as provided by this service:")<br>
+                        <span class="service_description">$encoder.encodeForHTML($serviceDescription)</span>
+                        <br>
+                    </p>
+                #end
+                #if ($informationURL)
+                    <p style="margin-top: 10px;">
+                        <a href="$informationURL">#springMessageText("idp.attribute-release.informationURLLabel", "Additional information about the service")</a>
+                    </p>
+                #end
+                <div id="attributeRelease">
+                    <table>
+                        <thead>
+                            <tr>
+                                <th colspan="3">
+                                    #springMessageText("idp.attribute-release.attributesHeader", "Information to be Provided to Service")
+                                </th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            #foreach ($attribute in $attributeReleaseContext.getConsentableAttributes().values())
+                                <tr>
+                                    <td>$encoder.encodeForHTML($attributeDisplayNameFunction.apply($attribute))</td>
+                                    <td>
+                                        #foreach ($value in $attribute.values)
+                                            #if ($replaceDollarWithNewline)
+                                                #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()).replaceAll($encoder.encodeForHTML("$"),"<br>"))
+                                            #else
+                                                #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()))
+                                            #end
+                                            #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled)
+                                                <label for="$attribute.id"><strong>$encodedValue</strong></label>
+                                            #else
+                                                <strong>$encodedValue</strong>
+                                            #end
+                                            <br>
+                                        #end
+                                    </td>
+                                    <td style="vertical-align: top">
+                                        #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled)
+                                            #set ($inputType = "checkbox")
+                                        #else
+                                            #set ($inputType = "hidden")
+                                        #end
+                                        <input id="$attribute.id" type="$inputType" name="_shib_idp_consentIds" value="$encoder.encodeForHTML($attribute.id)" checked>
+                                    </td>
+                                </tr>
+                            #end
+                        </tbody>
+                    </table>
+                </div>
+                #if ($privacyStatementURL)
+                    <p style="margin-top: 10px;">
+                        <a href="$privacyStatementURL">#springMessageText("idp.attribute-release.privacyStatementURLLabel", "Data privacy information of the service")</a>
+                    </p>
+                #end
+                <div style="float:left;">
+                    <p>
+                        #springMessageText("idp.attribute-release.confirmationQuestion", "The information above would be shared with the service if you proceed. Do you agree to release this information to the service every time you access it?")
+                    </p>
+                    #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed)
+                        <div id="generalConsentDiv" style="display: block; background-color: #F6F6F6;border: 1px gray solid; padding: 10px; width: 92%;">
+                        #springMessageText("idp.attribute-release.consentMethod", "Select an information release consent duration:")
+                    #end
+                    #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed)
+                        <p>
+                            <input id="_shib_idp_doNotRememberConsent" type="radio" name="_shib_idp_consentOptions" value="_shib_idp_doNotRememberConsent">
+                            <label for="_shib_idp_doNotRememberConsent">#springMessageText("idp.attribute-release.doNotRememberConsent", "Ask me again at next login")</label>
+                            <ul>
+                                <li>#springMessageText("idp.attribute-release.doNotRememberConsentItem", "I agree to send my information this time.")</li>
+                            </ul>
+                        </p>
+                    #end
+                    #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed)
+                        <p>
+                            <input id="_shib_idp_rememberConsent" type="radio" name="_shib_idp_consentOptions" value="_shib_idp_rememberConsent" checked>
+                            <label for="_shib_idp_rememberConsent">#springMessageText("idp.attribute-release.rememberConsent", "Ask me again if information changes")</label>
+                            <ul>
+                                <li>#springMessageText("idp.attribute-release.rememberConsentItem", "I agree that the same information will be sent automatically to this service in the future.")</li>
+                            </ul>
+                        </p>
+                    #end
+                    #if ($attributeReleaseFlowDescriptor.globalConsentAllowed)
+                        <p>
+                            <input id="_shib_idp_globalConsent" type="radio" name="_shib_idp_consentOptions" value="_shib_idp_globalConsent">
+                            <label for="_shib_idp_globalConsent">#springMessageText("idp.attribute-release.globalConsent", "Do not ask me again")</label>
+                            <ul>
+                                <li>#springMessageText("idp.attribute-release.globalConsentItem", "I agree that <strong>all</strong> of my information will be released to <strong>any</strong> service.")</li>
+                            </ul>
+                        </p>
+                    #end
+                    #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed)
+                        #springMessageText("idp.attribute-release.consentMethodRevoke", "This setting can be revoked at any time with the checkbox on the login page.")
+                        </div>
+                    #end
+                    <p style="text-align: center;">
+                        <input type="submit" name="_eventId_AttributeReleaseRejected" value="#springMessageText("idp.attribute-release.reject", "Reject")" style="margin-right: 30px;">
+                        <input type="submit" name="_eventId_proceed" value="#springMessageText("idp.attribute-release.accept", "Accept")">
+                    </p>
+                </div>
+            </div>
+        </form>
+    </body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm
new file mode 100644
index 0000000..4395844
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm
@@ -0,0 +1,54 @@
+##
+## Velocity Template for expiring password view
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## authenticationContext - context with authentication request information
+## authenticationErrorContext - context with login error state
+## authenticationWarningContext - context with login warning state
+## ldapResponseContext - context with LDAP state (if using native LDAP)
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>#springMessageText("idp.title", "Web Login Service")</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+        <meta http-equiv="refresh" content="20;url=$flowExecutionUrl&_eventId_proceed=1">
+    </head>
+      
+    <body>
+      <div class="wrapper">
+        <div class="container">
+            <header>
+                <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+                <h3>#springMessageText("idp.login.expiringSoon", "Your password will be expiring soon!")</h3>
+            </header>
+        
+            <div class="content">
+                <p>#springMessageText("idp.login.changePassword", "To create a new password now, go to")
+                <strong><a href="#" target="_blank">#</a></strong>.</p>
+                <p>#springMessageText("idp.login.proceedBegin", "Your login will proceed in 20 seconds or you may click")
+                <strong><a href="$flowExecutionUrl&_eventId_proceed=1">#springMessageText("idp.login.proceedHere", "here")</a></strong>
+                #springMessageText("idp.login.proceedEnd", "to continue").</p>
+            </div>
+        </div>
+
+        <footer>
+          <div class="container container-footer">
+            <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+          </div>
+        </footer>
+          
+      </div>
+    </body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm
new file mode 100644
index 0000000..1bf12c7
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm
@@ -0,0 +1,67 @@
+##
+## Velocity Template for DisplayTermsOfUsePage view-state
+##
+## Velocity context will contain the following properties :
+##
+## encoder - HTMLEncoder class
+## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl)
+## flowExecutionUrl - form action location
+## flowRequestContext - Spring Web Flow RequestContext
+## request - HttpServletRequest
+## response - HttpServletResponse
+## rpUIContext - context with SP UI information from the metadata
+## termsOfUseId - terms of use ID to lookup message strings
+## environment - Spring Environment object for property resolution
+#set ($serviceName = $rpUIContext.serviceName)
+#set ($rpOrganizationLogo = $rpUIContext.getLogo())
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/consent.css">
+        <title>#springMessageText("${termsOfUseId}.title", "Terms of Use")</title>
+    </head>
+    <body>
+        <div class="box">
+            <header>
+                <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")" class="federation_logo">
+                #if ($rpOrganizationLogo)
+                    <img src="$encoder.encodeForHTMLAttribute($rpOrganizationLogo)" alt="$encoder.encodeForHTMLAttribute($serviceName)" class="organization_logo">
+                #end
+            </header>
+            #if ($rpOrganizationLogo)
+                <div style="float:left;">
+                    <h1>#springMessageText("${termsOfUseId}.title", "Terms of Use")</h1>
+                </div>
+            #end
+            <div id="tou-content">
+                #springMessageText("${termsOfUseId}.text", "Terms of Use Text...")
+            </div>
+            <div id="tou-acceptance">
+                <div style="float:left;">
+                    <form action="$flowExecutionUrl" method="post" >
+                        <input type="submit" name="_eventId_TermsRejected" value="#springMessageText("idp.terms-of-use.reject", "Refuse")" style="margin-right: 30px;">
+                    </form>
+                </div>
+                <div style="float:right;">
+                    <form action="$flowExecutionUrl" method="post" >
+                        <input id="accept" type="checkbox" name="_shib_idp_consentIds" value="$encoder.encodeForHTML($termsOfUseId)" required>
+                        <label for="accept">#springMessageText("idp.terms-of-use.accept", "I accept the terms of use")</label>
+                        #if ($requireCheckbox)
+                            <p class="form-error">#springMessageText("idp.terms-of-use.required", "Please check this box if you want to proceed.")</p>
+                        #end
+                        <input type="submit" name="_eventId_proceed" value="#springMessageText("idp.terms-of-use.submit", "Submit")">
+                    </form>
+                </div>
+                <div style="clear:both;"></div>
+            </div>
+            <footer>
+                <div class="container container-footer">
+                    <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+                </div>
+            </footer>
+        </div>
+    </body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm
new file mode 100644
index 0000000..44676b3
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm
@@ -0,0 +1,24 @@
+## Velocity Template for login error message production, included by login.vm
+##
+## authenticationErrorContext - context containing error data, if available
+##
+#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0 && $authenticationErrorContext.getClassifiedErrors().iterator().next() != "ReselectFlow")
+    ## This handles errors that are classified by the message maps in the authentication config.
+    #set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next())
+    #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "login"))
+    #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId"))
+#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0)
+    ## This handles login exceptions that are left unclassified.
+    #set ($loginException = $authenticationErrorContext.getExceptions().get(0))
+    #if ($loginException.getMessage())
+        #set ($message = "Login Failure: $loginException.getMessage()")
+    #else
+    	#set ($message = $loginException.toString())
+    #end
+#end
+
+#if ($message)
+    <section>
+        <p class="form-element form-error">$encoder.encodeForHTML($message)</p>
+    </section>
+#end
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm
new file mode 100644
index 0000000..c421a99
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm
@@ -0,0 +1,140 @@
+##
+## Velocity Template for DisplayUsernamePasswordPage view-state
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## authenticationContext - context with authentication request information
+## authenticationErrorContext - context with login error state
+## authenticationWarningContext - context with login warning state
+## ldapResponseContext - context with LDAP state (if using native LDAP)
+## rpUIContext - the context with SP UI information from the metadata
+## extendedAuthenticationFlows - collection of "extended" AuthenticationFlowDescriptor objects
+## passwordPrincipals - contents of the shibboleth.authn.Password.PrincipalOverride bean
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.idp.profile.context.RelyingPartyContext'))
+#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername())
+#set ($passwordEnabled = false)
+#if (!$passwordPrincipals or $passwordPrincipals.isEmpty() or $authenticationContext.isAcceptable($passwordPrincipals))
+  #set ($passwordEnabled = true)
+#end
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>#springMessageText("idp.title", "Web Login Service")</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    </head>
+    <body>
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+        </header>
+
+        <div class="content">
+          <div class="column one">
+            #parse("login-error.vm")
+
+            <form action="$flowExecutionUrl" method="post">
+
+            #set ($serviceName = $rpUIContext.serviceName)
+            #if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName))
+              <legend>
+                #springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName)
+              </legend>
+            #end
+                        
+            #if ($passwordEnabled)
+              <div class="form-element-wrapper">
+                <label for="username">#springMessageText("idp.login.username", "Username")</label>
+                <input class="form-element form-field" id="username" name="j_username" type="text"
+                	value="#if($username)$encoder.encodeForHTML($username)#end">
+              </div>
+
+              <div class="form-element-wrapper">
+                <label for="password">#springMessageText("idp.login.password", "Password")</label>
+                <input class="form-element form-field" id="password" name="j_password" type="password" value="">
+              </div>
+
+              <div class="form-element-wrapper">
+                <input type="checkbox" name="donotcache" value="1" id="donotcache">
+                <label for="donotcache">#springMessageText("idp.login.donotcache", "Don't Remember Login")</label>
+               </div>
+            #end
+
+              <div class="form-element-wrapper">
+                <input id="_shib_idp_revokeConsent" type="checkbox" name="_shib_idp_revokeConsent" value="true">
+                <label for="_shib_idp_revokeConsent">#springMessageText("idp.attribute-release.revoke", "Clear prior granting of permission for release of your information to this service.")</label>
+              </div>
+
+            #if ($passwordEnabled)
+              <div class="form-element-wrapper">
+                <button class="form-element form-button" type="submit" name="_eventId_proceed"
+                    onClick="this.childNodes[0].nodeValue='#springMessageText("idp.login.pleasewait", "Logging in, please wait...")'"
+                    >#springMessageText("idp.login.login", "Login")</button>
+              </div>
+            #end
+
+            #foreach ($extFlow in $extendedAuthenticationFlows)
+              #if ($authenticationContext.isAcceptable($extFlow) and $extFlow.apply(profileRequestContext))
+                <div class="form-element-wrapper">
+                  <button class="form-element form-button" type="submit" name="_eventId_$extFlow.getId()">
+                    #springMessageText("idp.login.$extFlow.getId().replace('authn/','')", $extFlow.getId().replace('authn/',''))
+                  </button>
+                </div>
+              #end
+            #end
+            </form>
+
+			#*
+              //
+              //    SP Description & Logo (optional)
+              //    These idpui lines will display added information (if available
+              //    in the metadata) about the Service Provider (SP) that requested
+              //    authentication. These idpui lines are "active" in this example
+              //    (not commented out) - this extra SP info will be displayed.
+              //    Remove or comment out these lines to stop the display of the
+              //    added SP information.
+              //
+            *#
+            #set ($logo = $rpUIContext.getLogo())
+            #if ($logo)
+              <img src= "$encoder.encodeForHTMLAttribute($logo)"
+                  alt="$encoder.encodeForHTMLAttribute($serviceName)">
+            #end
+            #set ($desc = $rpUIContext.getServiceDescription())
+            #if ($desc)
+              $encoder.encodeForHTML($desc)
+            #end
+            
+          </div>
+          <div class="column two">
+            <ul class="list list-help">
+              #if ($passwordEnabled)
+                <li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
+              #end
+              <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
+            </ul>
+          </div>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+    
+ 	</body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm
new file mode 100644
index 0000000..d780252
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm
@@ -0,0 +1,59 @@
+##
+## Velocity Template for logout flow's concluding view-state (no propagation)
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## logoutContext - context with SPSession details for logout operation
+## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>#springMessageText("idp.title", "Web Login Service")</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    </head>
+
+    <body>
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+        </header>
+
+        <div class="content">
+          <div class="column one">
+            <p>#springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")</p>
+          </div>
+          <div class="column two">
+            <ul class="list list-help">
+              <li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
+              <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
+            </ul>
+          </div>
+        </div>
+      </div>
+
+      <!-- If SAML logout, complete the flow by adding a hidden iframe. -->
+      #if ( $profileRequestContext.getProfileId().contains("saml2/logout") )
+          <iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
+      #end
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+    
+ 	</body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm
new file mode 100644
index 0000000..86b3fa1
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm
@@ -0,0 +1,58 @@
+##
+## Velocity Template for logout flow's concluding view-state (with propagation)
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## logoutContext - context with SPSession details for logout operation
+## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
+## htmlEncoder - HTMLEncoder class
+## urlEncoder - urlEncoder class
+## codecUtil - CodecUtil class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        <title>#springMessageText("idp.title", "Web Login Service")</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/logout.css">
+    </head>
+
+    <body>
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+        </header>
+
+        <div class="content">
+          <div class="column one">
+              <p>#springMessageText("idp.logout.attempt", "Attempting to log out of the following services:")</p>
+              #parse("logout/propagate.vm")
+          </div>
+          <div class="column two">
+            <ul class="list list-help">
+              <li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
+              <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
+            </ul>
+          </div>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+    
+ 	</body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm
new file mode 100644
index 0000000..2342855
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm
@@ -0,0 +1,91 @@
+##
+## Velocity Template for logout flow's starting view-state
+##
+## Velocity context will contain the following properties
+## flowExecutionUrl - the form action location
+## flowRequestContext - the Spring Web Flow RequestContext
+## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
+## profileRequestContext - root of context tree
+## logoutContext - context with SPSession details for logout operation
+## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width,initial-scale=1.0">
+        #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() )
+            <meta http-equiv="refresh" content="10;url=$flowExecutionUrl&_eventId=propagate">
+        #end
+        <title>#springMessageText("idp.title", "Web Login Service")</title>
+        <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    </head>
+
+    <body>
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+        </header>
+
+        <div class="content">
+          <div class="column one">
+            <p>This page is displayed when a logout operation at the Identity Provider completes. This page is an example
+            and should be customized. It is not fully internationalized because the presentation will be a highly localized
+            decision, and we don't have a good suggestion for a default.</p>
+            <br>
+    
+            #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() )
+                <p>#springMessageText("idp.logout.ask", "Would you like to attempt to log out of all services accessed during your session? Please select <strong>Yes</strong> or <strong>No</strong> to ensure the logout operation completes, or wait a few seconds for Yes.")</p>
+                <br>
+
+                <form id="propagate_form" method="POST" action="$flowExecutionUrl">
+                    <button id="propagate_yes" type="submit" name="_eventId" value="propagate">Yes</button>
+                    <button id="propagate_no" type="submit" name="_eventId" value="end">No</button>
+                </form>
+
+                <br>
+                <p>#springMessageText("idp.logout.contactServices", "If you proceed, the system will attempt to contact the following services:")</p>
+                <ol>
+                #foreach ($sp in $logoutContext.getSessionMap().keySet())
+                    #set ($rpCtx = $multiRPContext.getRelyingPartyContextById($sp))
+                    #if ($rpCtx)
+                      #set ($rpUIContext = $rpCtx.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
+                    #end
+                    #if ($rpUIContext and $rpUIContext.getServiceName())
+                      <li>$encoder.encodeForHTML($rpUIContext.getServiceName())</li>
+                    #else
+                      <li>$encoder.encodeForHTML($sp)</li>
+                    #end
+                #end
+                </ol>
+            #else
+                <p><strong>#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")</strong></p>
+                <!-- Complete the flow by adding a hidden iframe. -->
+                <iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
+            #end
+
+          </div>
+          <div class="column two">
+            <ul class="list list-help">
+              <li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
+              <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
+            </ul>
+          </div>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+    
+ 	</body>
+</html>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm
new file mode 100644
index 0000000..3673f02
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm
@@ -0,0 +1,49 @@
+##
+## Velocity Template for SPNEGO unauthorized page
+##
+## This is not a Spring Webflow view, but a special view internal to the
+## SPNEGO login flow, so it doesn't contain all of the usual SWF variables.
+##
+## Velocity context will contain the following properties
+## encoder - HTMLEncoder class
+## request - HttpServletRequest
+## response - HttpServletResponse
+## profileRequestContext - root of context tree
+## errorUrl - URL to call to indicate error and return back to the login flow
+##
+#set ($eventKey = $springMacroRequestContext.getMessage("SPNEGOUnavailable", "spnego-unavailable"))
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width,initial-scale=1.0">
+    <title>#springMessageText("idp.title", "Web Login Sevice") - #springMessageText("${eventKey}.title", "Error")</title>
+    <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+  </head>
+  
+  <body onload="window.location = '$errorUrl'">
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+          <h3>#springMessageText("idp.title", "Web Login Sevice") - #springMessage("idp.title.suffix", "Error")</h3>
+        </header>
+                
+        <div class="content">
+          #springMessageText("${eventKey}.message", "Your web browser doesn't support authentication with your desktop login credentials.")
+          <ul class="list list-help">
+            <li class="list-help-item">
+              <a href="$errorUrl"><span class="item-marker">&rsaquo;</span> #springMessageText("spnego-unavailable.return", "Cancel the attempt.")</a>
+            </li>
+          </ul>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+  </body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm
new file mode 100644
index 0000000..8de0503
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm
@@ -0,0 +1,60 @@
+##
+## Velocity Template for user preferences view
+##
+## Velocity context will contain the following properties
+## request - HttpServletRequest
+## response - HttpServletResponse
+## environment - Spring Environment object for property resolution
+## custom - arbitrary object injected by deployer
+##
+<!DOCTYPE html>
+<html>
+    <head>
+    	<meta charset="utf-8">
+    	<meta name="viewport" content="width=device-width,initial-scale=1.0">
+    	<title>#springMessageText("idp.userprefs.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")</title>
+    	<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
+    	<script language="Javascript">
+    	<!--
+    	#parse( "user-prefs.js" )
+    	// -->
+    	</script>
+    </head>
+    <body onLoad="document.getElementById('content').style.display='block'; load('spnego')">
+    <div class="wrapper">
+      <div class="container">
+        <header>
+          <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
+          <h3>#springMessageText("idp.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")</h3>
+          <p>
+          #springMessage("idp.userprefs.info")
+          </p>
+        </header>
+
+        <noscript>
+          <div id="content" class="content">
+            $springMacroRequestContext.getMessage("idp.userprefs.no-js", "This feature requires Javascript.")
+          </div>
+        </noscript>
+        
+        <div id="content" class="content" style="display:none">
+          <div class="form-element-wrapper">
+          <h4>#springMessageText("idp.userprefs.options", "The following options are available:")</h4>
+          </div>
+
+          <div class="form-element-wrapper">
+            <input type="checkbox" id="spnego" name="_idp_spnego_autologin" value="1" onClick="check(this)">
+            #springMessageText("idp.userprefs.spnego", "Automatically try desktop login when available.")
+          </div>
+        </div>
+      </div>
+
+      <footer>
+        <div class="container container-footer">
+          <p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
+        </div>
+      </footer>
+    </div>
+    
+ 	</body>
+</html>
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css
new file mode 100644
index 0000000..5daabee
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css
@@ -0,0 +1,150 @@
+.box {
+    width:600px;
+    margin-left: auto;
+    margin-right: auto;
+    margin-top: 50px;
+    background-color: white;
+   -webkit-box-shadow: 1px 1px 15px #999999;
+    -moz-box-shadow: 1px 1px 15px #999999;
+    box-shadow: 1px 1px 15px #999999;
+    -webkit-border-radius: 8px;
+    -moz-border-radius: 8px;
+    border-radius: 8px;
+    overflow: auto;
+    padding: 1.268em;
+}
+
+body {
+    font-family:Verdana, Geneva, sans-serif;
+    font-size: 12px;
+}
+
+h1 {
+    font-size: 13px;
+    padding-bottom: 12px;
+}
+
+a {
+    color: #00247D;
+    text-decoration: underline;
+}
+
+a:visited {
+    color: #00247D;
+    text-decoration: underline;
+}
+
+a:focus, a:hover, a:active {
+    color: #F39800;
+    text-decoration: underline;
+}
+
+#tou-content {
+    font-family:monospace;
+    width: 95%;
+    border: solid 1px #666;
+    margin: 4px;
+    padding: 10px;
+    overflow: hidden;
+}
+
+#tou-content li{
+    margin-bottom:10px;
+}
+
+#tou-acceptance {
+    width: 95%;
+    border: solid 1px #666;
+    background-color: #F0F0F0;
+    margin: 4px;
+    padding: 10px;
+    text-align: left;
+    overflow: hidden;
+}
+
+.service_name {
+    font-weight: bold;
+}
+
+.service_description {
+    font-style: italic;
+}
+
+.organization_name {
+}
+
+#attributeRelease-consent {
+    width: 95%;
+    border: solid 1px #666;
+    background-color: #F0F0F0;
+    margin: 4px;
+    overflow: hidden;
+}
+
+#attributeRelease {
+    width: 95%;
+    margin: 4px;
+    border: solid 1px black;
+    overflow: auto;
+}
+
+#attributeRelease table {
+    border-collapse: collapse;
+    border: none 0px white;
+    width: 100%;
+}
+
+#attributeRelease td {
+    padding: 3px 7px;
+    vertical-align: top;
+}
+
+#attributeRelease th  {
+    text-align: left;
+    font-size: 18px;
+    padding: 5px 7px;
+    background-color:#00247D;
+    color: white;
+}
+
+#attributeRelease tr:nth-of-type(even) {
+    background-color: #E4E5E3;
+}
+
+.federation_logo
+{
+	width: 50%;
+    float: left;
+    padding-top: 35px;
+    border: 0;
+}
+.organization_logo
+{
+	width: 50%;
+    float: right;
+    border: 0;
+}
+
+.form-error {
+  padding: 0;
+  color: #B61601;
+}
+
+/* Device specific styles */
+@media only screen and (max-device-width: 721px){
+  .box {
+      width: auto;
+      box-shadow: none;
+      border-radius: 0;
+      -webkit-box-shadow: none;
+      -webkit-border-radius: 0;
+      -moz-box-shadow: none;
+      -moz-border-radius: 0;
+      padding: 0;
+      margin-top:0;
+  }
+  #tou-content, #tou-acceptance{
+    /*width:87%;*/
+    width:auto;
+  }
+}
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css
new file mode 100644
index 0000000..26f1893
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css
@@ -0,0 +1,12 @@
+/* Success/Failure indicators for logout propagation. */
+
+.success {
+    background: url(../images/success-32x32.png) no-repeat left center;
+    line-height: 36px;
+    padding-left: 36px;
+}
+.failure {
+    background: url(../images/failure-32x32.png) no-repeat left center;
+    line-height: 36px;
+    padding-left: 36px;
+}
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css
new file mode 100644
index 0000000..54827ce
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css
@@ -0,0 +1,165 @@
+* {
+    margin: 0;
+    padding: 0;
+}
+header, footer, section, nav {
+    display: block;
+}
+html, body {
+    height: 100%;
+}
+body {
+    font-family:Verdana, Geneva, sans-serif;
+    font-size: 12px;
+    line-height: 1.5;
+    color: #717171;
+    background: #717171;
+}
+a:link,
+a:visited {
+    text-decoration: none;
+    color: #717171;
+}
+img {
+    max-width: 100%;
+    margin-bottom: 12px;
+}
+
+.wrapper {
+    background: #ffffff;
+}
+
+.container {
+    position: relative;
+    left: 34%;
+    width: 540px;
+    margin-left: -270px;
+}
+.container-footer {
+    padding-top: 12px;
+}
+@media only screen and (max-width: 1020px) {
+    .container {
+        left: 45%;
+    }
+}
+@media only screen and (max-width: 650px) {
+    .container {
+        position: static;
+        margin: 0 auto;
+        width: 280px;
+    }
+}
+
+header {
+    padding: 20px 0;
+}
+
+.logo img {
+    border: none;
+}
+@media only screen and (max-width: 650px) {
+    .logo img {
+        display: none;
+    }
+    .logo {
+        background: url(../images/TIER_logo-249.png) no-repeat top center;
+        display: block;
+        height: 115px;
+        width: 100px;
+        margin: 0 auto;
+    }
+}
+
+.content {
+    padding-bottom: 80px;
+    overflow: hidden;
+}
+
+.column {
+    float: left;
+}
+.column.one {
+    width: 50%;
+    margin-right: 48px;
+}
+
+form {
+    width: 240px;
+    padding-bottom: 21px;
+}
+form label { /* labels are hidden */
+    font-weight: bold;
+}
+form legend {
+    font-size:1.2em;
+    margin-bottom: 12px;
+}
+.form-element-wrapper {
+    margin-bottom: 12px;
+}
+.form-element {
+    width: 100%;
+    padding: 13px 12px;
+    border: none;
+    font-size: 14px;
+    border-radius: 4px;
+    -webkit-border-radius: 4px;
+    -moz-border-radius: 4px;
+}
+.form-field {
+    color: #B7B7B7;
+    border: 1px solid #B7B7B7;
+}
+.form-field-focus,
+.form-field:focus,
+input[type="text"]:focus {
+    color: #333333;
+    border-color: #333;
+}
+.form-button {
+    background: #B61601;
+    box-sizing: content-box;
+    -moz-box-sizing: content-box;
+    color: #ffffff;
+    cursor: pointer;
+}
+.form-button:hover {
+    background: #FF6400;
+}
+.form-error {
+    padding: 0;
+    color: #B61601;
+}
+
+.list-help {
+    margin-top: 40px; /* offset padding on first anchor */
+    list-style: none;
+}
+.list-help-item a {
+    display: block;
+    padding: 6px 0;
+}
+.item-marker {
+    color: #be0000;
+}
+
+footer {
+    color: #ffffff;
+    font-size: 11px;
+    background: #717171;
+}
+.footer-text {
+    margin-bottom: 12px;
+}
+.footer-links a:link,
+.footer-links a:visited {
+    color: #ffffff;
+    font-weight: bold;
+}
+.footer-links a:after {
+    content: "\00a0\00a0\00a0|\00a0\00a0";
+}
+.footer-links a.last:after {
+    content: "";
+}
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png
new file mode 100644
index 0000000000000000000000000000000000000000..b188cc38a8f5375f4a4df9c2e147c08ffa21ca9e
GIT binary patch
literal 4485
zcmai2c|26>{~t?<vUE$RXpE(-Gh>?t*~VJ7l6@OvFc~vrW^CCL#@@KaMTl0(9%5v<
zkwGF7MM$GWwyCViZ*=S4`^SBKf9Lf&=lPuHyx*Vg`8>~a&PlSdG8Gg!EC2ui1kKG*
zXE^OT=gir&n{%CKT<hjE5>#VH>RF->H3Ut@0t~!~URa=c0NNLO28;F%3+%$`002C1
zadwVWN6XVl3^70zy@OE=4IpvY0Dz8OC<%@6$5Me_SYI4L7qrM|0ReH|x*!KlONb@O
z2<wM4yFkXCy<laBx!{jMc!Ts#0(C->90dVbDjFCXfG1Fpp}L?SdXXG?ryC3c{(w;Z
zbwPhQ<!EUGG$N9*KuuMM3I?JD1!`%iLNy==4TLgK4FZLLp=w|VOa%%-YQm5ZDDdY2
z;#ebl`ykJtOn%zp-06b+s8kXX3=RniQ4LX7C6ax?Py_-2hNywn)KoYK6-pR^iVjsF
zP-K2-Kw&8uGLA&W5edK@jc6}o5LFk%@$|0{0!WsYe=8<XekO{OGH@uG1cs_YzySd}
zas5D3sAsVMxbdH8id`593qFIT5QE4V&UpC9{33I5_rDGO0(xWq#*u=^_#bh4W58HE
zHULYYQaDaQe|W_49BEC)aRv~LM-eeWJ5S9~x}cySoHtSvr3Qf`)HD$4h9)ROC=>zJ
zFo0_!ASiXHCIoH--!ZnM;NL_}kE-_$*8mPtgF}rp4UILRP-9I)jxrN9V*@zK*Z`&Z
z57(SPp`r;G?2geLF76+$;s4|!jmTIul}NTD67j!E#T<_hqEN{@-9V$WnyS#95&Y>R
zmW&I=dYh1m0l*(afW-ZWWfMb~2^0#`fWXusT5u>74uPw~Vd^k-O*k9|gK;AMi|hTb
zRQ-zh|K)-?&Uj;xR2&tL{aKp^c<N6HkK3saBpyxh<s?GI8|#A(!c##fZOAwRRR_FN
zc6b~I`$PJR2L6|_AKm||(_ctV@$ZO#&pOV{-}4qr;7nFBXIAPwZ(HN66i9QFfnDh9
zPx&o`Q8TH|PJ`LFh1Um*(5{lVM&#4vyu(L@D``z&&m$x5!7VY<Vvao{e6+E}HY%l8
z^!X6q<I{Al4-B!TXMIxA8ki)bXEv<Mg~IyqD&}*N&cyoGd)T(t!s4PR;6b+7K`sD@
z4}cN^(2fE`5C9+<pw9xtFu6GLgZS(^7y*xe&<tsA4xbp*3;z1m#3M3NFl+3>oeD>f
z;f>s_`ND0pyB3uMyl*MNabn~Q{m!LG&r5CzCCyeM+CcXEq|JUB<AZ|J{tf7mut?Zu
z`&Ros|DwgSySV7XGNg}~!a1dTYo#Jc4HH&=Qn`O@;p{O7f02iffr$_^%}etA7funz
zDEmX`*I&DOWY0n`7MST<-Wh}mwx`oZK!QoF#980PyFM`t_x#pPlS$oEwgnOn+Fj-j
z?cbjlzXgi$(VC>W^_~ykqz%=65ozB$audl7s<57%N?**DoX|3C>0K|VM{Xg`{Wkks
z*c>-eVQ=2?B^j0Gq8{EunDss~;fRf7k=1K)x4r|RUiatP2UjgAC!>utc~A>|$%XH~
z&_6W4@qNdC-vV5m%LQ7MAqA!gQ<N7fi=|Z(x~^9>;h!^79r&B3B>aYzHpV0GNqBa>
zDO<aTEef)Rc69TAR`n}<Vu=-N%0(P{#S`ahGv4beAlP#@Zq{Krch|{QH$Ig6qkiKT
zYVmfUna7$>cy=S|zvZ3Z9W-!zX2a|0g*TCtI&}40qLr-JnmA@r7d1-8)YQSPcw^gb
z=-BXhhlhf~UGCrnCt(Jnu=C*l$@2Qqb1gS%0D59C;FJ)p>CskT;E;m~E}t^Otr44j
zFjmZA%PjJkvFW5p7PH>n)ZydyM1)lWwqVe8#`jK1UyXlj#+MJDxj(ANfitvlWo9yx
z)V%GbY54&?J?{Yznwxz4Q>t?kHpe{dnorcDJB2MSnX3)oKQTdXn!c_~Y(=_u>n#%b
zduv#6nG^I#E7viqTz5He?%Wk&B2Fc6=*G1#Pn?0KrMy=Z;@Z^Hx?eySBU3(<>t;C#
zCk545j}Kqf6=)hec_q|D@mtAbM)dVYL$gRW&tQg%(Y2}q+uO%J4Tv2YW~+84uiAZI
zTLXbZBvwP0@i|-5y9e|~8oy=fIJhTuvV8-s5{;W(>{%aAR+oS2oc)*%87R~VW@bMe
ztTG-C2xX=`yK(K2mc>@ootw<7Mm$w&8G?$@eo2h)o?NF%3Mipufs*$GZXo;mMs2NE
zy6L@|!1G2rJV;sg8$i$8^>%fhzA$my0O^DDlpd+v{=NLCTP7xR654{s#Iq#@Y*$n3
z^AoOiUd?H(2D<a+D&Ma1ktqF8pA<ZQV>8v4IkNS;&g?4I5}MUiqq-TJs3BkA6NBz8
zdJeMA$X~Go@NwtH<Yh#-XGf^=KMcGi)HtU;G&cF%&ZDq!zk`I5RB5MK1o)lcQ;RI8
zjXigngPTu;1cia@TdrD;EU{Nz5T68>oNw-V-&ezCL)84svfcf>y0%mMBVCsK<tu>X
z#Tg6DLD4O%_?l4kuyjRDD)Va9LSWYus2R-du-2f>!cCo<2l~!Ziwq*!@h(RNFe&1X
zBh2Gg#(e2Uae-oYTd`sHj>^fM%~^f%ZeY}!OQ;CM1`z`H#AAf4m<OhnKfqb-iA>8l
z=-$e7$$LcqS-sggdyk5=kv_WTDPuwc-H<ed=O%;++OP0lg{3d2_FsP6{JWjgBhj~c
zBc@*R`waG~GzhdS=702mSR79GQz{s4N!M+d6JAaQxUHPfgz58cn@75scb<8nY4ahq
ze(zVR<K6xC#{-<A*2tel^wx$;%lecK$Ldr^l80ZNKbZ)u?<GG!o|f4`9tFvkG_S@h
zWK{Xb@o~{yokO-d3rjCJ1Ysqd9H%tS<~2Wv>XUUVl7vOWKc8U7UWm%fu%>&6+j`s{
z_<py?)4Th)Ny2>4aKJ{5rBChwQn**IPUEMdcJ)K+x>|(w^s1@IcjY~|GsDd)owAzn
zDMvm$EO=$CXuN?lm)~l~jI-GkTOjyVc=(}-hS^8Y)TVv3k3|ujZoBt*99kFed4w5v
zlNSic`r{z4++?fKUe2-{eZL?*`&4Vd@3TBXUZrkA4r}iH^@kR|@XPHApbj&DOZ50w
zqx>spZtLtW5jVV&Y%KfY5K2lBlM<fHJC>_D)uGrB|3`gqUt4mB=_IXb$levc*X}8s
z!2WDGJ7G+#ZCx!<pf%0gN4%t-@^SqX|HtONF&*A8)1>xO2O|j3QehE<eN%A+Seac{
zt^ENn0h)o!op&Xp#?6)78OEmqjA{d-OyqvII8$6uEB6FI(=k&b1Sh%CUSkC+X&VDy
z$`DrKbWBH0mi1mtqr5Fx$au__pxrih>rz^+3CnT$sFmU~(<{HNv_cWMRMpzMzIMdc
z%u%Oh3;CAN2P54q;S@ny6W(L&4(X{#HogEtKCK81yeRRUq|YMQM@$)vq`a{ZzOre;
zKb7tQ3FctA?8lyJXfOHI-g)>ghIz!ZBkh#x1eEmD7k_`{$~^(vn0rj(Ij6vP(y4)6
zoK5QZQo$`zk3D5VfrTPwJScamswpi~DJPW@4Z=ENYBy^9s1kwVc=6%PasOG03_+hI
zCE?<{T!SrES09wkr(@i`+1>j&IL>}y+PwfwytO~5Cg)u&SvyTrD@*(KEN9msb_A@c
z7B7@c<ckMdmylzaTQ1AZx5BsDlkb3*%S{pH+fjeY9@1wG1v<Y-4zC`c%3K^=OlZV?
zeJfyc-yzFBLVfx*!;xq{w`ch1y@bc2QdPRF?@Y(}jP#e`KKEheh{^Jbw&V=uT}lfN
zzO?8eoEIat&I882e&u&Xg_nLxU@Tl2trUNGgf#3wSs6p>5xCY2^X&4ko}yPxodYrQ
z7xp9gl*4pWm8?9TG-cfNijk}6OcuWK=CYI1>b1$kyuMu?o*iXxK1*{air~^1goLNN
zMP(nooLS$F{?5SnMcA-%TE49mqBpi(Dr9n|hgbh7LwT6O3V&bh){l1Zn66mT9_(|5
zT}Jj|zRrtJ2hsCPdqPxtYN7JWl<BdskT?5sy5J!P$=fb_o0$C`&a5Lj-J$0U;$VYU
ziHkYO(f&>gc^m8PhLZ!1g~N7N$7gk(Ik4vIE+XrmR+`;7@UA@iUFF3;Cn}^{Usf<J
z);wQviPTLmY&I*-Xvz}LymT0Foa<TFjuQ(zFT>|SEB%tSO!NaxrA4ZZTZR~ye{#rq
zB@n?ZDeMQfGvFcnFZ6?8Mm~&!%mZj5h~#(TR=iZBoZjk*CF#$7(tx5>Z5cLqqAZZ)
zceP(zntd@*_LA(<&9;v5_#}O4jW1ipgz&prt``FyW%0W{VHmSE<%yOD*345nRHmb<
z&!;w_52}&cdPCLQ>TE}O3x3<M6NMLd?JpVWj1@TRlOT8`w;nx?%G%{~)OD6ZpKq2K
zgw>zFV)%gdu1?@+W8zb84Z-<J&ycnYb_yrx;eQmSw-%LnMUULL-YPR%cA$a3uHkfq
zxd>dtb!KX6bT|BlmNOgVg2e7eFG`d4#Pq19e2aTrbNXDojakHT@l588%)WUU(jHn=
zwz2zeA&E=<BUMdc6P88qgVu}^brAuViW{-j$8@WM=Ztdqse>oGnU6MWS?u9sdx;aQ
zr{L&)+IN#;4|P1k98SyG=Ph3!p}fQl$~JBuIagb5)~F1eQP>k(b!fPKwcz}&4way3
z8_~RF`Stu-Th;(MO?jad+`lrH5y>lcbPKfQa>}YUG~jT0fufk7w$cD3UY4EH?coC}
z2^;n16|y)dBHib>Y)<F9$loNf8h$nA!!<m&q-TrYD(Jz?M#sG<cyzQMVi2@B%%?zp
zmwdc0g8Jtrv6-0GQxer8on19~V(re82WA2AFM)Z_Zr*Q=JJ^uZmZdRZxjmf$zih#i
zAuBi`_#TbE`s~Kp`wA~=`rC60kHB<sj^o~zOX6F0V4GSU6U;m}%yG>3$wloWX+UGu
zm*3_XtHi?}Z|gaK78fk<5I9!9w$)@gz`tU5HlgQwn+~JXB{uGaSj}XUh8K7(9B{uj
z57!f$!%k*$8MZlwjFw-U3-+ZQ1p@p}PR)451iMhssZ6fd#9ltm>$-nBlZ(6VJ&&0G
z_sr@j*3cp>#qa%z2TjrIIR6`Q(bdfoAuF+`kqswm{_N?<o%@!eSua}gqPLzlmS#)i
zUWDjQ2YcIRxv4Z-BJ%LPFUM9SrP7sOuIEjaGtM2J(Xu_V`JQ9?T64ourwAIyRB@^%
z82Lt&&T|RdE0*FQg3wPX3oGhS;($*3pEP83n1^Pc85^Q{NG_5c&aG!xzJEE<25)%V
zW9>5N&@zGAC>&J@m3(DmG>)yDk}9z|U_GH}-;-D<Ri~y{nf=;Mx8M`Pk&<Jn%=Y_S
zZYqSCul9J`(7~`yK0Ws8VM~kYTY$>$5J>=?=Rdw!IO%YHT*$o-P*<kFlmIq{@BA1s
MH?~5R8+u;+KX-Ts^Z)<=

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png
new file mode 100644
index 0000000000000000000000000000000000000000..8ba3c95a12a93606734df54750d674bee02eaa96
GIT binary patch
literal 8208
zcmV+rAn)IaP)<h;3K|Lk000e1NJLTq003kF0046c1^@s6ZZW5K00009a7bBm000XU
z000XU0RWnu7ytkt!bwCyRCodHoe7u}#r43ex_g#g5ZDD4Q8c0vPy{s|@jmc?ctqoY
zCPsr-^vhp~;zf{S7!J`y#XBZyG@7Vr{4|M41W}0b)~E@W2(pSGD6j{x?9tc%S2f#n
z?9R;2?C!uww!UwstE*nUs(P=^_g+;?-}gnQD;x?Kg;SKyk|+vvGNi!TK_^2Bj3HKm
zl_#k<PNe7egeOlB!rw;-*^lY2LQ1*Jvcz*@Qq_NwfOn7=S&)<ZEj#b*)Hgif3;*m?
zbe2*$LdrX>-sO|UnB@(rV7{qgh1f%+)6g&*W*ip~6$X5Xze4zODB(TnDVFg4o1Bg7
z@rZE&+>Y=pxE^9p?s+wYy;l)e3Rxvg{{kyq^HLMBr4uf@PWaw!EY?jagzKB)$WXZE
z-KO|&{G+fK5*cne-iK8TqdO_e8m4ik8Ls+Eb1FMiN`K{h{tYUeIc2^Tsb-!L0%lDi
z?Lg%Z^(ekV+_0`z`IUpwPXKMu+r9w)7b?t|T>1+bJIs(`vpICcRqmp>7t;gJ@qPJ1
zXlnIu70kAFg*9ZEi@xo<QD#7h#i^K~2xJv?x!tL+AFFx^uLr2GsPjhhJY4&0>&Ebm
zF$6|j0J98+yTycShR_91VCXxUu#L{5xs}9^S7~ALE9$vDTtO{+UE5(b)#Rl3An>+$
z-u%^9zLaZJI7I9vX6{nn0w%YBQV?k-!Hlgi$j&W!$3YiV4}rLYgQ`hsd>;5yJ*Dth
z(L=ta;+(pMK~!XYD!6RIbWf9FNyxI!6O%SBAq_#>#}!l$feO_zGWcHim_LQb7gEnN
zD#{AUc)Ap@*#sHFxEW@s;cUAxLzT0j7$SwSG)6pM?h*5+@JL_ic(u|J-Y&~ifaDZp
z8lGatc6SBE5X&ryGen3J#mwD$r=pM(E<KUeP??IOIj<DqMU72x@z!0`9bPrLUzT@g
zUTCeZl>zwne707|ZCkeRnhmUmURRky@a}fqmRs<~39BL^ebrE<!nI=(ej)G!x+Ug!
zYIh6#&K7t7z+dRkf|}G7v8+(h<&NF>5iPnHwp`&%?zx*Z<)fY}DhyK&^E~fHxHTk7
zSox`Cbej_O>)x^|@Y{}eeP~A6B&WgH)fe8cgYZIs7FG{Y)S9?{8QX>NbPGNF@OP@`
z`p@$EzUO+62Fzd=U&rq<5ni)3AhI;X(?L4mF0vcE&wSy$N!Z@NZVuoI`B``jfm)%d
zRd=!87>;*YD&j%hc~+4aW=*a7XJWh+uAayK<Yx?H@l}_UE5J3<mttcgY@zxKOLUTo
zN;CTOcN(32*mv~v4XeT`Dp@ARuWpUFQcN!&guuiRgGYQOMm^)ELS2Yqh0l;eq*@-!
zRFFef9_w51s5==_U@YonNGC%Ii~<E#oX#H7$&do0K!FvfvxgKILpny5g~raUuls?n
zn<2kSr+Q7Qd!%dtyS3w0m?`83B3$|3r1)+566xQ^@oKMBSt12kVn(W--<H`Y=G7q#
zvFo-D0I4<#ke>e*{uYJ_iJ2<D>-mRzzW=E5Bd?l7LGsU#NS}Qi&$&?Li3P>qt?<S-
zwcl(gN0&cc`4O?qMo}MSNIH0(C_jH4!jSwFt>dw}o;w&d@dS<8^OX1{%8)c!<qDq$
zO-{l8Qw&K<nZYM~5?b-EzB<0Kal2YVZWD$$lgo}n;dF(N{(*?XEBO79(b`EzASY6G
zEJMi87(g)b(Qxk>()g1Zsr*MQ&5Yi=+l|gN^==r(3#K6|9M``PJ<13Kk#&U5wG88S
z5#G2-!Pw!lYozdoE5C9G@y<Z=*xxdWZYLkZcI{t9WBj*5Lfn@gUOZ{L;(7&Z7_!ow
zQZ*);F8YuDW-|JIZLAUMV%;PrY|z#*i7=V`d1r_{x%3Jt{rj0HF#pu^#Sk8+p&6W?
zs$fpI=On_X@M~HD0*x`7@4J`SlgqA)islJ%P~rMww2H)Nu7~4_la!WGzpFpt9p-rc
zaaJTUT!h0OOj67`L`U%l?D6~^FAVol46!_HATQ8yQYu@o`_jW(j|$g41`NA<o-fSl
zrFV&m)t~CLkv&nWNz94-5}u#Kj4yR~4uAPw_F^<mZ@3FWXvVXGSwPtyBWxpMd91Yt
z<+UTFhd`tV@K_kiY7|cQ@ViUHQ$vV6i&lMd03STTbru9(jp<N?R{H?V_Ea3<$2#ua
zM=8HF{5v50Bg(HFWqE<XYlT&^E*g^jp9voPPY2MpEl&^pj#qgc<$xLBkHYBI6vSuq
z%qv4MnjRArkitA}O|2dtnp$&-Wm<bt<S&{RP`Y9QHGuFq!~c;rrRExbV`;P(1+c_l
z68M9sVpzy5Io^s?O);lbU&W9SC%ozD;lm8qJZ%X1*B}jwtk*)3s=L$aRx-g`hI}%>
z!_XIF2w@|GaLbZU1^!%~d1VM~G-h02m?mo2Cdar=3%WOW4W2AHhblj<w@!L;cQ;&m
znflQ)c7y18vc>!-kpN9e<$EH$?&|;#`7R9nzAJkK{tkPFt3CqPQjJgg#|o@kl%Jmc
zy=a(N($@1Ud7VROse4jPT}D&*uWL`!A7;<XnYiOYkq9=={s0xCdKHyRY3xi~cL8iX
zAq<q_^Tc;TFbhh+ogCRAZ#0l6$zdAhEOP6dlg&u4_d&d`LQbP;Q}0k|^U4tLLzuux
zWtJ1ubz?;`Ac)aVCSEal)@BG<MrGGBzTc4)pY*aIi6L~U{8B$D@92wFB%iVyeZ9(K
za;Mk&y#p{67x;61=9eM9_=Ex-qzYww?r|(97X<}m-aWYm6{Wun(qg?XOD&`Sy$J?z
zLd+=JL!Fyqa&bg>z9S;N0#w`Q$;wKGd%i;tIgEMaR7L}BxW{7T-Po$D4JAu%X>CA|
zDG6iH3$b`#UT;TwA1)$2dqw93(PFhkub8Xg)sSVoUpypkDc?mzdiP*uH9?v5*sfQ>
z?)l~z&UScM=?)Ojo~M?$S-Dj3m@DbYorbkDrT)G`#MzQI_YRdluM9CG)z2`#zojyw
zsCx?6d5cZeMr2qIGw^>E4Uhj@z5Cq4TVP}R6Q{m$4YH^8EMKQ9C|chZv&fnePm!C?
z426_syLP@Oe(o%qQ!l3V-Y*Di{%j3CWQLxh%epEZOfjje7b>=9H^-C9dtMo$%4u~q
zPobcHO)M0IeT}AYNn)7xbAU5cTzn$_$EYZyf!a`uA{D2G0<0Pj%5~?f@dkerzg`Za
zM-<^y5V$Sjv9?R+T7wUNy$*b@#*+JTfw+17+Sq#=JXDx!ZwsgFs~l%POPEU#XRK~D
zOAM`@y4s;adc}x07K-rtFI!EMEr8llTbnrK;~By^aE+dmGNsJ`&u}^p8s4gsa|CZR
zs)xrjp=vE|+cBiIl6({6ncr;JrHA+j(}Oo*XS_?IX=_`ml;2fWTT1i|NyCBBmtn+k
ziW^-RNan=^JL9%iBj0mKTgz4W>7?IPP2^1lU2I9w=EX*0WjlLFA~kaGV`qH5A^cuQ
zAeh?@T-543lqK%YIV4L$Z7Z<OA!}PvI?H@I8ImQTwiQ?>L$(#Av&^SWle!!3`D6CZ
zU0dcM>yhQGv`ooHE~?9J3A61(+;ExFDC%>GR`E^`rc+AAO12$s#@fUXHurZ>K?G{e
zU3Ay)c(U3LmrX?@H>)|s_IO8j_Cxjz=jpr~>!0JfF;h9Vi_KV5f$}nBAxhxx5bsWU
z(vLD#yfdyP1=`J!P{`arWES-gbqR5NS)78T?!_P*j4~z#{_Xh;ndVPJC0+ZfpBQq&
z^6goc*79!Ckd=hgD_M)kV1o(+*%~pubeYrWpQa?WNL2@l-yRYYSG;d$dp8xjlAkgh
zp2=LaKjuSSK%?~I^R51S|5D*m`PkvoE0K2}tNhq&J&nCqT$&syAB2rnSjEve7GhX&
ztL-_XMV*V{ixa*}=HJL8CaBESW=ur-cXhn2%GBp*hVH$n<HywW9jip%DaKXSs63R*
zw!Ts5_<#Eu62}$wb?d%P*qiH+ZFi->mZ<)`m<Su{WWJj!GPKC?RzJybcTN-$Y|&Ga
zuf*{uI%}4nZbkZ?sf-!u)|H-!+EHPzrHmM23~^lhY>0J%!r?13pQz{P*c>9X+Ep_o
zSDP^!+n%=T&jIB?jh8>lxCehD?OJ(OXhxq?V(Nj`>Kh<v_H6f%)eN6-t2e8Q!t@G^
z7W$RAY5nGAFe&e*vb{A|1<aspVPhpHVtsNWtxv0csrccxSAUDbWg2CFRnpZcUO8Oc
zJCL5#<fMP9@{zY2>QWT5p9-R5&m3*WR657@@8+SILC<)TGW>$yKchJPVNRp{Ow^zB
zpR&G55D72s?jep_`;Z?l)h0T$m+vr?3<~h0XMQE{2TvM3rw^LlO-1j(PGO?%5CB?6
z=tT4%N*}N8HhIu-8`sfax&d<ut#pP6S67gyS}k3o!kx<X$54@ZB2rdL*byojEO}XQ
z(OJ~r@;`;m*k}zE6{*t*{N0mMO)EQqMxoWTFykF7Qgc*O{B7t&(5?I5CH_dkkQpmG
z04eL6ggE)7-8}??{D3Zde)Jb-1}%G4sH7x1WF+T_vas3RRL0tYR4A}oSe{rR5&n7$
zdc)Tg3My>4cGMgci^f01(0WmOD3+`0x<1{=r0G8qi%;pv&1TGXyrFS4a#dh6)?^>>
zMG)t>4i+fMu0?&5qm$m+-9x~J!C2IAnn}2p$@nu!_eRJldsvLGs87nR>81JIR8)5F
z7@Sh?ws7)a;5<bILvTH0SYqq~N6cD7gXj-4m4Vs~>^GvrmD0V7ZgB&P7Wlv;<eutZ
zxmIn)fFa*+Yhdm7N0D+=@SgNEM9-vmUYggpd3@q~yBQKPcRDs$WhEkR#b22i4-@q&
zO@(1(7OQvw12OiB`GttWDm$+5tS6zVS~cy5S<tr_O1=jyLH_euD2o~coaCC>W(+_&
zXEiF{AjxCc5ywoLf<XQBFav7olIq(sIv&z)hQv{|-Dj0_{n)N+n){{CINZN$5<#Un
zsi`qD{lssb<G8^eP@yV@a3agQ8D{iTeyk$@pq?3Bjy7YM0dY%F6eEmZi5>ABG5ojn
z>M81@7pgG>#u`^FJ_k=hFht3gB$KpSWl`xO*Q>qLjP#!<M17;<xmPh>4A6CA#bpgW
z>CIUE)VaiP=_2BXlJ;^H&gyEdHDpAK#Y8MklSkQ%v2p#OevR6U{W~O_Ph3x)McB#B
z;jQBC?>lu{s_1<f#K{|&$ltb%@65N|4>`l4=c|2TRHIeo?oHY)&C_T5-tI{~+l*R+
zvkYG?A@x$0x!_9M-LjquvKm6`r7o3qAog|5Z}uTf_XZlTsq-+ftIgu}pImLmbfb~}
z7?lTQ>cMZW<9-0){r3slSLZFo17gC)FSNgne+9!35w2Nb8R9!IB{l{_WazD&tUzUY
z3^!809DR@fTSexR05uIJ3>c=N85D;|>&wk%3^Zn>=8xQJH%hG_6;?9U`ycXeP<tkh
zPF$BZw=5$HQ-vGp+s_e=Lzyp%O^c%i6RH#eVnolfZrOw7YBR=_=)zn$&~@E`bjwwu
zSD&RF^_7OgWJva;+~FV#XUN*&NZYmwbuy%Fbjw?+PKM--v~5G&$&j|uEpMsv#}E$Y
z2&A}qD|x;VtHV4w9O&t&;^c=R=qE6Acv|dI+%ZelNa;an3G=RcbtAn_<;2zyMO<g`
zoZFp+b0(xBG}^$`Vp^|Zsp8rjmKTON8`fWkc>I|_<=WmtZmaaZ=UvXH77lMMKQ^C7
z3UAkCt--Y=-fBytjA>Li_r*BG-@7WfrjLB#lSiOnT53(LnXXi)?DLv*CB}nXmvN7R
zMLx7Z8pgw1DSiX-UAfL-JR*+gR9vESrj$h>-ud9HXP5j8dUGva5o&|i;QS8QL)qgm
z;P8G#pBKNqUpISm{oTNhq--mE(;wITLt=Kg=NNX|!@1V{AQ3LxsAL3`rJUaIJR<1B
z5!cTT^(ntZZ2*z4-D8DTUr#=tawp1IENm`g_udUj_5GCP_QbO0>hJg-vSj|Z8K<fP
zX)Ti1{#0}-S5<7_+flPIT04`<jz=~%7K@ehIU)74sNtO|x_<<OzBpw1=fVtitHZ-B
z=Amh2XeIqqLZ)?gs3-(e#QzDjc`7w3)Y;qs@v+s#Jb*lw+qVCR3b!{m{03t6wnEkj
z6j#5Iu6#)yK2>pn3mII9<BNCU!-Hlw>s1xb9V(;I@%%~n=DFl~h+DZassr&QSAZB@
z1@~zIbtx7%Bc*Trggmd&8p8l-8=f7`5Z80|rBW5m%JQDNCPQ#$4{7ODx+O(w=7>p^
z3$aAF8wqdJh)pH(jj)ny(KDWf2(LS0^|48~Jii7(<ONtpE)j0ydWf*b^~AwVggC;I
zy~Zg4pVhPb6o~m}acgOr^t~TqO*vLf+^|$#nL(P5Tw!WuRt$HzrjqblzQpi#U<W{h
zcvi`;tf`f6VBPW(jRgk8og<uG>Ggeu<CX*SFUv4dAA9TK5V`w0e8_^}gMtrs#fl@v
zzXLzS-<#fXDAyR>q{0v;hIo7&#9L-jZ1QHv_zWT(g{@D_sziiBb#9|Q*$?+TTlYjE
zifI5GVYdgM=&BImCN1UIFY2h=G=|56i8mbAdsj?uQsyzd(E9%t<eBbC?_M3m`DjCF
zAYFrZ_2lyZSNVkB<6H~%8an><$f163nb%EEgvr(4;XQ;F?^3W7W~NO=lcI)Jbv1KI
zU;Q)6c0tN}TD;(OvAanSaSvncPHJ&(qjNKQj55ox28JRvgURc^Dy=1qk0E^D*isdH
zFjh?$GW;o9DaYzjvS%#M60w_Qbp3Ta&on-d`zA6u6jPS$7PiXE%h8)(O+&oM_3k<|
zQ<B!=I-ViY{|^U^_fD5F!^o?&?DK^>*~-s$s~&Yw5C!m#E2G2L^zy-k9U3x>w}LqJ
zq-F0zp<mX<+}KIc$BxoRo5Pi>$hU%zL!PVP+_fu4vpD#^7&5X#^;mavy|&d7Tzuwi
z^%o0ctHPh`e5H8wN|FQ9zq$3^DD*b>i^>aaeYu)1(2c~5HPR={5Yyod;Ry3P^niXX
zCgY|;G@Zrk&D~NJ{61&+>TOB$wuCYs!=7Uy6ZAV&?$+kFl`_QL$FMk^i_YG{PU;C(
zK#$X7CMXjiTB$N6dYEBqh3APeAydv&$|@EWm(ts2vf^9fG`dR|C+}zV^<hGu+DqD(
zr7x#pNpeo}xK!_EvGFXpj<wxcD^+=@%dTek;-^!=W*e3l@w@uWDXXNv=!rRXNhGVB
zs4)W*cmP7B8Z2X{{@htpB)XY3iJwjlVDxj=?j>SVZ8^+ZrQaj{`o^wj($ayi`m{LL
zu8ip_H_|IgzRYNpp}ui7<oLR5w2sldl{DhZLCkIIGueS9l|REvUKpY*K$t{-&zgLA
zhP+!u#Te3LE8GI$e;}a4hb&Dq)pAWSQz&bU+?-mWY|Smnjs=~c9<pQ6Xq(n1KRu))
zs?gEW){e%PTOFl7mXSr8b~A*H(M)7eQCU(J8D<NTN!pqgM+T`dpXa`g>zIC(Hf;w)
zIFoxH!Gb2b$;If}jg+0C&=P*Qy=KJ+*<{gfhGdh;{|by%-s=NoY$vJux?bbK(aWH7
ztG$&CxD)AhwD8<>k@dLj#MQ=aIaj4#D#BHtC8dv)@5<?=JJ|dof0B!dyA4|^ZAIvY
zd!6R_E^$ajg?!#D-D#XayupfWf5-Fg1$Hm?7q5g2>*v7<-gMGdb<>>F(D)E}9D^vP
z0{PRmR=8?GQdx+k_uj%r@*MUD?BWr_2;b2#>7>613vJh##NOs@%6JZCKR&>TQ1l|w
zA3)d*>Xtio3lKQRDj60Mfzy58JI0d66E-HTp-7*pT*Ea(?Xlb`Wz>zE=aB0-;j$_0
zhb{)^hLCAo%(8t^fIoO<)kE0mDaq&<q@mSZ@OU&Licf4$s1;F?b3FTMn6cLCQhX4^
ze4Gm02LRWyl<h%*XB*PIQAu3+6zZW)_2!@J>-#+S6`1^I7<>$%n2tJ+2S_1iN@*+1
zn9YW4p;aOV7$)WL{O34F(l1D-o)GY2Dt|WD(_V{A>M!^&4dT;Ff1R!n@eG)87Q{~6
zta7uKw(ZqY1jO%$QO^UAEbHEY_~10~uSUwy9l{?ZM8B2P<sS0;h#T<qa1PCeC<cW>
z#`mGfCywjR2+EWA%!(mR3D$8)WjaP{pR*gi9trA*=GV0%sr{Q}beYTs>1&iC*xZVJ
zxYKqg&KzDytDC3K0wQts4LJq{)~Bv;sUYXtr&ismdRxfob~9;C6|`WLCp+hs($?vH
z)p3NQ*xk<*zo@P<!_|M{eGx-Mf;<eFt3IM2?=r)ce+TAau+3LETbKU&#hhgym2}TM
z$wEU${u_dJS2`DP9ZAo88sZ<NP;x8jF(D)Lvhr)k*Q*WbeMJSf#&4LDo9M{bC<!->
z^#SU(ZvdY7%z+{56Q+trxEt2h^6v?8&p!G+_UBuU*Z2aH{08n_SI57!qwoW0(MyB(
zP`LViMM&R6=H-iFNPfT8KX=O#U<^^)*jvH2khY?<;xyHs6yoDxSW|Gc&Xt7qRsO)y
ztA`^8dn0%!|F@Oj-l~r_Xz6c|FTsb=8?`_bVdiHkFBXW}3(t2Q=LmZAk+k$X$#{RE
zqy&P?n!_7n66;u=2_8lZBm^9xz@a{<W#}$Rh>m%)W(Y*>9!o_bAOIC`*2TiqvQm0a
zLd3@{V{Ex)l#LAH7y_0;v|WOCK`VDA_hN_=HT0ahF)6H)0GmbMVr-2XET@pRT9&mK
zc@wvlMq*{B<qk$fpCp82SXhakWcMIX2%>tHXpi)lI?RJ{M^pEK$ihB?5sMwK;s0n7
zdY%mOO8Jyrq@IO~RjM^u#?1YK8$2n*MZhmbkrY3Ovg8f*wSwNJ@Lp6c!S$*XjCS1h
z{vu2{QQy4_;~cx;ZfSZu`-VB6N)1<{76s@=dR}0=jSKKn=QNJbKM?tu>&=P^0FmAT
zInWaQ-%Lv3ix)lLyHKAsVG*G7R{*(4f0Ga@W){sO=*Q4PO~&ez0k1KCT+Pu272eEo
zs!WQMy`ULj(reZXQADsE=NYxmrlp{NHh-FgNq?MPK4yFJL!`AIQkVnjmhahHY`)>K
z{u5g9i%z5WvAuBaa?&-LLq<Fw3U5@y$h}OG%atV7^W;qMUY3M6#S0eb(<#qmDjz;v
z{67AvNtZ5@#_D4I9-1BOxLa1R2>5^=GGC+0LHgSwYwE#bi6h_gbsguUm=ZL?F2yYv
zVjA2>FZ_Ke<L_GF$q<m0=tOOB=&IK;6tSw9H9(z$1t(=m;nd~FwpXjicr}czc(XJ%
zCM!L5vFRoru-6#)C>Q#P{=(}|uUnLG)GP)5AV^L8wT(!Ot(E#<Xb_(GR95QZzk@`N
zt`&NTofwy`^fxh0u6}iC!lu<lX{FXF@a4vkNc9ORaC8QBAO*4-vP{!j#u&^H(CP9`
zfvkE+z6;TbKTd(HdPp3+)0dV4YEH^s|I-59j>V7!X>U3ybh_{sl*u)qa;xdodM~82
zCCC=tj>V8{Yn>0c=&jas9Pf*9?Lp77umfENX>VdK>N|yerfxjD^h4Mf&PT9#1+uJa
z>}dai<n}3+*jE9Md{5rQr(DlNN^k~m?{c^Lh1x_l%X|{^OzF=cHAXsp3L8r#w*FQM
z@{lLI6R`vPiINaF-mIyJO)jNOY;VM`ku=Nzzi*Y4JmS=CU5ahkEm<2$G%Hw#_K>vF
z-e#FX@O!Du?N&&BmnbTz8K9tsVX1fpwzSv6gbz_F%)?@^4l~fxsrg{n+j_nN$~GSb
zo5`h>8e`RhbowcF;4^6yQxH^MPy5if4B76Th)TprHlBy^`HT~=1^Y4kw9z`B@oO<{
zm8QL9&cT`T%@o(63`r;LO)3DJB^p*=cKd@x-@R934|^%U#3l7KYwE_gq-kJtC0t8(
z!Pd9xBX;_8Va_0pD~(h+DWBF}GDwZxO|`?xOPeuaE;<hp|2^~s8AT~CXA2O$AYkHp
z^@*nYQAGVHA-fgWhYd}5&&k`d458PilJ+K*h->-~kMJ2*Io4UTq7sGB-NJN30Sv;!
z)yj_%VIwqH72ky;8}daHTo(BR2-7?>NsYOs?qsO1L_FG=!qAdp^+Nan(=gtN#?ZY@
zQ%Rc3gLj^vV}RNt;XNmB$1x;>v^S|l7_yngUEd5vst0m;%uz6=#I_T@EWj-<N$|~I
zvdyP?x@PYgrN-DNBeT*1Pn8UfW?WJ&{l$)OcMH&=3mI$}!DpRxXgNcj5-qjKbsR%7
zNPCk@R@K9<+w!4avvYY2U*DWft5X`u>|ECQw1O^!)R-aZ4Z6YzWe2Q{w|)QWI5znr
zL)1muHkl5?&iZuzW6CLd3q8nF>gzVSj$=qBX>VfDfTKnI&DrXGi6ZM&Cd>#bsb407
zWb|j7Pevrs$aGR;Gg9?Dgnr0wbQjo*=B`9)&36_329=8W?g<`9k*ii9p<YUOo!Mij
zIT|CIL(abRRw91=-iE)97oB91_9hmP>%4_&mZ(ECiNRU>v(2Y9gsG&)S_|lwiXp>4
z6-)NRGGf*Vn0H)>Y3wMCP7Rw&UL8mW*_3EQjFI*z#@mq$$CtO3ZMyi5XGpr7zDeOQ
z+itMmrYBE>=o>h9IE8s(Mh4??T|0XGJgdkW9lI*F4R!8hNE)K4Pl=-{J`;^#H})bg
zvHYEz1~eMXaR`=y-)$8xBNEupexMbQ&ggAPf&T~gFM2&ku^z<$0000<MNUMnLSTaZ
C`x=k{

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png
new file mode 100644
index 0000000000000000000000000000000000000000..4f5b4a591aeab346d471532909cf1999a93c480b
GIT binary patch
literal 7120
zcmbt(2Ut^S7bb)V0i+|KpkP4CP(ml6cL+_I(mN3Xgp!0RRRlqLuOdj5E=`dpN()Gn
zCQYi+6p&tZgERlk{5!L|&+g`Vl6!ORd){--`+fJzxnCl6b<`-xu8|QC5KzF?mG$w*
zWBfY<M2!FZ)|B0gKM-Q{)f5RT2Uyk!2rfa9hQ?T9Z7oSVH<W;ly_+pUzz5}yM-dQ6
z`$*zXQ3$LJn-9vx6(i{*1OA1O#GhZ7Az-#&5UjHd*jQVaP00<7U=tG%6%Yi=lCiO|
zNu%xWN$M-B{^5@QCIfcFV%;Sn5N~g90dEljH?#vp2nK^e1cf2O!u)syKgQP;YvaT3
ziedkq<Uc&h2#g&X>5fIZxw2jG+Ss~zVr9VKi$H(Ae$Uh1?$0>xo@kd}QS9v?2p0qj
z;flpTgam{j|K^9UR$Kc|S69p*df=6T_}IAP-2@>h)W3RSu=<F<iu+ejjG?bP0-}$=
zxOt-O5O_HIzomdh-uqwhTwM8;!oRuUGymV`{il|Asif`gB(X@W3*y%x{i)rr(Nb{1
z{<rl4e<8OE@?sPvU2I$(WWYZB_K15no-SChtS%bqij{`^4*74_->v`6C=L0S;L^W@
zmsCcekzNRURkR!G*9g1YpfQLG)nvf`k?rqgTx9l3cS)ox25aMLhkz@~;+X`HNP9_D
zMF~|QAqi1I31LBTsE`m;5Gn$d5RniOgF+=FB%soef4KhFMEZl--p$VQV$S@*Z2y13
z{5RLXn57~ADD`ie{YQs?1{G6)3JODol*ANOM1_P@#1zGpg;j-B6rjo~3d&+i_;UW>
z{mb=lL4Usn|EEfS&?^3)X#eK=58B&kqyy5`#zpzB(4L-no$wh7LSe$9FcC#nWkn$&
zn2@LfR17AlEFvT(2>mPNfARlYjEh+>iHG3Fz~<uCmlcwR{KNJ)Jib&(B{aeY>xMRT
zb90eZxLDEH;4Utn7%ck2%BEx>CV(gTpMigH{61&@w$}U_p5Lwbl}wfl@A;oqQI^cH
zAwZ3QfI$_mtYGLv_{~BSJ=2@g59H;b=wn_DS1v7F!R6o0{ZRf*A<8u5ajn-w_8X0W
zL|!&A$45<Ee3kNr5u057z>4|rG4CA`^d~KY`$XXP?i@4{ltuu)<2qPNvTl~rW=I5)
zKwn9;Q9roO{strnh$i@dJ`529?U{cwxpRHYx){>&^7_ruLvD;22o}L}|FJs>nsr+u
zb)X3z%|apqsAsP};Ap$qa75@$)G@HEs`x%G{cA?`lJYI~>IRNOTnmYR<jna4cjDn7
zX+CbqKsXIIFr=Q{7rspSDViptmHD!@9J?+Tz*z+?c63O1GFg07tI`-7X(`Z}-9!jT
z4RI+`8Jm~rRy5w?WrHq=D*KLJvF-+q#>%gVHM-@5&Zveut;7d~wu_Rq(OuIu2%U4a
z<CyKzT!g(1Khne)+}xZ=8(?bt$`o=!y()^6u_XihSP|KRmw2g}iw>ILiPG-_neVnc
z_qcH3ZpM-<>Ju!k?$E6A;V4K0ffe^{pLy={0Wa~+e>>lCV^4bn>R=y&CvMQ0!vx#C
zM?}3@{AGvb*ky70J`aWuc3(+DvuU`QLk1|CeLF^khR0;<zSfoli<y_41JjS-Iuwbv
zu-IRK1eQL1gOhnDfNq|}Tn;_arhjsF+?gya$L?wfnr4+A*Mh9+XctWH_a+y68lcJ6
z&QeU{>lG~@0K$eZ|4>Y80dlJ`nTPsXb|t4~awhlbMax%!_MG@zhTeWwQ1nV?;Ke+D
zeimFqGW@yk+p0Sy0$8e$OUH4jHbNp4pQ5#$uAkOk{y9yzx|jhdX<IpXDzth>*?nKM
z$e%2Sqr-!qT~`ut{bu8pF|Nvp`NBDNfnb`RFnKQZO^Eo_S+=}v^y$3BE#KCUboSKz
z`Ihnvmya@OxG6$(;<JaotIKrLet@YC&B^joywL6XR1(PTzQ40FrrBx>ELF*+BXT3}
zIfHHB7GGytImesFO5ToLF;>kr2TJDS`oegGyr=v!=hK%-=iLo2fw1UMjZ3c@RgRbq
zf8^+XqMwbhy48XCm0vjyqoCC-!6nHhl*)cJgpArcafJxhX;?gh_$UO}2fyJMeDsqI
z)_C9Fum;pE47kOPw}1q_niHOXx~(3V<51<N*virgV!Ao>oJTZ2b%nu;3cH8VJB8YC
zO5YL3SpXg0farsR4^~g|`}rlKZPo%CUyqu))9P@ANjANDeT`q(Z_j$exF<_y9;3M#
zbao`9l^*sAwDK}KV!L2WkE`mHbTv=7>R5obY|z2%oa~fFPuhYLcL?TF@|np%RX1Z2
zj)R5O^L%^Z9m=^fHq^t)VFD8G{~BcWyoq+D&Hr^r6z62vi`YcUxu@0dH5wOshCHWQ
zE=TSn;GlHJ9fdB*@&W@5S|QcGX6XkIgn05!WNk9&ernA^#N~;MoyVeMDRtj#UZ*@&
zW;-`vZVBzq$~tXlG&c_*CAu>8+Rx3-j$|iaKC}Hp)oCfEO^X)m9=G?jiy+5W)`vuk
zm13I+bA3t(b;$bZvd_?s=>`jHW~ZL@hOY4vU<7YmZG%j&#t?Us3KOBtGaPxSrb!EH
zyh*9=RfF8x%SKRBxQ3LwO#8mQFKRtxlDwixG%`Q&l-ydqj8jU*0cV5J$mM+i45)kZ
zA%}x2Hv0Myx#Glf-20m>>YkUEZax1LIbhONG%uIb40DLQ6O&`APPvqFV^52N>L7tt
z?xW;Gll#?gsEUM6PSYMmIgeN&BhRDyG`V0F>i{N+MzgfrX^(z3H2RYLbk8WJ7k!x%
zwhZnjw>9w}O1e}f{GDn%=DhQ!ZcC$%=c9wd_QJ(XJ*19(n4^?tuLx=Z+n%-t=4%I)
zgLSEJdL+(8riX9*o~pghAT<uFc~GVk?O+&8$N1ubJc{E``yi!P^rzxAq{mAcj1YI7
z#a%aJ$G~ip6`GQ`Wx>f|tHM^_sBD%@!-MbR<MQwqC$_omEi9C~n-#UeXwkGJhG2PZ
zBDcQG5jI1+Z2d(UhWo&cB|hRz@Jd%`;!U}p0JhQo+<CBHYeH>YE7M?lnM!I#(DPWw
zEd@cMIwRt$$+<w_`pEJd%KRqOhvl+su)Y?fMGmCcQ`b}!%is`-x$jDx{B@3}#F@j7
zf~a4)7ECa^Yf6^uRZVG>Qu!s`<nbPmVfvz@Kuq*;5Yz$IZETE{{p^GI1Z{8{Q_FQ_
z*Tl8)X<7<g#tF`IJ`DA5_^t*Kp2(ZEr-(k+3}uBQ4^m03Yar*x(y@l%=_oF%#_ZRM
zz~8uFQwPLB@5rW0Ea>}@c0w_9TJu%z%*5}oX9B(jlJC%?Bf)0`QR64=F`OZ<jH~Du
zSyw~ohP`dWgq3x#L#nO0l=O8zfbm4fPpc}sn7(EJ@&l#Z(MGQjr5kCJF8<#6j2w-x
zCN@y{v$4qO7gAp-ESaQ=)-u^{LmHYy_g5+o-uV<{8rM$h<!NHGhK9n&^I~OTMLkAd
z24eJ?D)pnitGi&)ZK*4ZpM2;2);z_$e0rnD?>o5fy_FYE9uruhJCgzZNN&jakZLmJ
z7iHlqSMNqvZ}Ac0WJZp|+-B!@vf8Qo3A2|fO!rt^iASuOIcgMrW;9`G5p<Mh7p`d!
zIV}Hl0~9N>zv$pB9z@aiMWpn!O8+q<Q@-&F^tGAjyG9iZiA^KwFIA(nBJvA`P~vi$
zr7)S9cAxj!L9ET<dm}!oWh|Cjki7P|k`HYA8QB(cAr6DHpn{Hv443Om75K|t_&E;U
z(Q47ml#^#y0=!65SX7MYi(8>v*{e{wQL_EElxn)qbYP@3(eO9n$-+8DXQGI0`=b0N
zuSIbYgqa(Fo&^ys|Cz`w>U9DxmOb`>VM6=p3GY7bv=K?vYyZOuP4_duJ+9M<Ad`n-
zf!}G>y{sy$25p{w0#$56+DIq%5^$EI^c>}ni|Z`B3mu!2KfIi-EKqL^?)-All2VLY
zfs#}0%em9}o(?CCU|d{*fZJA^&C$ZSFQo=p@|CVN#L%X4Yc02jwk_IMt&{`H&1bGx
zn5&xWTAd7s_QSW`qog0nargP%T5)31GfZVOHIoBzCSwkJNy9&XPl}}M*DmmCx;A%D
zgapzu0VQ*eKy*ACV${fa>;<j3gP9(15|F$7{piQB@gSD+Y3qlLNfUC{L7(smMeiFo
z?!k`E`~}7urNTg%>mwoEyA&HLcUhoMWC5I+GsA;kD#GH|pIASZo!ZT<8%|Kzd@Sml
z^b;LsD%h?3Q+tZ(#nH(_;u+d?MXub%Jj>KzSA`&7nuR=J{=#g;XoVMiopWZMA*aZU
z^RjRAQiWnjUY{8vY%w&A6h--Xn3L5AlRq%@Y4m_9U86~^F>|$rBQ)d198*XZ*C2H5
zgyYTkzDJG~6LHuqZ6a5<ttu+O%m;CH>u0#>8J%yh?KIaMF4IinNSk@`?61ZmfSDl#
zNz(4Dxi22Qsv}a+vrJF-?$V>NAm3#m(ktU*{yEG#!(vCX#aWs5)A<rWYbRw|S<`sL
zPf#Q14eHj`7mNAA28s^{3X35|Qv0K)F|&93fQJN5V?VXfKfRDn9_nSIjo*u82ybK{
z`<sE!XRml~Ly81K>G<Ff=x1vdTgJ7I^_K}bk9We?96drj*ZalqobMm7)fRlNRdzZF
z)dW{_dF;vsSS#c#g&hzE?Rnl^;fxJHDFwr0rHZOLkr~dI>>yi;g!K0=XI+_-$P`XR
zDQeSrzr@twrRh+Dq?r~YQ`2Uzm@f%a*K&K=>fct?sc^11Ig!8>)}?SwtHPfLBQqbq
znMyLZii$F=dljU?r~b_e`C+P6M5v7?vh4XB8|%865~kLS5jdW+>~lo5JzqTI=KZ~o
zTcsp^^$p1tq{_5TtX8r5#ynNWJ=7DT?r|;)=fn-??`X!hqX1{HXv8@xe)svch0cBA
zDZgwHR-I2Y!12swKhx|3H$0?JK1MqZOp__*rKWCz6&X)mJ~1_K{_qJ^<l)`SBd~Ex
z^gvfhTHzt_pkp?{X&<v}McNQ3wv-^G{#IiMgB<QYt8~S=XM}%Xk1V*gyc1M5I^eVE
z7fEtopW0Y6(WtOfZ$NyT<OSThm}2wR?DMek)+j__=KYUJHA}DR6|MQ<mJJMtTIj=w
ze1+EH$f6eaqr6?OWC*KH%K)hSI!<V-xfm(TeAp>N-u@)979(rOE{?;1dvIx>@+-J=
z8r1u!jaSF&YLD$*d-%Wl--A6NlagBu5mijF(7QkkON28_oJiB1v~F=C*-q~r^DMh?
zdS5eTv0?-`E1|8T?5O$1wBcEt@Y%ga5jT*Dy_{`-OYnoBK1FMkx<H3f`dUpDA;-z$
zuqn%OgU1`d4vkWbf1+|1+hL$N3{Hyghy_)w`PDZQ3=*H`e97(H%2p=Ln+u3=uK}Lu
zefP5wHLWZejIqLZzha>BOSph<WudDTH2Y(LFLfC7gg3`^;<Jk1J{wx7#y8H=xbsUq
zN)${+b+6hqVzka=V(Q@F)wwyD1r<IxwTF2I2%EDk7#Am|)|zHIGxEvmcEZ2_Wvg@M
z7P?JJ>Opo56VP60QdER7u6+D{%v1tH+ZL{o2<uxXu|vybc<NE0ClDnFC}bb<&=$yx
zsh^SkGK6wGpE$0QKpi&|ee2)otJihN)1bybK(yR(1axR)HowHl_M9gbnXsnZta}M)
zJkAa0c88W*0ws}^r{q?$M5gf)V<EYwXpgHgCilA)-Ysa$=jLac-#`9smgoti!f4C0
zG@`?n{P=}x)tf^w?M;6F7wS=IYXdKAzg>#UP9qgsv7iTBA6?$88F{uH*`sDNaLP}-
zj_-iK$>$nm&RF;I_05L(4um?J1TTs1gQ?G^ELy~P3b2QwsfuVa1Yp-(dTDr<`Zxbc
zGN7bg<*C8FP+DD9BbZ-h;Lq7u-Az@dZ$&*nPey8UxARHNx}o~6QcS7cRSz@$v-%IX
zl1R%l?i~K=V0DTYI;gC{=VfwM7KCathez$>d5N2cvwO7kY=s7DPa5u3JT_c>XI_e#
z|Ej!@EoP-LL5i8Ra?shG5uY;5Eo=B$anNwO_;gOtvE+m^h5%=@xs=~uai}gQh*MJX
zI_n$z992D&Pm=XCEZGYx?a%KpaR}Mo3xD@+B2Gf$k%lA0mW*rAQ|9GzQXH#XPB-G&
z^!Tei;sraN&N6&+*v+P0?x^<OGgCOp%Z0aAWoR+giR5Etn@bk0wAqMo;Z&qnp@O@F
zMU{hE5f#aA&$$?NjNa^rYxp*<H;4sUcqP+rts%}oHei;9{SxmR+<Wl8^VtmjRhfnQ
z6_s|}@v^*iuDG9Ef@cyt6&_$$1@+3f@+D%P$@=trb2ST$U6qX$5U}35eABNCzNww@
z`DDj|I*|HwAb`_{n)X2AQi!y&n;34GN{)Y(le#^x-S^N~!3QmVi%nj+m?m(f+)NW4
z8ply!^A>npDPoB^G+4}_>v2U2$6?WXGLxeZd=IRm;C4Ah(^sy}QLf+Z(dtDmnLXU6
zDmvf2o5(^UJ!EYrw?ctrXdh-e?v9Gobz-y}t<ZCghAro-j+ONEa*MUwCg&HxcEC}6
zS&T&!(f5)}UoQ5ux-fqMmU;lK>ePNL*aGFwQ#M!ITaU25#(oN)>F2FI25QkY18KYr
zHPRy%J&OaOW-T}G9-Rm4@6)Fxi|_Y)T50f)E;sh?b<s-C<##@xjv%N26fpAh-SV^1
z_MEO3GLU**Qvq&#DJwHk9GO1<`ZjUjoyP=7gfYR(REq99Z|zY*&gz>K4UsJ5R;zpx
zIh;}V9ih#EK!3WR@;h{eF8nZ1efTo56-SJd)O)tbBy*n|(qt@@&XfTC5((3Kg*J0d
zN=1Hfqu=xC5)jO?^co=<i5N8@50}bBsR~D$S6A28j{aD5k4H@}jqdK^0HLvAs|tse
z;pFOJgm==_h0eF0>};Kw{@<XPXq51TXI5P@bLjk|KHdXC0EOB-zO5&?Q_yCpR=i(8
zb__t7UJhM@pbWx`dc8aqxD7Ykf<l+F_)I_QJ~<uynGYNH#1OHR=I)5ThDU`sdPHT8
zIK19t(b~rM;)>XWWhOY|>Z1v<MAs*ax)rUP6xNL=)Njmp2`MdMJSSRWNep>sKV-^Y
zk~~PV9SU$QvbtCM!WD)B!&(}{*C;S?+OoIPcoi0d0-Iu#m^|GKNw3WFY13Tv$?P$9
znF8<|p$^^E!bNalR~8xGkM6ckv2Osrh#gxe8r)X2kWpaf<?Q?0;AJPYNEw80#O$tt
zMdQaE>LD2(qkE-q_xjFGIyex{suKabQju>~QdpZEABgq|11_-z6TY;d<JVDX2w%P-
zyUs^k%=6aUZV{SJvkC;T9rY}qov7rSsi3#WIrR)k9)Ec^$QZL|rJCyuIsy(B^qAtW
zbcIntbSZn>M%C7)h~9j|#me*Qgz7B<uSwIjlV*%3%$T(|jD8UunN2dRnfnYj_^}yu
z-CoUt#0w=)!1Z?ZMzgK~rf6s$5_pWw*kEVnzh*)8_Nx;nx-Kc>hbwLL^I5qx$U|%!
z#ohaNBrOOfYv4Vvgs!y|4LY#PwD%SkiE69nuNH;6=!v0j;ow<Ib>myi$fEmGGm(I-
zcVx;0P4xnm0#xMhU+9@!QE_)N<b~^8Sy>ZS46&f2iI7_ApI1uW{0&<7tvceMzVf!E
zaz2boHJ1`7|AT!Ny=JXux>L&gl%t#Dw&J5DrVs$lcAPg_wD#-V<VWauvNpY4BG=n@
z3DNQ|@K5!a%Y2l_Bb}X#gN;J?-x=$Y{!V|pB{sK0<D?ap_z@96IEcv^vn5FSPT#d7
zV_CwuI*z6UNN9j^JuxY8XHQ?YQO0k@ln@Zop<>rBpXKKXkCoT&E@zl##rFiBAO7%v
zC)q_p@`%(nCi-M!x7EeIv$tZjL2k=jnWxTwkFSrisyr-7T<!dN0qg3r0*RjdW@N03
zaX5UF9q@o^T77$)!Xn=}Q|Si%m}Rv6mNmzzY(Q3diS)?MO%$bpe>~?(*XdKfR{Z7&
z5=Zi|JUFPO#ouMbZ!X9wpvu9BRPjy#hSN92JEhMSs0d=(?=P%lmH9YDj!5vsaoi4z
zxWp8)LoGP=1$vaAlP+eu*~<ah`r$DU9n1hwonq-0AE6mAy?Uysg{G@BPNm@{yr}!N
zZy4P2t@aY%RYC)xR{gO>nZzi6C_drBW&da7rX!yPSIiJ*MUp<NIfdZ{8}&OQJR^px
z`LTYUO|9ZxbLLqab9Omghfg22op)EM{@nS(+K{~deC^$^=&@Vv<d0bjZ%M~^U5W0!
z_#Y+B1-hr3HJZ_9s-5ibWqQ>Q`Rc27H)z&>u&faa9jDMmzoQ*lFB!W#pWs<(F;M9}
zrn)6s{|#HcR9xl(lXtKD|JalLwWTX>0Xma29&CylgsnWf`0ov_qN7}?X#L=S014QH
AUH||9

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png
new file mode 100644
index 0000000000000000000000000000000000000000..3c48e4669dccf145e5a6cd26488311d0a59c963e
GIT binary patch
literal 2580
zcmZ`*3p`W(A0AR!^Gby*Wlg2q?ru9~xy-GQGNCB54a;V>Gd21rk(Fzx5K9+XdAk=i
z^hOsXZ?5%5Eh(48`=*!vm6ZNx(`A33I_GmPzwh^Xe$V&$p7T4OlkDx~stZTLVKA7k
zyBlpibVVtT=~JOI7#sT*x@dswT^(WP8%<t81Dz<h01yV7F<W_P!1ASYVX!HSICOuJ
zzo!Sl<nyo$7C(fI74xDXGz>-&1JEsxEn=X=JZ>Zii0#lS1OVMD!#Ffb1rbHqq5VC*
zQBHgz8)b>Lz~a$VI0}WL2w9=PdYa2uIyACFhl@l}01mf(`*!Sh5|%Fv!x6}2G7e9~
z5s4TGfdOM8MGP?}5;U8b<l8(nHpmomqC^~iBuY6iBZMC<vO}YlLf^NEIz^n&A4-wn
zS6h%loHBzWVDY%0(b!_nFKEilFKI01cUMu-Laxdai-}`%**tcn2!wcqpUOeK{Z9P9
zBE^iT2{Ba@C%jRVl>_V9AfFqpY=LhiM?@u3RE8#pe{^Jm<;3Sj3E3bB(WsVRDeAGw
zc>f<VRO@dV>cPo`wL%W$l%cGPO86?E9-E90_?duuP>rB$J>bm|v$_5>4%ASU3ldb-
zPZN`gPJAw3=o7_YvXzCYC~Bd}Xq8OBuVmB`YD5+j0HZ^;vY8^arv*JT)w}P=2*as`
zDY&1aDbSk$c=B1C&=?v+#HJGQ1WOD7kHHh@1QI~N10)g!HwmLwfimMHWHUs3A)U|X
zQdKT^${~t`h4u-qI^rvtf>W*|wRJVIXjM^Y)l%UQ^V=7I3cqM5>x99ylig_!bbp;1
zKMt4fJ7>JJ;ILPOzClHk$HMIRS>C%~giBc|@_2bL!Xe#-cJ4?vvc;6Pcp=)7w*F-6
zD>^$l++wR^&_0LRhCVvj>8naluWJQ@!c(JX1cmjD9<d#%ePn&17~`;ZxUX~U>6NEo
zW01@3xg~K(ICGssN4H@qu??1DfwEl|C*j#5OcFCBaau>u@tmLe(|zjt=lmAD8F9K5
zv2w|&BUQQk_DbwFU_`H1*4Ziq+?5e~ZLHB92C}(Z8l2)Rv^JG+7dt#3WPb4hE?b9o
zttm47=aAip)I7sR*Yi2MUx-btvqrGPjebPrOI_|jWKE8)z0@B`2D}GvTjopj>gRVo
zYT_5H(8A>$xpkC-G>NZ(_1)3s%7%;UU+wISQ&fILj9<NSiahfjbD7gP*8FmLzKfY;
zZ24pTOEWUq9<Gs$DV^vcdfc<}KzaFD?fDx5o&wXyqRKc@{r0Dp#@1dB<o%fa!K+e*
z8b+;mo=g1^x|K4swykZv-v&}MXEU`)bsZtnTW45aDVfg$>muV*GH83fePfVMWzw>9
z7#AJVXNw{~`%m6P-l?l&QGcB8jxZcdxUqC|uOd+vxLkYTs!r4gSXEJr$H5KbX&NDG
zY&sj78gLF%^8>iW5kPZ@W9wg|7jHGw<vyusMUU~F6Rwrbqba6fP_=%@0eNQc&FM&*
z7unv)@6s-5(P^ta0llYMq<<cr6C%MsKJA=(g8pHO`OxaVkDl8&OdCP&r(=2yMvQrd
zqXr!hf5Lgm@|ptr!4MUh5~B|*K4&gH_s(oZNprp2&4Z+{F<D;QTNbBSl`UZOz%T6E
z;f>kpM@#x*1PIvM?VabvdTI!D6t$xoeu#oS1fSa!D{`x8Qp(|>A`4W>noZ@t8I-NI
zIT}u-W$XI<BlO(QRN4)MA9`qtUyCs-ys;&zW4ADQ@riysXZPd#ai#k$iy4{S*^fTw
zooF*7KdC9w^N^)jNrPWg{p31c$9%P2$cABe=j65>u+kI!jfCa&TUcyb!o*svj+iwP
zYduy+#>GfyCa+A|a(>^Z!T1Dm_2MTT!2ACkN6f9G=drHKbgM3D8j*<4mOE=^<Ra)`
zr5(qpyFB}%f$Q;;U9*U9r|qg4+E(kjv4tsrfD!*mwU+#w6Fjd__<~upB!h_^mufG{
zAgt!wE<<V$cF(^I9vppeu+gMmH@DtyX8^oR<VdA7#)|7T(~Apgqze#6<^v7b>M@t%
zBP~PCC4ota<?lL-BebTsI+Sz?9xW`&X)+r-7I=T#9~BaG(koGXey>dPeO&UPEOW(H
zz;_K-QHzNkmRD<CPYd0MpXqb8-O3$K-EaW;8h?0OPglshYlpi>xS(<RIax;jvOJH1
zVw1Y-)#ktjKY@MWn$(`vp{WkIKCq)N(dXC*dZ40_-qm<Z*jH$4l76{C6n!nC-L<;m
zc7Fhal~uZWM`QcE>vz(gPs_VYZr-2pFmb=1?qG3Ko8Ve$GB3P~{BAM)W`(B5%Y|=e
z8&r`7G+156uSfnHRwO?p+&h|1a|v`h<WZ|BPP>l)1VrluyM$sx&aTY2Vn)yB-S6uK
zmH5ZuK^F}QJkv@l_Zd~59G-fU#%Ya7ObXoGDfyVSU{OipU4y!f_sZT>{zZy^BN-yJ
zM=yJQTo!c419@!N{A?{d;aWJZH@9VY2hj^T#LhD{>{e*|1m#!!y+jbZe-t@uv%t!E
zVBPP}XCw>+wUdq6FWl1g;$nf+H1nPeHys<%qNKCM#tU#avcj%YHukr;e(Gr*Ti%eK
zbSD3y&lYz*&_46a$AH4Vc$<H##tHh<_DIL`^*fuqtpeXvh2Bf-X`+3R5=(6Z@|p^o
pC}+GPo)NS+Oue$}_;}$LEy}$q4?22lrYV2b+?~B>=N*F+{s#$63_Ab-

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png
new file mode 100644
index 0000000000000000000000000000000000000000..aa512048d8fe96fc4b37db81fc5354a80b191bdd
GIT binary patch
literal 2448
zcmZ{m2|QHY8^?zk%2pAglrf@DWj16PGnO$zqR6fo%P@nPJI!3pq(Tvyx4bCtL{YZ4
zNhMmeP_Gu!Sh7U2Z;2u;gi`%yq&I(W-TOKBp7T7v?|IJioO?c>o4DP{RzY^9ECd2k
zu(u<*h~98<TP!VlvLhqMMK1}qi!BjSSf?>88pts1yx0(k+;VY~fMlFjgFv7HnyV-1
z>9`da2+&dfK|lZn#icVvY6t|+#fiFf3g{2#(!&{S9G8HYRp3N@u^Ekk&q}~B0>aaA
zJKP#zQQ(_UhA0feTow+8<5@w$I2Y39Ib1X%AgCb7#G%m~4hO|CKmn`}G}hGA6phhG
z>+2&$3M6|k1N7%28EozEll+*6L}3TAXiSg>FyP{O{R4mqkbppl1O0o=t&`6DHxPq8
zmz5|#G}oVr#-cFjUqK)(_~-Kej}m)+i&40=-(X_TcWky8-`9v2RTSq41kr-`lKer6
zxjqKF35mrZF<4iu0S=4785!fz3p777oTaT<6n_w4xdK4A`F0wY5>6Kn;RYzt{hgh!
zm<NmVz-?pED53(3%V>_pqyJ-DsJ8~_OcsUB7V9_7>F3)P>Rl*oAUr}my&HoDn(NOY
z3(N~Cub+N%;~&g?<3hmmSHOJZJV3k=xY<g1l4x`aV>TB9QIuag7J}A5IKbM$^be$n
z>otqaGc8olhVlAcn0byl5RVpr%k#eN?+0hrDmpplvZ5XRaSF|4EBG4+AP}j8_9QD;
zPnimjuy9u!<*$QX^!1?w&KK6hny7}^R^tgdYe|WMxCD^j79YC30haudp~btLr)YI7
zzujG@4VDX6@@nraaV6#U+B(7lVLDUQq*&!Vymy*QTc=qRdo1(go6$xO;^~39e*B;r
zd$1<`mgECuL&Y>ENKsEOu6#5(KnZ?1qWKB&h*45Bj3oKj^d?~-Ki=TFnv0-dilNrx
zE+oM0ses}Tf~=ZX^FGzSbg>o(p5AfvSZzqt-r?MFnLA~#Y>cfkoQbI22b+0!11y$Q
zo5YP28eMGvcBA%!{EK^r4Bepz<HTg#WGg7~zCsmrx=gY;{36qL(qPpxg{}%WLuab&
zuJ&5{u=>?p=&68A@7?t!x`xNffd+#QyKbqD=Lz2un=GR49F%^l{3JnVvhDN6dftf%
z6C=Z{w;Pv)?c9Z5QM9LN)va+McICukgu=P9+wq(jdbZi;axHVBExAr`ulZr`Cunk|
z{2|SAicL2Kunoa4xmf6dSfMQtlL+gqtkUJ?`Fm*sd6{jgc+bbu1)1fo9p~!XqbySU
z7S$1;{kknFU-PoAbVGyPRW9kBz25zx?3#<*(VK1?ucaP)daB~G{H~BaWXBnei>`_<
zzw&)Oc~p$xWrVx{mF0AQ`Aj60qMrNtimICPg{0w|GMYO={=Q(#gOjPc!d20|lE$WB
zvC2M&t<4<y<o6NYm3Lc{?D{yiRON`#KBQsxiHyc(cdMw>bv-8ucXcl(&2+b(;T=Dp
z&kMF3T~QQswAyZh;r!4!jXI<rIcD=}15;{5O{;=;xBo^?AwM0wYVgl~@9WY*tn53H
zi9mwTJ1HRkwysG+@>r>cR3R^vqkqz8B&ATYbN8NoRhfqiQWN7d+f{ZfRx!~=H`Kdk
zjXgO(<nYMk*htpf7#X*ZuqBNax+GSXRS(gpO6d|bE&)-t`gY33=|chigq)<;Qtkn6
z)ly44n<9!~ve0X5y9Wor4@Mu-+H#1MgY>GUBi1y%w8~2x)aA4*K%`vbP}1v3@_`xQ
z8Wk#Ad+nJN^rPp~UBIZ>AG+@vY58PH`eW^)rUJSAq*Lh~_MQ6<^n`MyB`(%lj;)i)
zZrU9ctveE8cE`1cAi0(Kcx!G8U$A7&+2U2swO5e?fdj)wJOUVgh4(WantA|Ln=`*S
ztvRC+?sxW{hK?36L0fKFqf_I2$YNX8ik*oCf<LuR3p`@2{y0%r0zIb|$Lwf0MKE=I
zoLckjeNMt4!IyXOk@tY!(ehA&+O@QvFd@p&QrQ2-^2M94O7<GP?_But-seAo@1Ujl
zV(Hfbqu$iF?l@1SM+$%E94IL|Yy&-kcqdK#XUlELiIu%7Ze=F-70&EU^cZ<oSDID!
z{4`cdz4ZyQM=`d@j=SvDmXCb9)5Bg-TdqXE@P3a^j&xcYAAa0aOBlp9y|n*kmhsLT
z*OM{Q!7bJ5>xPE7e@!Lq$3N3%5$-!iPjk}~H1(e3JW8|mni?ect|u$@skp0p+~#p2
z4my5tS6Nh=LMbqt*|yXRvpGY3;tZD>%PDQ+v$J1;UwDrPQ92`P%L>1xf9agLLaSNx
zv~E@INg5?$#8BS4!k+IiW(hZ)NpNs$Sl#i^c=fL7)VhmF61<F8$dE6KkY!8H7k>(7
z4@BH4{JPGwMQO=&<?-sG5*qna%ayK=o!e3JS5w%2w%f+~PHAU9A3m7BCO>{E$)~qW
z&a75NaAbno>wLYT&*x@oEzE=8<q!IDA)yYPjbjovt;;O7K)29zmM_zk??2v6_GwT?
z;``h?HSgoXV=si5lIrCO2OTD3Hc$CQZ@s3d9$gFTp5EW?H{oYMj|;W^%$D6>RUSnb
lg!m33->y9S*<*Ne#$rJETbE67eU<n($==3^R7fNr`X9y%0hj;)

literal 0
HcmV?d00001

diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js
new file mode 100644
index 0000000..393900d
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js
@@ -0,0 +1 @@
+window.Duo=function(e,t){var i=/^(?:AUTH|ENROLL)+\|[A-Za-z0-9\+\/=]+\|[A-Za-z0-9\+\/=]+$/;var o=/^ERR\|[\w\s\.\(\)]+$/;var n="duo_iframe",a="",s="sig_response",r,f,u,d,m,c;function h(e,t){throw new Error("Duo Web SDK error: "+e+(t?"\n"+"See "+t+" for more information":""))}function g(e){return e.replace(/([a-z])([A-Z])/,"$1-$2").toLowerCase()}function l(e,t){if("dataset"in e){return e.dataset[t]}else{return e.getAttribute("data-"+g(t))}}function p(e,i,o,n){if("addEventListener"in t){e.addEventListener(i,n,false)}else{e.attachEvent(o,n)}}function w(e,i,o,n){if("removeEventListener"in t){e.removeEventListener(i,n,false)}else{e.detachEvent(o,n)}}function v(t){p(e,"DOMContentLoaded","onreadystatechange",t)}function b(t){w(e,"DOMContentLoaded","onreadystatechange",t)}function E(e){p(t,"message","onmessage",e)}function _(e){w(t,"message","onmessage",e)}function y(e){if(!e){return}if(e.indexOf("ERR|")===0){h(e.split("|")[1])}if(e.indexOf(":")===-1||e.split(":").length!==2){h("Duo was given a bad token.  This might indicate a configuration "+"problem with one of Duo's client libraries.","https://www.duosecurity.com/docs/duoweb#first-steps")}var t=e.split(":");f=e;u=t[0];d=t[1];return{sigRequest:e,duoSig:t[0],appSig:t[1]}}function D(){m=e.getElementById(n);if(!m){throw new Error("This page does not contain an iframe for Duo to use."+'Add an element like <iframe id="duo_iframe"></iframe> '+"to this page.  "+"See https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe "+"for more information.")}B();b(D)}function A(e){return Boolean(e.origin==="https://"+r&&typeof e.data==="string"&&(e.data.match(i)||e.data.match(o)))}function L(t){if(t){if(t.host){r=t.host}if(t.sig_request){y(t.sig_request)}if(t.post_action){a=t.post_action}if(t.post_argument){s=t.post_argument}if(t.iframe){if("tagName"in t.iframe){m=t.iframe}else if(typeof t.iframe==="string"){n=t.iframe}}if(typeof t.submit_callback==="function"){c=t.submit_callback}}if(m){B()}else{m=e.getElementById(n);if(m){B()}else{v(D)}}b(L)}function q(e){if(A(e)){R(e.data);_(q)}}function B(){if(!r){r=l(m,"host");if(!r){h("No API hostname is given for Duo to use.  Be sure to pass "+"a `host` parameter to Duo.init, or through the `data-host` "+"attribute on the iframe element.","https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe")}}if(!u||!d){y(l(m,"sigRequest"));if(!u||!d){h("No valid signed request is given.  Be sure to give the "+"`sig_request` parameter to Duo.init, or use the "+"`data-sig-request` attribute on the iframe element.","https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe")}}if(a===""){a=l(m,"postAction")||a}if(s==="sig_response"){s=l(m,"postArgument")||s}m.src=["https://",r,"/frame/web/v1/auth?tx=",u,"&parent=",encodeURIComponent(e.location.href),"&v=2.3"].join("");E(q)}function R(t){var i=e.createElement("input");i.type="hidden";i.name=s;i.value=t+":"+d;var o=e.getElementById("duo_form");if(!o){o=e.createElement("form");m.parentElement.insertBefore(o,m.nextSibling)}o.method="POST";o.action=a;o.appendChild(i);if(typeof c==="function"){c.call(null,o)}else{o.submit()}}v(L);return{init:L,_parseSigRequest:y,_isDuoMessage:A,_doPostBack:R}}(document,window);
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js
new file mode 100644
index 0000000..49990d6
--- /dev/null
+++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js
@@ -0,0 +1,4 @@
+/*! jQuery v2.1.4 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */
+!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor(null)},push:f,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){return!n.isArray(a)&&a-parseFloat(a)+1>=0},isPlainObject:function(a){return"object"!==n.type(a)||a.nodeType||n.isWindow(a)?!1:a.constructor&&!j.call(a.constructor.prototype,"isPrototypeOf")?!1:!0},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?h[i.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=l.createElement("script"),b.text=a,l.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b,c){var d,e=0,f=a.length,g=s(a);if(c){if(g){for(;f>e;e++)if(d=b.apply(a[e],c),d===!1)break}else for(e in a)if(d=b.apply(a[e],c),d===!1)break}else if(g){for(;f>e;e++)if(d=b.call(a[e],e,a[e]),d===!1)break}else for(e in a)if(d=b.call(a[e],e,a[e]),d===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):f.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:g.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,f=0,g=a.length,h=s(a),i=[];if(h)for(;g>f;f++)d=b(a[f],f,c),null!=d&&i.push(d);else for(f in a)d=b(a[f],f,c),null!=d&&i.push(d);return e.apply([],i)},guid:1,proxy:function(a,b){var c,e,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(e=d.call(arguments,2),f=function(){return a.apply(b||this,e.concat(d.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:k}),n.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(a,b){h["[object "+b+"]"]=b.toLowerCase()});function s(a){var b="length"in a&&a.length,c=n.type(a);return"function"===c||n.isWindow(a)?!1:1===a.nodeType&&b?!0:"array"===c||0===b||"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ha(),z=ha(),A=ha(),B=function(a,b){return a===b&&(l=!0),0},C=1<<31,D={}.hasOwnProperty,E=[],F=E.pop,G=E.push,H=E.push,I=E.slice,J=function(a,b){for(var c=0,d=a.length;d>c;c++)if(a[c]===b)return c;return-1},K="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",L="[\\x20\\t\\r\\n\\f]",M="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",N=M.replace("w","w#"),O="\\["+L+"*("+M+")(?:"+L+"*([*^$|!~]?=)"+L+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+N+"))|)"+L+"*\\]",P=":("+M+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+O+")*)|.*)\\)|)",Q=new RegExp(L+"+","g"),R=new RegExp("^"+L+"+|((?:^|[^\\\\])(?:\\\\.)*)"+L+"+$","g"),S=new RegExp("^"+L+"*,"+L+"*"),T=new RegExp("^"+L+"*([>+~]|"+L+")"+L+"*"),U=new RegExp("="+L+"*([^\\]'\"]*?)"+L+"*\\]","g"),V=new RegExp(P),W=new RegExp("^"+N+"$"),X={ID:new RegExp("^#("+M+")"),CLASS:new RegExp("^\\.("+M+")"),TAG:new RegExp("^("+M.replace("w","w*")+")"),ATTR:new RegExp("^"+O),PSEUDO:new RegExp("^"+P),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+L+"*(even|odd|(([+-]|)(\\d*)n|)"+L+"*(?:([+-]|)"+L+"*(\\d+)|))"+L+"*\\)|)","i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+L+"*((?:-\\d)?\\d*)"+L+"*\\)|)(?=[^-]|$)","i")},Y=/^(?:input|select|textarea|button)$/i,Z=/^h\d$/i,$=/^[^{]+\{\s*\[native \w/,_=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,aa=/[+~]/,ba=/'|\\/g,ca=new RegExp("\\\\([\\da-f]{1,6}"+L+"?|("+L+")|.)","ig"),da=function(a,b,c){var d="0x"+b-65536;return d!==d||c?b:0>d?String.fromCharCode(d+65536):String.fromCharCode(d>>10|55296,1023&d|56320)},ea=function(){m()};try{H.apply(E=I.call(v.childNodes),v.childNodes),E[v.childNodes.length].nodeType}catch(fa){H={apply:E.length?function(a,b){G.apply(a,I.call(b))}:function(a,b){var c=a.length,d=0;while(a[c++]=b[d++]);a.length=c-1}}}function ga(a,b,d,e){var f,h,j,k,l,o,r,s,w,x;if((b?b.ownerDocument||b:v)!==n&&m(b),b=b||n,d=d||[],k=b.nodeType,"string"!=typeof a||!a||1!==k&&9!==k&&11!==k)return d;if(!e&&p){if(11!==k&&(f=_.exec(a)))if(j=f[1]){if(9===k){if(h=b.getElementById(j),!h||!h.parentNode)return d;if(h.id===j)return d.push(h),d}else if(b.ownerDocument&&(h=b.ownerDocument.getElementById(j))&&t(b,h)&&h.id===j)return d.push(h),d}else{if(f[2])return H.apply(d,b.getElementsByTagName(a)),d;if((j=f[3])&&c.getElementsByClassName)return H.apply(d,b.getElementsByClassName(j)),d}if(c.qsa&&(!q||!q.test(a))){if(s=r=u,w=b,x=1!==k&&a,1===k&&"object"!==b.nodeName.toLowerCase()){o=g(a),(r=b.getAttribute("id"))?s=r.replace(ba,"\\$&"):b.setAttribute("id",s),s="[id='"+s+"'] ",l=o.length;while(l--)o[l]=s+ra(o[l]);w=aa.test(a)&&pa(b.parentNode)||b,x=o.join(",")}if(x)try{return H.apply(d,w.querySelectorAll(x)),d}catch(y){}finally{r||b.removeAttribute("id")}}}return i(a.replace(R,"$1"),b,d,e)}function ha(){var a=[];function b(c,e){return a.push(c+" ")>d.cacheLength&&delete b[a.shift()],b[c+" "]=e}return b}function ia(a){return a[u]=!0,a}function ja(a){var b=n.createElement("div");try{return!!a(b)}catch(c){return!1}finally{b.parentNode&&b.parentNode.removeChild(b),b=null}}function ka(a,b){var c=a.split("|"),e=a.length;while(e--)d.attrHandle[c[e]]=b}function la(a,b){var c=b&&a,d=c&&1===a.nodeType&&1===b.nodeType&&(~b.sourceIndex||C)-(~a.sourceIndex||C);if(d)return d;if(c)while(c=c.nextSibling)if(c===b)return-1;return a?1:-1}function ma(a){return function(b){var c=b.nodeName.toLowerCase();return"input"===c&&b.type===a}}function na(a){return function(b){var c=b.nodeName.toLowerCase();return("input"===c||"button"===c)&&b.type===a}}function oa(a){return ia(function(b){return b=+b,ia(function(c,d){var e,f=a([],c.length,b),g=f.length;while(g--)c[e=f[g]]&&(c[e]=!(d[e]=c[e]))})})}function pa(a){return a&&"undefined"!=typeof a.getElementsByTagName&&a}c=ga.support={},f=ga.isXML=function(a){var b=a&&(a.ownerDocument||a).documentElement;return b?"HTML"!==b.nodeName:!1},m=ga.setDocument=function(a){var b,e,g=a?a.ownerDocument||a:v;return g!==n&&9===g.nodeType&&g.documentElement?(n=g,o=g.documentElement,e=g.defaultView,e&&e!==e.top&&(e.addEventListener?e.addEventListener("unload",ea,!1):e.attachEvent&&e.attachEvent("onunload",ea)),p=!f(g),c.attributes=ja(function(a){return a.className="i",!a.getAttribute("className")}),c.getElementsByTagName=ja(function(a){return a.appendChild(g.createComment("")),!a.getElementsByTagName("*").length}),c.getElementsByClassName=$.test(g.getElementsByClassName),c.getById=ja(function(a){return o.appendChild(a).id=u,!g.getElementsByName||!g.getElementsByName(u).length}),c.getById?(d.find.ID=function(a,b){if("undefined"!=typeof b.getElementById&&p){var c=b.getElementById(a);return c&&c.parentNode?[c]:[]}},d.filter.ID=function(a){var b=a.replace(ca,da);return function(a){return a.getAttribute("id")===b}}):(delete d.find.ID,d.filter.ID=function(a){var b=a.replace(ca,da);return function(a){var c="undefined"!=typeof a.getAttributeNode&&a.getAttributeNode("id");return c&&c.value===b}}),d.find.TAG=c.getElementsByTagName?function(a,b){return"undefined"!=typeof b.getElementsByTagName?b.getElementsByTagName(a):c.qsa?b.querySelectorAll(a):void 0}:function(a,b){var c,d=[],e=0,f=b.getElementsByTagName(a);if("*"===a){while(c=f[e++])1===c.nodeType&&d.push(c);return d}return f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return p?b.getElementsByClassName(a):void 0},r=[],q=[],(c.qsa=$.test(g.querySelectorAll))&&(ja(function(a){o.appendChild(a).innerHTML="<a id='"+u+"'></a><select id='"+u+"-\f]' msallowcapture=''><option selected=''></option></select>",a.querySelectorAll("[msallowcapture^='']").length&&q.push("[*^$]="+L+"*(?:''|\"\")"),a.querySelectorAll("[selected]").length||q.push("\\["+L+"*(?:value|"+K+")"),a.querySelectorAll("[id~="+u+"-]").length||q.push("~="),a.querySelectorAll(":checked").length||q.push(":checked"),a.querySelectorAll("a#"+u+"+*").length||q.push(".#.+[+~]")}),ja(function(a){var b=g.createElement("input");b.setAttribute("type","hidden"),a.appendChild(b).setAttribute("name","D"),a.querySelectorAll("[name=d]").length&&q.push("name"+L+"*[*^$|!~]?="),a.querySelectorAll(":enabled").length||q.push(":enabled",":disabled"),a.querySelectorAll("*,:x"),q.push(",.*:")})),(c.matchesSelector=$.test(s=o.matches||o.webkitMatchesSelector||o.mozMatchesSelector||o.oMatchesSelector||o.msMatchesSelector))&&ja(function(a){c.disconnectedMatch=s.call(a,"div"),s.call(a,"[s!='']:x"),r.push("!=",P)}),q=q.length&&new RegExp(q.join("|")),r=r.length&&new RegExp(r.join("|")),b=$.test(o.compareDocumentPosition),t=b||$.test(o.contains)?function(a,b){var c=9===a.nodeType?a.documentElement:a,d=b&&b.parentNode;return a===d||!(!d||1!==d.nodeType||!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},B=b?function(a,b){if(a===b)return l=!0,0;var d=!a.compareDocumentPosition-!b.compareDocumentPosition;return d?d:(d=(a.ownerDocument||a)===(b.ownerDocument||b)?a.compareDocumentPosition(b):1,1&d||!c.sortDetached&&b.compareDocumentPosition(a)===d?a===g||a.ownerDocument===v&&t(v,a)?-1:b===g||b.ownerDocument===v&&t(v,b)?1:k?J(k,a)-J(k,b):0:4&d?-1:1)}:function(a,b){if(a===b)return l=!0,0;var c,d=0,e=a.parentNode,f=b.parentNode,h=[a],i=[b];if(!e||!f)return a===g?-1:b===g?1:e?-1:f?1:k?J(k,a)-J(k,b):0;if(e===f)return la(a,b);c=a;while(c=c.parentNode)h.unshift(c);c=b;while(c=c.parentNode)i.unshift(c);while(h[d]===i[d])d++;return d?la(h[d],i[d]):h[d]===v?-1:i[d]===v?1:0},g):n},ga.matches=function(a,b){return ga(a,null,null,b)},ga.matchesSelector=function(a,b){if((a.ownerDocument||a)!==n&&m(a),b=b.replace(U,"='$1']"),!(!c.matchesSelector||!p||r&&r.test(b)||q&&q.test(b)))try{var d=s.call(a,b);if(d||c.disconnectedMatch||a.document&&11!==a.document.nodeType)return d}catch(e){}return ga(b,n,null,[a]).length>0},ga.contains=function(a,b){return(a.ownerDocument||a)!==n&&m(a),t(a,b)},ga.attr=function(a,b){(a.ownerDocument||a)!==n&&m(a);var e=d.attrHandle[b.toLowerCase()],f=e&&D.call(d.attrHandle,b.toLowerCase())?e(a,b,!p):void 0;return void 0!==f?f:c.attributes||!p?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},ga.error=function(a){throw new Error("Syntax error, unrecognized expression: "+a)},ga.uniqueSort=function(a){var b,d=[],e=0,f=0;if(l=!c.detectDuplicates,k=!c.sortStable&&a.slice(0),a.sort(B),l){while(b=a[f++])b===a[f]&&(e=d.push(f));while(e--)a.splice(d[e],1)}return k=null,a},e=ga.getText=function(a){var b,c="",d=0,f=a.nodeType;if(f){if(1===f||9===f||11===f){if("string"==typeof a.textContent)return a.textContent;for(a=a.firstChild;a;a=a.nextSibling)c+=e(a)}else if(3===f||4===f)return a.nodeValue}else while(b=a[d++])c+=e(b);return c},d=ga.selectors={cacheLength:50,createPseudo:ia,match:X,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(a){return a[1]=a[1].replace(ca,da),a[3]=(a[3]||a[4]||a[5]||"").replace(ca,da),"~="===a[2]&&(a[3]=" "+a[3]+" "),a.slice(0,4)},CHILD:function(a){return a[1]=a[1].toLowerCase(),"nth"===a[1].slice(0,3)?(a[3]||ga.error(a[0]),a[4]=+(a[4]?a[5]+(a[6]||1):2*("even"===a[3]||"odd"===a[3])),a[5]=+(a[7]+a[8]||"odd"===a[3])):a[3]&&ga.error(a[0]),a},PSEUDO:function(a){var b,c=!a[6]&&a[2];return X.CHILD.test(a[0])?null:(a[3]?a[2]=a[4]||a[5]||"":c&&V.test(c)&&(b=g(c,!0))&&(b=c.indexOf(")",c.length-b)-c.length)&&(a[0]=a[0].slice(0,b),a[2]=c.slice(0,b)),a.slice(0,3))}},filter:{TAG:function(a){var b=a.replace(ca,da).toLowerCase();return"*"===a?function(){return!0}:function(a){return a.nodeName&&a.nodeName.toLowerCase()===b}},CLASS:function(a){var b=y[a+" "];return b||(b=new RegExp("(^|"+L+")"+a+"("+L+"|$)"))&&y(a,function(a){return b.test("string"==typeof a.className&&a.className||"undefined"!=typeof a.getAttribute&&a.getAttribute("class")||"")})},ATTR:function(a,b,c){return function(d){var e=ga.attr(d,a);return null==e?"!="===b:b?(e+="","="===b?e===c:"!="===b?e!==c:"^="===b?c&&0===e.indexOf(c):"*="===b?c&&e.indexOf(c)>-1:"$="===b?c&&e.slice(-c.length)===c:"~="===b?(" "+e.replace(Q," ")+" ").indexOf(c)>-1:"|="===b?e===c||e.slice(0,c.length+1)===c+"-":!1):!0}},CHILD:function(a,b,c,d,e){var f="nth"!==a.slice(0,3),g="last"!==a.slice(-4),h="of-type"===b;return 1===d&&0===e?function(a){return!!a.parentNode}:function(b,c,i){var j,k,l,m,n,o,p=f!==g?"nextSibling":"previousSibling",q=b.parentNode,r=h&&b.nodeName.toLowerCase(),s=!i&&!h;if(q){if(f){while(p){l=b;while(l=l[p])if(h?l.nodeName.toLowerCase()===r:1===l.nodeType)return!1;o=p="only"===a&&!o&&"nextSibling"}return!0}if(o=[g?q.firstChild:q.lastChild],g&&s){k=q[u]||(q[u]={}),j=k[a]||[],n=j[0]===w&&j[1],m=j[0]===w&&j[2],l=n&&q.childNodes[n];while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if(1===l.nodeType&&++m&&l===b){k[a]=[w,n,m];break}}else if(s&&(j=(b[u]||(b[u]={}))[a])&&j[0]===w)m=j[1];else while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if((h?l.nodeName.toLowerCase()===r:1===l.nodeType)&&++m&&(s&&((l[u]||(l[u]={}))[a]=[w,m]),l===b))break;return m-=e,m===d||m%d===0&&m/d>=0}}},PSEUDO:function(a,b){var c,e=d.pseudos[a]||d.setFilters[a.toLowerCase()]||ga.error("unsupported pseudo: "+a);return e[u]?e(b):e.length>1?(c=[a,a,"",b],d.setFilters.hasOwnProperty(a.toLowerCase())?ia(function(a,c){var d,f=e(a,b),g=f.length;while(g--)d=J(a,f[g]),a[d]=!(c[d]=f[g])}):function(a){return e(a,0,c)}):e}},pseudos:{not:ia(function(a){var b=[],c=[],d=h(a.replace(R,"$1"));return d[u]?ia(function(a,b,c,e){var f,g=d(a,null,e,[]),h=a.length;while(h--)(f=g[h])&&(a[h]=!(b[h]=f))}):function(a,e,f){return b[0]=a,d(b,null,f,c),b[0]=null,!c.pop()}}),has:ia(function(a){return function(b){return ga(a,b).length>0}}),contains:ia(function(a){return a=a.replace(ca,da),function(b){return(b.textContent||b.innerText||e(b)).indexOf(a)>-1}}),lang:ia(function(a){return W.test(a||"")||ga.error("unsupported lang: "+a),a=a.replace(ca,da).toLowerCase(),function(b){var c;do if(c=p?b.lang:b.getAttribute("xml:lang")||b.getAttribute("lang"))return c=c.toLowerCase(),c===a||0===c.indexOf(a+"-");while((b=b.parentNode)&&1===b.nodeType);return!1}}),target:function(b){var c=a.location&&a.location.hash;return c&&c.slice(1)===b.id},root:function(a){return a===o},focus:function(a){return a===n.activeElement&&(!n.hasFocus||n.hasFocus())&&!!(a.type||a.href||~a.tabIndex)},enabled:function(a){return a.disabled===!1},disabled:function(a){return a.disabled===!0},checked:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&!!a.checked||"option"===b&&!!a.selected},selected:function(a){return a.parentNode&&a.parentNode.selectedIndex,a.selected===!0},empty:function(a){for(a=a.firstChild;a;a=a.nextSibling)if(a.nodeType<6)return!1;return!0},parent:function(a){return!d.pseudos.empty(a)},header:function(a){return Z.test(a.nodeName)},input:function(a){return Y.test(a.nodeName)},button:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&"button"===a.type||"button"===b},text:function(a){var b;return"input"===a.nodeName.toLowerCase()&&"text"===a.type&&(null==(b=a.getAttribute("type"))||"text"===b.toLowerCase())},first:oa(function(){return[0]}),last:oa(function(a,b){return[b-1]}),eq:oa(function(a,b,c){return[0>c?c+b:c]}),even:oa(function(a,b){for(var c=0;b>c;c+=2)a.push(c);return a}),odd:oa(function(a,b){for(var c=1;b>c;c+=2)a.push(c);return a}),lt:oa(function(a,b,c){for(var d=0>c?c+b:c;--d>=0;)a.push(d);return a}),gt:oa(function(a,b,c){for(var d=0>c?c+b:c;++d<b;)a.push(d);return a})}},d.pseudos.nth=d.pseudos.eq;for(b in{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})d.pseudos[b]=ma(b);for(b in{submit:!0,reset:!0})d.pseudos[b]=na(b);function qa(){}qa.prototype=d.filters=d.pseudos,d.setFilters=new qa,g=ga.tokenize=function(a,b){var c,e,f,g,h,i,j,k=z[a+" "];if(k)return b?0:k.slice(0);h=a,i=[],j=d.preFilter;while(h){(!c||(e=S.exec(h)))&&(e&&(h=h.slice(e[0].length)||h),i.push(f=[])),c=!1,(e=T.exec(h))&&(c=e.shift(),f.push({value:c,type:e[0].replace(R," ")}),h=h.slice(c.length));for(g in d.filter)!(e=X[g].exec(h))||j[g]&&!(e=j[g](e))||(c=e.shift(),f.push({value:c,type:g,matches:e}),h=h.slice(c.length));if(!c)break}return b?h.length:h?ga.error(a):z(a,i).slice(0)};function ra(a){for(var b=0,c=a.length,d="";c>b;b++)d+=a[b].value;return d}function sa(a,b,c){var d=b.dir,e=c&&"parentNode"===d,f=x++;return b.first?function(b,c,f){while(b=b[d])if(1===b.nodeType||e)return a(b,c,f)}:function(b,c,g){var h,i,j=[w,f];if(g){while(b=b[d])if((1===b.nodeType||e)&&a(b,c,g))return!0}else while(b=b[d])if(1===b.nodeType||e){if(i=b[u]||(b[u]={}),(h=i[d])&&h[0]===w&&h[1]===f)return j[2]=h[2];if(i[d]=j,j[2]=a(b,c,g))return!0}}}function ta(a){return a.length>1?function(b,c,d){var e=a.length;while(e--)if(!a[e](b,c,d))return!1;return!0}:a[0]}function ua(a,b,c){for(var d=0,e=b.length;e>d;d++)ga(a,b[d],c);return c}function va(a,b,c,d,e){for(var f,g=[],h=0,i=a.length,j=null!=b;i>h;h++)(f=a[h])&&(!c||c(f,d,e))&&(g.push(f),j&&b.push(h));return g}function wa(a,b,c,d,e,f){return d&&!d[u]&&(d=wa(d)),e&&!e[u]&&(e=wa(e,f)),ia(function(f,g,h,i){var j,k,l,m=[],n=[],o=g.length,p=f||ua(b||"*",h.nodeType?[h]:h,[]),q=!a||!f&&b?p:va(p,m,a,h,i),r=c?e||(f?a:o||d)?[]:g:q;if(c&&c(q,r,h,i),d){j=va(r,n),d(j,[],h,i),k=j.length;while(k--)(l=j[k])&&(r[n[k]]=!(q[n[k]]=l))}if(f){if(e||a){if(e){j=[],k=r.length;while(k--)(l=r[k])&&j.push(q[k]=l);e(null,r=[],j,i)}k=r.length;while(k--)(l=r[k])&&(j=e?J(f,l):m[k])>-1&&(f[j]=!(g[j]=l))}}else r=va(r===g?r.splice(o,r.length):r),e?e(null,g,r,i):H.apply(g,r)})}function xa(a){for(var b,c,e,f=a.length,g=d.relative[a[0].type],h=g||d.relative[" "],i=g?1:0,k=sa(function(a){return a===b},h,!0),l=sa(function(a){return J(b,a)>-1},h,!0),m=[function(a,c,d){var e=!g&&(d||c!==j)||((b=c).nodeType?k(a,c,d):l(a,c,d));return b=null,e}];f>i;i++)if(c=d.relative[a[i].type])m=[sa(ta(m),c)];else{if(c=d.filter[a[i].type].apply(null,a[i].matches),c[u]){for(e=++i;f>e;e++)if(d.relative[a[e].type])break;return wa(i>1&&ta(m),i>1&&ra(a.slice(0,i-1).concat({value:" "===a[i-2].type?"*":""})).replace(R,"$1"),c,e>i&&xa(a.slice(i,e)),f>e&&xa(a=a.slice(e)),f>e&&ra(a))}m.push(c)}return ta(m)}function ya(a,b){var c=b.length>0,e=a.length>0,f=function(f,g,h,i,k){var l,m,o,p=0,q="0",r=f&&[],s=[],t=j,u=f||e&&d.find.TAG("*",k),v=w+=null==t?1:Math.random()||.1,x=u.length;for(k&&(j=g!==n&&g);q!==x&&null!=(l=u[q]);q++){if(e&&l){m=0;while(o=a[m++])if(o(l,g,h)){i.push(l);break}k&&(w=v)}c&&((l=!o&&l)&&p--,f&&r.push(l))}if(p+=q,c&&q!==p){m=0;while(o=b[m++])o(r,s,g,h);if(f){if(p>0)while(q--)r[q]||s[q]||(s[q]=F.call(i));s=va(s)}H.apply(i,s),k&&!f&&s.length>0&&p+b.length>1&&ga.uniqueSort(i)}return k&&(w=v,j=t),r};return c?ia(f):f}return h=ga.compile=function(a,b){var c,d=[],e=[],f=A[a+" "];if(!f){b||(b=g(a)),c=b.length;while(c--)f=xa(b[c]),f[u]?d.push(f):e.push(f);f=A(a,ya(e,d)),f.selector=a}return f},i=ga.select=function(a,b,e,f){var i,j,k,l,m,n="function"==typeof a&&a,o=!f&&g(a=n.selector||a);if(e=e||[],1===o.length){if(j=o[0]=o[0].slice(0),j.length>2&&"ID"===(k=j[0]).type&&c.getById&&9===b.nodeType&&p&&d.relative[j[1].type]){if(b=(d.find.ID(k.matches[0].replace(ca,da),b)||[])[0],!b)return e;n&&(b=b.parentNode),a=a.slice(j.shift().value.length)}i=X.needsContext.test(a)?0:j.length;while(i--){if(k=j[i],d.relative[l=k.type])break;if((m=d.find[l])&&(f=m(k.matches[0].replace(ca,da),aa.test(j[0].type)&&pa(b.parentNode)||b))){if(j.splice(i,1),a=f.length&&ra(j),!a)return H.apply(e,f),e;break}}}return(n||h(a,o))(f,b,!p,e,aa.test(a)&&pa(b.parentNode)||b),e},c.sortStable=u.split("").sort(B).join("")===u,c.detectDuplicates=!!l,m(),c.sortDetached=ja(function(a){return 1&a.compareDocumentPosition(n.createElement("div"))}),ja(function(a){return a.innerHTML="<a href='#'></a>","#"===a.firstChild.getAttribute("href")})||ka("type|href|height|width",function(a,b,c){return c?void 0:a.getAttribute(b,"type"===b.toLowerCase()?1:2)}),c.attributes&&ja(function(a){return a.innerHTML="<input/>",a.firstChild.setAttribute("value",""),""===a.firstChild.getAttribute("value")})||ka("value",function(a,b,c){return c||"input"!==a.nodeName.toLowerCase()?void 0:a.defaultValue}),ja(function(a){return null==a.getAttribute("disabled")})||ka(K,function(a,b,c){var d;return c?void 0:a[b]===!0?b.toLowerCase():(d=a.getAttributeNode(b))&&d.specified?d.value:null}),ga}(a);n.find=t,n.expr=t.selectors,n.expr[":"]=n.expr.pseudos,n.unique=t.uniqueSort,n.text=t.getText,n.isXMLDoc=t.isXML,n.contains=t.contains;var u=n.expr.match.needsContext,v=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,w=/^.[^:#\[\.,]*$/;function x(a,b,c){if(n.isFunction(b))return n.grep(a,function(a,d){return!!b.call(a,d,a)!==c});if(b.nodeType)return n.grep(a,function(a){return a===b!==c});if("string"==typeof b){if(w.test(b))return n.filter(b,a,c);b=n.filter(b,a)}return n.grep(a,function(a){return g.call(b,a)>=0!==c})}n.filter=function(a,b,c){var d=b[0];return c&&(a=":not("+a+")"),1===b.length&&1===d.nodeType?n.find.matchesSelector(d,a)?[d]:[]:n.find.matches(a,n.grep(b,function(a){return 1===a.nodeType}))},n.fn.extend({find:function(a){var b,c=this.length,d=[],e=this;if("string"!=typeof a)return this.pushStack(n(a).filter(function(){for(b=0;c>b;b++)if(n.contains(e[b],this))return!0}));for(b=0;c>b;b++)n.find(a,e[b],d);return d=this.pushStack(c>1?n.unique(d):d),d.selector=this.selector?this.selector+" "+a:a,d},filter:function(a){return this.pushStack(x(this,a||[],!1))},not:function(a){return this.pushStack(x(this,a||[],!0))},is:function(a){return!!x(this,"string"==typeof a&&u.test(a)?n(a):a||[],!1).length}});var y,z=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,A=n.fn.init=function(a,b){var c,d;if(!a)return this;if("string"==typeof a){if(c="<"===a[0]&&">"===a[a.length-1]&&a.length>=3?[null,a,null]:z.exec(a),!c||!c[1]&&b)return!b||b.jquery?(b||y).find(a):this.constructor(b).find(a);if(c[1]){if(b=b instanceof n?b[0]:b,n.merge(this,n.parseHTML(c[1],b&&b.nodeType?b.ownerDocument||b:l,!0)),v.test(c[1])&&n.isPlainObject(b))for(c in b)n.isFunction(this[c])?this[c](b[c]):this.attr(c,b[c]);return this}return d=l.getElementById(c[2]),d&&d.parentNode&&(this.length=1,this[0]=d),this.context=l,this.selector=a,this}return a.nodeType?(this.context=this[0]=a,this.length=1,this):n.isFunction(a)?"undefined"!=typeof y.ready?y.ready(a):a(n):(void 0!==a.selector&&(this.selector=a.selector,this.context=a.context),n.makeArray(a,this))};A.prototype=n.fn,y=n(l);var B=/^(?:parents|prev(?:Until|All))/,C={children:!0,contents:!0,next:!0,prev:!0};n.extend({dir:function(a,b,c){var d=[],e=void 0!==c;while((a=a[b])&&9!==a.nodeType)if(1===a.nodeType){if(e&&n(a).is(c))break;d.push(a)}return d},sibling:function(a,b){for(var c=[];a;a=a.nextSibling)1===a.nodeType&&a!==b&&c.push(a);return c}}),n.fn.extend({has:function(a){var b=n(a,this),c=b.length;return this.filter(function(){for(var a=0;c>a;a++)if(n.contains(this,b[a]))return!0})},closest:function(a,b){for(var c,d=0,e=this.length,f=[],g=u.test(a)||"string"!=typeof a?n(a,b||this.context):0;e>d;d++)for(c=this[d];c&&c!==b;c=c.parentNode)if(c.nodeType<11&&(g?g.index(c)>-1:1===c.nodeType&&n.find.matchesSelector(c,a))){f.push(c);break}return this.pushStack(f.length>1?n.unique(f):f)},index:function(a){return a?"string"==typeof a?g.call(n(a),this[0]):g.call(this,a.jquery?a[0]:a):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(a,b){return this.pushStack(n.unique(n.merge(this.get(),n(a,b))))},addBack:function(a){return this.add(null==a?this.prevObject:this.prevObject.filter(a))}});function D(a,b){while((a=a[b])&&1!==a.nodeType);return a}n.each({parent:function(a){var b=a.parentNode;return b&&11!==b.nodeType?b:null},parents:function(a){return n.dir(a,"parentNode")},parentsUntil:function(a,b,c){return n.dir(a,"parentNode",c)},next:function(a){return D(a,"nextSibling")},prev:function(a){return D(a,"previousSibling")},nextAll:function(a){return n.dir(a,"nextSibling")},prevAll:function(a){return n.dir(a,"previousSibling")},nextUntil:function(a,b,c){return n.dir(a,"nextSibling",c)},prevUntil:function(a,b,c){return n.dir(a,"previousSibling",c)},siblings:function(a){return n.sibling((a.parentNode||{}).firstChild,a)},children:function(a){return n.sibling(a.firstChild)},contents:function(a){return a.contentDocument||n.merge([],a.childNodes)}},function(a,b){n.fn[a]=function(c,d){var e=n.map(this,b,c);return"Until"!==a.slice(-5)&&(d=c),d&&"string"==typeof d&&(e=n.filter(d,e)),this.length>1&&(C[a]||n.unique(e),B.test(a)&&e.reverse()),this.pushStack(e)}});var E=/\S+/g,F={};function G(a){var b=F[a]={};return n.each(a.match(E)||[],function(a,c){b[c]=!0}),b}n.Callbacks=function(a){a="string"==typeof a?F[a]||G(a):n.extend({},a);var b,c,d,e,f,g,h=[],i=!a.once&&[],j=function(l){for(b=a.memory&&l,c=!0,g=e||0,e=0,f=h.length,d=!0;h&&f>g;g++)if(h[g].apply(l[0],l[1])===!1&&a.stopOnFalse){b=!1;break}d=!1,h&&(i?i.length&&j(i.shift()):b?h=[]:k.disable())},k={add:function(){if(h){var c=h.length;!function g(b){n.each(b,function(b,c){var d=n.type(c);"function"===d?a.unique&&k.has(c)||h.push(c):c&&c.length&&"string"!==d&&g(c)})}(arguments),d?f=h.length:b&&(e=c,j(b))}return this},remove:function(){return h&&n.each(arguments,function(a,b){var c;while((c=n.inArray(b,h,c))>-1)h.splice(c,1),d&&(f>=c&&f--,g>=c&&g--)}),this},has:function(a){return a?n.inArray(a,h)>-1:!(!h||!h.length)},empty:function(){return h=[],f=0,this},disable:function(){return h=i=b=void 0,this},disabled:function(){return!h},lock:function(){return i=void 0,b||k.disable(),this},locked:function(){return!i},fireWith:function(a,b){return!h||c&&!i||(b=b||[],b=[a,b.slice?b.slice():b],d?i.push(b):j(b)),this},fire:function(){return k.fireWith(this,arguments),this},fired:function(){return!!c}};return k},n.extend({Deferred:function(a){var b=[["resolve","done",n.Callbacks("once memory"),"resolved"],["reject","fail",n.Callbacks("once memory"),"rejected"],["notify","progress",n.Callbacks("memory")]],c="pending",d={state:function(){return c},always:function(){return e.done(arguments).fail(arguments),this},then:function(){var a=arguments;return n.Deferred(function(c){n.each(b,function(b,f){var g=n.isFunction(a[b])&&a[b];e[f[1]](function(){var a=g&&g.apply(this,arguments);a&&n.isFunction(a.promise)?a.promise().done(c.resolve).fail(c.reject).progress(c.notify):c[f[0]+"With"](this===d?c.promise():this,g?[a]:arguments)})}),a=null}).promise()},promise:function(a){return null!=a?n.extend(a,d):d}},e={};return d.pipe=d.then,n.each(b,function(a,f){var g=f[2],h=f[3];d[f[1]]=g.add,h&&g.add(function(){c=h},b[1^a][2].disable,b[2][2].lock),e[f[0]]=function(){return e[f[0]+"With"](this===e?d:this,arguments),this},e[f[0]+"With"]=g.fireWith}),d.promise(e),a&&a.call(e,e),e},when:function(a){var b=0,c=d.call(arguments),e=c.length,f=1!==e||a&&n.isFunction(a.promise)?e:0,g=1===f?a:n.Deferred(),h=function(a,b,c){return function(e){b[a]=this,c[a]=arguments.length>1?d.call(arguments):e,c===i?g.notifyWith(b,c):--f||g.resolveWith(b,c)}},i,j,k;if(e>1)for(i=new Array(e),j=new Array(e),k=new Array(e);e>b;b++)c[b]&&n.isFunction(c[b].promise)?c[b].promise().done(h(b,k,c)).fail(g.reject).progress(h(b,j,i)):--f;return f||g.resolveWith(k,c),g.promise()}});var H;n.fn.ready=function(a){return n.ready.promise().done(a),this},n.extend({isReady:!1,readyWait:1,holdReady:function(a){a?n.readyWait++:n.ready(!0)},ready:function(a){(a===!0?--n.readyWait:n.isReady)||(n.isReady=!0,a!==!0&&--n.readyWait>0||(H.resolveWith(l,[n]),n.fn.triggerHandler&&(n(l).triggerHandler("ready"),n(l).off("ready"))))}});function I(){l.removeEventListener("DOMContentLoaded",I,!1),a.removeEventListener("load",I,!1),n.ready()}n.ready.promise=function(b){return H||(H=n.Deferred(),"complete"===l.readyState?setTimeout(n.ready):(l.addEventListener("DOMContentLoaded",I,!1),a.addEventListener("load",I,!1))),H.promise(b)},n.ready.promise();var J=n.access=function(a,b,c,d,e,f,g){var h=0,i=a.length,j=null==c;if("object"===n.type(c)){e=!0;for(h in c)n.access(a,b,h,c[h],!0,f,g)}else if(void 0!==d&&(e=!0,n.isFunction(d)||(g=!0),j&&(g?(b.call(a,d),b=null):(j=b,b=function(a,b,c){return j.call(n(a),c)})),b))for(;i>h;h++)b(a[h],c,g?d:d.call(a[h],h,b(a[h],c)));return e?a:j?b.call(a):i?b(a[0],c):f};n.acceptData=function(a){return 1===a.nodeType||9===a.nodeType||!+a.nodeType};function K(){Object.defineProperty(this.cache={},0,{get:function(){return{}}}),this.expando=n.expando+K.uid++}K.uid=1,K.accepts=n.acceptData,K.prototype={key:function(a){if(!K.accepts(a))return 0;var b={},c=a[this.expando];if(!c){c=K.uid++;try{b[this.expando]={value:c},Object.defineProperties(a,b)}catch(d){b[this.expando]=c,n.extend(a,b)}}return this.cache[c]||(this.cache[c]={}),c},set:function(a,b,c){var d,e=this.key(a),f=this.cache[e];if("string"==typeof b)f[b]=c;else if(n.isEmptyObject(f))n.extend(this.cache[e],b);else for(d in b)f[d]=b[d];return f},get:function(a,b){var c=this.cache[this.key(a)];return void 0===b?c:c[b]},access:function(a,b,c){var d;return void 0===b||b&&"string"==typeof b&&void 0===c?(d=this.get(a,b),void 0!==d?d:this.get(a,n.camelCase(b))):(this.set(a,b,c),void 0!==c?c:b)},remove:function(a,b){var c,d,e,f=this.key(a),g=this.cache[f];if(void 0===b)this.cache[f]={};else{n.isArray(b)?d=b.concat(b.map(n.camelCase)):(e=n.camelCase(b),b in g?d=[b,e]:(d=e,d=d in g?[d]:d.match(E)||[])),c=d.length;while(c--)delete g[d[c]]}},hasData:function(a){return!n.isEmptyObject(this.cache[a[this.expando]]||{})},discard:function(a){a[this.expando]&&delete this.cache[a[this.expando]]}};var L=new K,M=new K,N=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,O=/([A-Z])/g;function P(a,b,c){var d;if(void 0===c&&1===a.nodeType)if(d="data-"+b.replace(O,"-$1").toLowerCase(),c=a.getAttribute(d),"string"==typeof c){try{c="true"===c?!0:"false"===c?!1:"null"===c?null:+c+""===c?+c:N.test(c)?n.parseJSON(c):c}catch(e){}M.set(a,b,c)}else c=void 0;return c}n.extend({hasData:function(a){return M.hasData(a)||L.hasData(a)},data:function(a,b,c){
+return M.access(a,b,c)},removeData:function(a,b){M.remove(a,b)},_data:function(a,b,c){return L.access(a,b,c)},_removeData:function(a,b){L.remove(a,b)}}),n.fn.extend({data:function(a,b){var c,d,e,f=this[0],g=f&&f.attributes;if(void 0===a){if(this.length&&(e=M.get(f),1===f.nodeType&&!L.get(f,"hasDataAttrs"))){c=g.length;while(c--)g[c]&&(d=g[c].name,0===d.indexOf("data-")&&(d=n.camelCase(d.slice(5)),P(f,d,e[d])));L.set(f,"hasDataAttrs",!0)}return e}return"object"==typeof a?this.each(function(){M.set(this,a)}):J(this,function(b){var c,d=n.camelCase(a);if(f&&void 0===b){if(c=M.get(f,a),void 0!==c)return c;if(c=M.get(f,d),void 0!==c)return c;if(c=P(f,d,void 0),void 0!==c)return c}else this.each(function(){var c=M.get(this,d);M.set(this,d,b),-1!==a.indexOf("-")&&void 0!==c&&M.set(this,a,b)})},null,b,arguments.length>1,null,!0)},removeData:function(a){return this.each(function(){M.remove(this,a)})}}),n.extend({queue:function(a,b,c){var d;return a?(b=(b||"fx")+"queue",d=L.get(a,b),c&&(!d||n.isArray(c)?d=L.access(a,b,n.makeArray(c)):d.push(c)),d||[]):void 0},dequeue:function(a,b){b=b||"fx";var c=n.queue(a,b),d=c.length,e=c.shift(),f=n._queueHooks(a,b),g=function(){n.dequeue(a,b)};"inprogress"===e&&(e=c.shift(),d--),e&&("fx"===b&&c.unshift("inprogress"),delete f.stop,e.call(a,g,f)),!d&&f&&f.empty.fire()},_queueHooks:function(a,b){var c=b+"queueHooks";return L.get(a,c)||L.access(a,c,{empty:n.Callbacks("once memory").add(function(){L.remove(a,[b+"queue",c])})})}}),n.fn.extend({queue:function(a,b){var c=2;return"string"!=typeof a&&(b=a,a="fx",c--),arguments.length<c?n.queue(this[0],a):void 0===b?this:this.each(function(){var c=n.queue(this,a,b);n._queueHooks(this,a),"fx"===a&&"inprogress"!==c[0]&&n.dequeue(this,a)})},dequeue:function(a){return this.each(function(){n.dequeue(this,a)})},clearQueue:function(a){return this.queue(a||"fx",[])},promise:function(a,b){var c,d=1,e=n.Deferred(),f=this,g=this.length,h=function(){--d||e.resolveWith(f,[f])};"string"!=typeof a&&(b=a,a=void 0),a=a||"fx";while(g--)c=L.get(f[g],a+"queueHooks"),c&&c.empty&&(d++,c.empty.add(h));return h(),e.promise(b)}});var Q=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,R=["Top","Right","Bottom","Left"],S=function(a,b){return a=b||a,"none"===n.css(a,"display")||!n.contains(a.ownerDocument,a)},T=/^(?:checkbox|radio)$/i;!function(){var a=l.createDocumentFragment(),b=a.appendChild(l.createElement("div")),c=l.createElement("input");c.setAttribute("type","radio"),c.setAttribute("checked","checked"),c.setAttribute("name","t"),b.appendChild(c),k.checkClone=b.cloneNode(!0).cloneNode(!0).lastChild.checked,b.innerHTML="<textarea>x</textarea>",k.noCloneChecked=!!b.cloneNode(!0).lastChild.defaultValue}();var U="undefined";k.focusinBubbles="onfocusin"in a;var V=/^key/,W=/^(?:mouse|pointer|contextmenu)|click/,X=/^(?:focusinfocus|focusoutblur)$/,Y=/^([^.]*)(?:\.(.+)|)$/;function Z(){return!0}function $(){return!1}function _(){try{return l.activeElement}catch(a){}}n.event={global:{},add:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=L.get(a);if(r){c.handler&&(f=c,c=f.handler,e=f.selector),c.guid||(c.guid=n.guid++),(i=r.events)||(i=r.events={}),(g=r.handle)||(g=r.handle=function(b){return typeof n!==U&&n.event.triggered!==b.type?n.event.dispatch.apply(a,arguments):void 0}),b=(b||"").match(E)||[""],j=b.length;while(j--)h=Y.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o&&(l=n.event.special[o]||{},o=(e?l.delegateType:l.bindType)||o,l=n.event.special[o]||{},k=n.extend({type:o,origType:q,data:d,handler:c,guid:c.guid,selector:e,needsContext:e&&n.expr.match.needsContext.test(e),namespace:p.join(".")},f),(m=i[o])||(m=i[o]=[],m.delegateCount=0,l.setup&&l.setup.call(a,d,p,g)!==!1||a.addEventListener&&a.addEventListener(o,g,!1)),l.add&&(l.add.call(a,k),k.handler.guid||(k.handler.guid=c.guid)),e?m.splice(m.delegateCount++,0,k):m.push(k),n.event.global[o]=!0)}},remove:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=L.hasData(a)&&L.get(a);if(r&&(i=r.events)){b=(b||"").match(E)||[""],j=b.length;while(j--)if(h=Y.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o){l=n.event.special[o]||{},o=(d?l.delegateType:l.bindType)||o,m=i[o]||[],h=h[2]&&new RegExp("(^|\\.)"+p.join("\\.(?:.*\\.|)")+"(\\.|$)"),g=f=m.length;while(f--)k=m[f],!e&&q!==k.origType||c&&c.guid!==k.guid||h&&!h.test(k.namespace)||d&&d!==k.selector&&("**"!==d||!k.selector)||(m.splice(f,1),k.selector&&m.delegateCount--,l.remove&&l.remove.call(a,k));g&&!m.length&&(l.teardown&&l.teardown.call(a,p,r.handle)!==!1||n.removeEvent(a,o,r.handle),delete i[o])}else for(o in i)n.event.remove(a,o+b[j],c,d,!0);n.isEmptyObject(i)&&(delete r.handle,L.remove(a,"events"))}},trigger:function(b,c,d,e){var f,g,h,i,k,m,o,p=[d||l],q=j.call(b,"type")?b.type:b,r=j.call(b,"namespace")?b.namespace.split("."):[];if(g=h=d=d||l,3!==d.nodeType&&8!==d.nodeType&&!X.test(q+n.event.triggered)&&(q.indexOf(".")>=0&&(r=q.split("."),q=r.shift(),r.sort()),k=q.indexOf(":")<0&&"on"+q,b=b[n.expando]?b:new n.Event(q,"object"==typeof b&&b),b.isTrigger=e?2:3,b.namespace=r.join("."),b.namespace_re=b.namespace?new RegExp("(^|\\.)"+r.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,b.result=void 0,b.target||(b.target=d),c=null==c?[b]:n.makeArray(c,[b]),o=n.event.special[q]||{},e||!o.trigger||o.trigger.apply(d,c)!==!1)){if(!e&&!o.noBubble&&!n.isWindow(d)){for(i=o.delegateType||q,X.test(i+q)||(g=g.parentNode);g;g=g.parentNode)p.push(g),h=g;h===(d.ownerDocument||l)&&p.push(h.defaultView||h.parentWindow||a)}f=0;while((g=p[f++])&&!b.isPropagationStopped())b.type=f>1?i:o.bindType||q,m=(L.get(g,"events")||{})[b.type]&&L.get(g,"handle"),m&&m.apply(g,c),m=k&&g[k],m&&m.apply&&n.acceptData(g)&&(b.result=m.apply(g,c),b.result===!1&&b.preventDefault());return b.type=q,e||b.isDefaultPrevented()||o._default&&o._default.apply(p.pop(),c)!==!1||!n.acceptData(d)||k&&n.isFunction(d[q])&&!n.isWindow(d)&&(h=d[k],h&&(d[k]=null),n.event.triggered=q,d[q](),n.event.triggered=void 0,h&&(d[k]=h)),b.result}},dispatch:function(a){a=n.event.fix(a);var b,c,e,f,g,h=[],i=d.call(arguments),j=(L.get(this,"events")||{})[a.type]||[],k=n.event.special[a.type]||{};if(i[0]=a,a.delegateTarget=this,!k.preDispatch||k.preDispatch.call(this,a)!==!1){h=n.event.handlers.call(this,a,j),b=0;while((f=h[b++])&&!a.isPropagationStopped()){a.currentTarget=f.elem,c=0;while((g=f.handlers[c++])&&!a.isImmediatePropagationStopped())(!a.namespace_re||a.namespace_re.test(g.namespace))&&(a.handleObj=g,a.data=g.data,e=((n.event.special[g.origType]||{}).handle||g.handler).apply(f.elem,i),void 0!==e&&(a.result=e)===!1&&(a.preventDefault(),a.stopPropagation()))}return k.postDispatch&&k.postDispatch.call(this,a),a.result}},handlers:function(a,b){var c,d,e,f,g=[],h=b.delegateCount,i=a.target;if(h&&i.nodeType&&(!a.button||"click"!==a.type))for(;i!==this;i=i.parentNode||this)if(i.disabled!==!0||"click"!==a.type){for(d=[],c=0;h>c;c++)f=b[c],e=f.selector+" ",void 0===d[e]&&(d[e]=f.needsContext?n(e,this).index(i)>=0:n.find(e,this,null,[i]).length),d[e]&&d.push(f);d.length&&g.push({elem:i,handlers:d})}return h<b.length&&g.push({elem:this,handlers:b.slice(h)}),g},props:"altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(a,b){return null==a.which&&(a.which=null!=b.charCode?b.charCode:b.keyCode),a}},mouseHooks:{props:"button buttons clientX clientY offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(a,b){var c,d,e,f=b.button;return null==a.pageX&&null!=b.clientX&&(c=a.target.ownerDocument||l,d=c.documentElement,e=c.body,a.pageX=b.clientX+(d&&d.scrollLeft||e&&e.scrollLeft||0)-(d&&d.clientLeft||e&&e.clientLeft||0),a.pageY=b.clientY+(d&&d.scrollTop||e&&e.scrollTop||0)-(d&&d.clientTop||e&&e.clientTop||0)),a.which||void 0===f||(a.which=1&f?1:2&f?3:4&f?2:0),a}},fix:function(a){if(a[n.expando])return a;var b,c,d,e=a.type,f=a,g=this.fixHooks[e];g||(this.fixHooks[e]=g=W.test(e)?this.mouseHooks:V.test(e)?this.keyHooks:{}),d=g.props?this.props.concat(g.props):this.props,a=new n.Event(f),b=d.length;while(b--)c=d[b],a[c]=f[c];return a.target||(a.target=l),3===a.target.nodeType&&(a.target=a.target.parentNode),g.filter?g.filter(a,f):a},special:{load:{noBubble:!0},focus:{trigger:function(){return this!==_()&&this.focus?(this.focus(),!1):void 0},delegateType:"focusin"},blur:{trigger:function(){return this===_()&&this.blur?(this.blur(),!1):void 0},delegateType:"focusout"},click:{trigger:function(){return"checkbox"===this.type&&this.click&&n.nodeName(this,"input")?(this.click(),!1):void 0},_default:function(a){return n.nodeName(a.target,"a")}},beforeunload:{postDispatch:function(a){void 0!==a.result&&a.originalEvent&&(a.originalEvent.returnValue=a.result)}}},simulate:function(a,b,c,d){var e=n.extend(new n.Event,c,{type:a,isSimulated:!0,originalEvent:{}});d?n.event.trigger(e,null,b):n.event.dispatch.call(b,e),e.isDefaultPrevented()&&c.preventDefault()}},n.removeEvent=function(a,b,c){a.removeEventListener&&a.removeEventListener(b,c,!1)},n.Event=function(a,b){return this instanceof n.Event?(a&&a.type?(this.originalEvent=a,this.type=a.type,this.isDefaultPrevented=a.defaultPrevented||void 0===a.defaultPrevented&&a.returnValue===!1?Z:$):this.type=a,b&&n.extend(this,b),this.timeStamp=a&&a.timeStamp||n.now(),void(this[n.expando]=!0)):new n.Event(a,b)},n.Event.prototype={isDefaultPrevented:$,isPropagationStopped:$,isImmediatePropagationStopped:$,preventDefault:function(){var a=this.originalEvent;this.isDefaultPrevented=Z,a&&a.preventDefault&&a.preventDefault()},stopPropagation:function(){var a=this.originalEvent;this.isPropagationStopped=Z,a&&a.stopPropagation&&a.stopPropagation()},stopImmediatePropagation:function(){var a=this.originalEvent;this.isImmediatePropagationStopped=Z,a&&a.stopImmediatePropagation&&a.stopImmediatePropagation(),this.stopPropagation()}},n.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(a,b){n.event.special[a]={delegateType:b,bindType:b,handle:function(a){var c,d=this,e=a.relatedTarget,f=a.handleObj;return(!e||e!==d&&!n.contains(d,e))&&(a.type=f.origType,c=f.handler.apply(this,arguments),a.type=b),c}}}),k.focusinBubbles||n.each({focus:"focusin",blur:"focusout"},function(a,b){var c=function(a){n.event.simulate(b,a.target,n.event.fix(a),!0)};n.event.special[b]={setup:function(){var d=this.ownerDocument||this,e=L.access(d,b);e||d.addEventListener(a,c,!0),L.access(d,b,(e||0)+1)},teardown:function(){var d=this.ownerDocument||this,e=L.access(d,b)-1;e?L.access(d,b,e):(d.removeEventListener(a,c,!0),L.remove(d,b))}}}),n.fn.extend({on:function(a,b,c,d,e){var f,g;if("object"==typeof a){"string"!=typeof b&&(c=c||b,b=void 0);for(g in a)this.on(g,b,c,a[g],e);return this}if(null==c&&null==d?(d=b,c=b=void 0):null==d&&("string"==typeof b?(d=c,c=void 0):(d=c,c=b,b=void 0)),d===!1)d=$;else if(!d)return this;return 1===e&&(f=d,d=function(a){return n().off(a),f.apply(this,arguments)},d.guid=f.guid||(f.guid=n.guid++)),this.each(function(){n.event.add(this,a,d,c,b)})},one:function(a,b,c,d){return this.on(a,b,c,d,1)},off:function(a,b,c){var d,e;if(a&&a.preventDefault&&a.handleObj)return d=a.handleObj,n(a.delegateTarget).off(d.namespace?d.origType+"."+d.namespace:d.origType,d.selector,d.handler),this;if("object"==typeof a){for(e in a)this.off(e,b,a[e]);return this}return(b===!1||"function"==typeof b)&&(c=b,b=void 0),c===!1&&(c=$),this.each(function(){n.event.remove(this,a,c,b)})},trigger:function(a,b){return this.each(function(){n.event.trigger(a,b,this)})},triggerHandler:function(a,b){var c=this[0];return c?n.event.trigger(a,b,c,!0):void 0}});var aa=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,ba=/<([\w:]+)/,ca=/<|&#?\w+;/,da=/<(?:script|style|link)/i,ea=/checked\s*(?:[^=]|=\s*.checked.)/i,fa=/^$|\/(?:java|ecma)script/i,ga=/^true\/(.*)/,ha=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g,ia={option:[1,"<select multiple='multiple'>","</select>"],thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};ia.optgroup=ia.option,ia.tbody=ia.tfoot=ia.colgroup=ia.caption=ia.thead,ia.th=ia.td;function ja(a,b){return n.nodeName(a,"table")&&n.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.ownerDocument.createElement("tbody")):a}function ka(a){return a.type=(null!==a.getAttribute("type"))+"/"+a.type,a}function la(a){var b=ga.exec(a.type);return b?a.type=b[1]:a.removeAttribute("type"),a}function ma(a,b){for(var c=0,d=a.length;d>c;c++)L.set(a[c],"globalEval",!b||L.get(b[c],"globalEval"))}function na(a,b){var c,d,e,f,g,h,i,j;if(1===b.nodeType){if(L.hasData(a)&&(f=L.access(a),g=L.set(b,f),j=f.events)){delete g.handle,g.events={};for(e in j)for(c=0,d=j[e].length;d>c;c++)n.event.add(b,e,j[e][c])}M.hasData(a)&&(h=M.access(a),i=n.extend({},h),M.set(b,i))}}function oa(a,b){var c=a.getElementsByTagName?a.getElementsByTagName(b||"*"):a.querySelectorAll?a.querySelectorAll(b||"*"):[];return void 0===b||b&&n.nodeName(a,b)?n.merge([a],c):c}function pa(a,b){var c=b.nodeName.toLowerCase();"input"===c&&T.test(a.type)?b.checked=a.checked:("input"===c||"textarea"===c)&&(b.defaultValue=a.defaultValue)}n.extend({clone:function(a,b,c){var d,e,f,g,h=a.cloneNode(!0),i=n.contains(a.ownerDocument,a);if(!(k.noCloneChecked||1!==a.nodeType&&11!==a.nodeType||n.isXMLDoc(a)))for(g=oa(h),f=oa(a),d=0,e=f.length;e>d;d++)pa(f[d],g[d]);if(b)if(c)for(f=f||oa(a),g=g||oa(h),d=0,e=f.length;e>d;d++)na(f[d],g[d]);else na(a,h);return g=oa(h,"script"),g.length>0&&ma(g,!i&&oa(a,"script")),h},buildFragment:function(a,b,c,d){for(var e,f,g,h,i,j,k=b.createDocumentFragment(),l=[],m=0,o=a.length;o>m;m++)if(e=a[m],e||0===e)if("object"===n.type(e))n.merge(l,e.nodeType?[e]:e);else if(ca.test(e)){f=f||k.appendChild(b.createElement("div")),g=(ba.exec(e)||["",""])[1].toLowerCase(),h=ia[g]||ia._default,f.innerHTML=h[1]+e.replace(aa,"<$1></$2>")+h[2],j=h[0];while(j--)f=f.lastChild;n.merge(l,f.childNodes),f=k.firstChild,f.textContent=""}else l.push(b.createTextNode(e));k.textContent="",m=0;while(e=l[m++])if((!d||-1===n.inArray(e,d))&&(i=n.contains(e.ownerDocument,e),f=oa(k.appendChild(e),"script"),i&&ma(f),c)){j=0;while(e=f[j++])fa.test(e.type||"")&&c.push(e)}return k},cleanData:function(a){for(var b,c,d,e,f=n.event.special,g=0;void 0!==(c=a[g]);g++){if(n.acceptData(c)&&(e=c[L.expando],e&&(b=L.cache[e]))){if(b.events)for(d in b.events)f[d]?n.event.remove(c,d):n.removeEvent(c,d,b.handle);L.cache[e]&&delete L.cache[e]}delete M.cache[c[M.expando]]}}}),n.fn.extend({text:function(a){return J(this,function(a){return void 0===a?n.text(this):this.empty().each(function(){(1===this.nodeType||11===this.nodeType||9===this.nodeType)&&(this.textContent=a)})},null,a,arguments.length)},append:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=ja(this,a);b.appendChild(a)}})},prepend:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=ja(this,a);b.insertBefore(a,b.firstChild)}})},before:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this)})},after:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this.nextSibling)})},remove:function(a,b){for(var c,d=a?n.filter(a,this):this,e=0;null!=(c=d[e]);e++)b||1!==c.nodeType||n.cleanData(oa(c)),c.parentNode&&(b&&n.contains(c.ownerDocument,c)&&ma(oa(c,"script")),c.parentNode.removeChild(c));return this},empty:function(){for(var a,b=0;null!=(a=this[b]);b++)1===a.nodeType&&(n.cleanData(oa(a,!1)),a.textContent="");return this},clone:function(a,b){return a=null==a?!1:a,b=null==b?a:b,this.map(function(){return n.clone(this,a,b)})},html:function(a){return J(this,function(a){var b=this[0]||{},c=0,d=this.length;if(void 0===a&&1===b.nodeType)return b.innerHTML;if("string"==typeof a&&!da.test(a)&&!ia[(ba.exec(a)||["",""])[1].toLowerCase()]){a=a.replace(aa,"<$1></$2>");try{for(;d>c;c++)b=this[c]||{},1===b.nodeType&&(n.cleanData(oa(b,!1)),b.innerHTML=a);b=0}catch(e){}}b&&this.empty().append(a)},null,a,arguments.length)},replaceWith:function(){var a=arguments[0];return this.domManip(arguments,function(b){a=this.parentNode,n.cleanData(oa(this)),a&&a.replaceChild(b,this)}),a&&(a.length||a.nodeType)?this:this.remove()},detach:function(a){return this.remove(a,!0)},domManip:function(a,b){a=e.apply([],a);var c,d,f,g,h,i,j=0,l=this.length,m=this,o=l-1,p=a[0],q=n.isFunction(p);if(q||l>1&&"string"==typeof p&&!k.checkClone&&ea.test(p))return this.each(function(c){var d=m.eq(c);q&&(a[0]=p.call(this,c,d.html())),d.domManip(a,b)});if(l&&(c=n.buildFragment(a,this[0].ownerDocument,!1,this),d=c.firstChild,1===c.childNodes.length&&(c=d),d)){for(f=n.map(oa(c,"script"),ka),g=f.length;l>j;j++)h=c,j!==o&&(h=n.clone(h,!0,!0),g&&n.merge(f,oa(h,"script"))),b.call(this[j],h,j);if(g)for(i=f[f.length-1].ownerDocument,n.map(f,la),j=0;g>j;j++)h=f[j],fa.test(h.type||"")&&!L.access(h,"globalEval")&&n.contains(i,h)&&(h.src?n._evalUrl&&n._evalUrl(h.src):n.globalEval(h.textContent.replace(ha,"")))}return this}}),n.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){n.fn[a]=function(a){for(var c,d=[],e=n(a),g=e.length-1,h=0;g>=h;h++)c=h===g?this:this.clone(!0),n(e[h])[b](c),f.apply(d,c.get());return this.pushStack(d)}});var qa,ra={};function sa(b,c){var d,e=n(c.createElement(b)).appendTo(c.body),f=a.getDefaultComputedStyle&&(d=a.getDefaultComputedStyle(e[0]))?d.display:n.css(e[0],"display");return e.detach(),f}function ta(a){var b=l,c=ra[a];return c||(c=sa(a,b),"none"!==c&&c||(qa=(qa||n("<iframe frameborder='0' width='0' height='0'/>")).appendTo(b.documentElement),b=qa[0].contentDocument,b.write(),b.close(),c=sa(a,b),qa.detach()),ra[a]=c),c}var ua=/^margin/,va=new RegExp("^("+Q+")(?!px)[a-z%]+$","i"),wa=function(b){return b.ownerDocument.defaultView.opener?b.ownerDocument.defaultView.getComputedStyle(b,null):a.getComputedStyle(b,null)};function xa(a,b,c){var d,e,f,g,h=a.style;return c=c||wa(a),c&&(g=c.getPropertyValue(b)||c[b]),c&&(""!==g||n.contains(a.ownerDocument,a)||(g=n.style(a,b)),va.test(g)&&ua.test(b)&&(d=h.width,e=h.minWidth,f=h.maxWidth,h.minWidth=h.maxWidth=h.width=g,g=c.width,h.width=d,h.minWidth=e,h.maxWidth=f)),void 0!==g?g+"":g}function ya(a,b){return{get:function(){return a()?void delete this.get:(this.get=b).apply(this,arguments)}}}!function(){var b,c,d=l.documentElement,e=l.createElement("div"),f=l.createElement("div");if(f.style){f.style.backgroundClip="content-box",f.cloneNode(!0).style.backgroundClip="",k.clearCloneStyle="content-box"===f.style.backgroundClip,e.style.cssText="border:0;width:0;height:0;top:0;left:-9999px;margin-top:1px;position:absolute",e.appendChild(f);function g(){f.style.cssText="-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;display:block;margin-top:1%;top:1%;border:1px;padding:1px;width:4px;position:absolute",f.innerHTML="",d.appendChild(e);var g=a.getComputedStyle(f,null);b="1%"!==g.top,c="4px"===g.width,d.removeChild(e)}a.getComputedStyle&&n.extend(k,{pixelPosition:function(){return g(),b},boxSizingReliable:function(){return null==c&&g(),c},reliableMarginRight:function(){var b,c=f.appendChild(l.createElement("div"));return c.style.cssText=f.style.cssText="-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;display:block;margin:0;border:0;padding:0",c.style.marginRight=c.style.width="0",f.style.width="1px",d.appendChild(e),b=!parseFloat(a.getComputedStyle(c,null).marginRight),d.removeChild(e),f.removeChild(c),b}})}}(),n.swap=function(a,b,c,d){var e,f,g={};for(f in b)g[f]=a.style[f],a.style[f]=b[f];e=c.apply(a,d||[]);for(f in b)a.style[f]=g[f];return e};var za=/^(none|table(?!-c[ea]).+)/,Aa=new RegExp("^("+Q+")(.*)$","i"),Ba=new RegExp("^([+-])=("+Q+")","i"),Ca={position:"absolute",visibility:"hidden",display:"block"},Da={letterSpacing:"0",fontWeight:"400"},Ea=["Webkit","O","Moz","ms"];function Fa(a,b){if(b in a)return b;var c=b[0].toUpperCase()+b.slice(1),d=b,e=Ea.length;while(e--)if(b=Ea[e]+c,b in a)return b;return d}function Ga(a,b,c){var d=Aa.exec(b);return d?Math.max(0,d[1]-(c||0))+(d[2]||"px"):b}function Ha(a,b,c,d,e){for(var f=c===(d?"border":"content")?4:"width"===b?1:0,g=0;4>f;f+=2)"margin"===c&&(g+=n.css(a,c+R[f],!0,e)),d?("content"===c&&(g-=n.css(a,"padding"+R[f],!0,e)),"margin"!==c&&(g-=n.css(a,"border"+R[f]+"Width",!0,e))):(g+=n.css(a,"padding"+R[f],!0,e),"padding"!==c&&(g+=n.css(a,"border"+R[f]+"Width",!0,e)));return g}function Ia(a,b,c){var d=!0,e="width"===b?a.offsetWidth:a.offsetHeight,f=wa(a),g="border-box"===n.css(a,"boxSizing",!1,f);if(0>=e||null==e){if(e=xa(a,b,f),(0>e||null==e)&&(e=a.style[b]),va.test(e))return e;d=g&&(k.boxSizingReliable()||e===a.style[b]),e=parseFloat(e)||0}return e+Ha(a,b,c||(g?"border":"content"),d,f)+"px"}function Ja(a,b){for(var c,d,e,f=[],g=0,h=a.length;h>g;g++)d=a[g],d.style&&(f[g]=L.get(d,"olddisplay"),c=d.style.display,b?(f[g]||"none"!==c||(d.style.display=""),""===d.style.display&&S(d)&&(f[g]=L.access(d,"olddisplay",ta(d.nodeName)))):(e=S(d),"none"===c&&e||L.set(d,"olddisplay",e?c:n.css(d,"display"))));for(g=0;h>g;g++)d=a[g],d.style&&(b&&"none"!==d.style.display&&""!==d.style.display||(d.style.display=b?f[g]||"":"none"));return a}n.extend({cssHooks:{opacity:{get:function(a,b){if(b){var c=xa(a,"opacity");return""===c?"1":c}}}},cssNumber:{columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":"cssFloat"},style:function(a,b,c,d){if(a&&3!==a.nodeType&&8!==a.nodeType&&a.style){var e,f,g,h=n.camelCase(b),i=a.style;return b=n.cssProps[h]||(n.cssProps[h]=Fa(i,h)),g=n.cssHooks[b]||n.cssHooks[h],void 0===c?g&&"get"in g&&void 0!==(e=g.get(a,!1,d))?e:i[b]:(f=typeof c,"string"===f&&(e=Ba.exec(c))&&(c=(e[1]+1)*e[2]+parseFloat(n.css(a,b)),f="number"),null!=c&&c===c&&("number"!==f||n.cssNumber[h]||(c+="px"),k.clearCloneStyle||""!==c||0!==b.indexOf("background")||(i[b]="inherit"),g&&"set"in g&&void 0===(c=g.set(a,c,d))||(i[b]=c)),void 0)}},css:function(a,b,c,d){var e,f,g,h=n.camelCase(b);return b=n.cssProps[h]||(n.cssProps[h]=Fa(a.style,h)),g=n.cssHooks[b]||n.cssHooks[h],g&&"get"in g&&(e=g.get(a,!0,c)),void 0===e&&(e=xa(a,b,d)),"normal"===e&&b in Da&&(e=Da[b]),""===c||c?(f=parseFloat(e),c===!0||n.isNumeric(f)?f||0:e):e}}),n.each(["height","width"],function(a,b){n.cssHooks[b]={get:function(a,c,d){return c?za.test(n.css(a,"display"))&&0===a.offsetWidth?n.swap(a,Ca,function(){return Ia(a,b,d)}):Ia(a,b,d):void 0},set:function(a,c,d){var e=d&&wa(a);return Ga(a,c,d?Ha(a,b,d,"border-box"===n.css(a,"boxSizing",!1,e),e):0)}}}),n.cssHooks.marginRight=ya(k.reliableMarginRight,function(a,b){return b?n.swap(a,{display:"inline-block"},xa,[a,"marginRight"]):void 0}),n.each({margin:"",padding:"",border:"Width"},function(a,b){n.cssHooks[a+b]={expand:function(c){for(var d=0,e={},f="string"==typeof c?c.split(" "):[c];4>d;d++)e[a+R[d]+b]=f[d]||f[d-2]||f[0];return e}},ua.test(a)||(n.cssHooks[a+b].set=Ga)}),n.fn.extend({css:function(a,b){return J(this,function(a,b,c){var d,e,f={},g=0;if(n.isArray(b)){for(d=wa(a),e=b.length;e>g;g++)f[b[g]]=n.css(a,b[g],!1,d);return f}return void 0!==c?n.style(a,b,c):n.css(a,b)},a,b,arguments.length>1)},show:function(){return Ja(this,!0)},hide:function(){return Ja(this)},toggle:function(a){return"boolean"==typeof a?a?this.show():this.hide():this.each(function(){S(this)?n(this).show():n(this).hide()})}});function Ka(a,b,c,d,e){return new Ka.prototype.init(a,b,c,d,e)}n.Tween=Ka,Ka.prototype={constructor:Ka,init:function(a,b,c,d,e,f){this.elem=a,this.prop=c,this.easing=e||"swing",this.options=b,this.start=this.now=this.cur(),this.end=d,this.unit=f||(n.cssNumber[c]?"":"px")},cur:function(){var a=Ka.propHooks[this.prop];return a&&a.get?a.get(this):Ka.propHooks._default.get(this)},run:function(a){var b,c=Ka.propHooks[this.prop];return this.options.duration?this.pos=b=n.easing[this.easing](a,this.options.duration*a,0,1,this.options.duration):this.pos=b=a,this.now=(this.end-this.start)*b+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),c&&c.set?c.set(this):Ka.propHooks._default.set(this),this}},Ka.prototype.init.prototype=Ka.prototype,Ka.propHooks={_default:{get:function(a){var b;return null==a.elem[a.prop]||a.elem.style&&null!=a.elem.style[a.prop]?(b=n.css(a.elem,a.prop,""),b&&"auto"!==b?b:0):a.elem[a.prop]},set:function(a){n.fx.step[a.prop]?n.fx.step[a.prop](a):a.elem.style&&(null!=a.elem.style[n.cssProps[a.prop]]||n.cssHooks[a.prop])?n.style(a.elem,a.prop,a.now+a.unit):a.elem[a.prop]=a.now}}},Ka.propHooks.scrollTop=Ka.propHooks.scrollLeft={set:function(a){a.elem.nodeType&&a.elem.parentNode&&(a.elem[a.prop]=a.now)}},n.easing={linear:function(a){return a},swing:function(a){return.5-Math.cos(a*Math.PI)/2}},n.fx=Ka.prototype.init,n.fx.step={};var La,Ma,Na=/^(?:toggle|show|hide)$/,Oa=new RegExp("^(?:([+-])=|)("+Q+")([a-z%]*)$","i"),Pa=/queueHooks$/,Qa=[Va],Ra={"*":[function(a,b){var c=this.createTween(a,b),d=c.cur(),e=Oa.exec(b),f=e&&e[3]||(n.cssNumber[a]?"":"px"),g=(n.cssNumber[a]||"px"!==f&&+d)&&Oa.exec(n.css(c.elem,a)),h=1,i=20;if(g&&g[3]!==f){f=f||g[3],e=e||[],g=+d||1;do h=h||".5",g/=h,n.style(c.elem,a,g+f);while(h!==(h=c.cur()/d)&&1!==h&&--i)}return e&&(g=c.start=+g||+d||0,c.unit=f,c.end=e[1]?g+(e[1]+1)*e[2]:+e[2]),c}]};function Sa(){return setTimeout(function(){La=void 0}),La=n.now()}function Ta(a,b){var c,d=0,e={height:a};for(b=b?1:0;4>d;d+=2-b)c=R[d],e["margin"+c]=e["padding"+c]=a;return b&&(e.opacity=e.width=a),e}function Ua(a,b,c){for(var d,e=(Ra[b]||[]).concat(Ra["*"]),f=0,g=e.length;g>f;f++)if(d=e[f].call(c,b,a))return d}function Va(a,b,c){var d,e,f,g,h,i,j,k,l=this,m={},o=a.style,p=a.nodeType&&S(a),q=L.get(a,"fxshow");c.queue||(h=n._queueHooks(a,"fx"),null==h.unqueued&&(h.unqueued=0,i=h.empty.fire,h.empty.fire=function(){h.unqueued||i()}),h.unqueued++,l.always(function(){l.always(function(){h.unqueued--,n.queue(a,"fx").length||h.empty.fire()})})),1===a.nodeType&&("height"in b||"width"in b)&&(c.overflow=[o.overflow,o.overflowX,o.overflowY],j=n.css(a,"display"),k="none"===j?L.get(a,"olddisplay")||ta(a.nodeName):j,"inline"===k&&"none"===n.css(a,"float")&&(o.display="inline-block")),c.overflow&&(o.overflow="hidden",l.always(function(){o.overflow=c.overflow[0],o.overflowX=c.overflow[1],o.overflowY=c.overflow[2]}));for(d in b)if(e=b[d],Na.exec(e)){if(delete b[d],f=f||"toggle"===e,e===(p?"hide":"show")){if("show"!==e||!q||void 0===q[d])continue;p=!0}m[d]=q&&q[d]||n.style(a,d)}else j=void 0;if(n.isEmptyObject(m))"inline"===("none"===j?ta(a.nodeName):j)&&(o.display=j);else{q?"hidden"in q&&(p=q.hidden):q=L.access(a,"fxshow",{}),f&&(q.hidden=!p),p?n(a).show():l.done(function(){n(a).hide()}),l.done(function(){var b;L.remove(a,"fxshow");for(b in m)n.style(a,b,m[b])});for(d in m)g=Ua(p?q[d]:0,d,l),d in q||(q[d]=g.start,p&&(g.end=g.start,g.start="width"===d||"height"===d?1:0))}}function Wa(a,b){var c,d,e,f,g;for(c in a)if(d=n.camelCase(c),e=b[d],f=a[c],n.isArray(f)&&(e=f[1],f=a[c]=f[0]),c!==d&&(a[d]=f,delete a[c]),g=n.cssHooks[d],g&&"expand"in g){f=g.expand(f),delete a[d];for(c in f)c in a||(a[c]=f[c],b[c]=e)}else b[d]=e}function Xa(a,b,c){var d,e,f=0,g=Qa.length,h=n.Deferred().always(function(){delete i.elem}),i=function(){if(e)return!1;for(var b=La||Sa(),c=Math.max(0,j.startTime+j.duration-b),d=c/j.duration||0,f=1-d,g=0,i=j.tweens.length;i>g;g++)j.tweens[g].run(f);return h.notifyWith(a,[j,f,c]),1>f&&i?c:(h.resolveWith(a,[j]),!1)},j=h.promise({elem:a,props:n.extend({},b),opts:n.extend(!0,{specialEasing:{}},c),originalProperties:b,originalOptions:c,startTime:La||Sa(),duration:c.duration,tweens:[],createTween:function(b,c){var d=n.Tween(a,j.opts,b,c,j.opts.specialEasing[b]||j.opts.easing);return j.tweens.push(d),d},stop:function(b){var c=0,d=b?j.tweens.length:0;if(e)return this;for(e=!0;d>c;c++)j.tweens[c].run(1);return b?h.resolveWith(a,[j,b]):h.rejectWith(a,[j,b]),this}}),k=j.props;for(Wa(k,j.opts.specialEasing);g>f;f++)if(d=Qa[f].call(j,a,k,j.opts))return d;return n.map(k,Ua,j),n.isFunction(j.opts.start)&&j.opts.start.call(a,j),n.fx.timer(n.extend(i,{elem:a,anim:j,queue:j.opts.queue})),j.progress(j.opts.progress).done(j.opts.done,j.opts.complete).fail(j.opts.fail).always(j.opts.always)}n.Animation=n.extend(Xa,{tweener:function(a,b){n.isFunction(a)?(b=a,a=["*"]):a=a.split(" ");for(var c,d=0,e=a.length;e>d;d++)c=a[d],Ra[c]=Ra[c]||[],Ra[c].unshift(b)},prefilter:function(a,b){b?Qa.unshift(a):Qa.push(a)}}),n.speed=function(a,b,c){var d=a&&"object"==typeof a?n.extend({},a):{complete:c||!c&&b||n.isFunction(a)&&a,duration:a,easing:c&&b||b&&!n.isFunction(b)&&b};return d.duration=n.fx.off?0:"number"==typeof d.duration?d.duration:d.duration in n.fx.speeds?n.fx.speeds[d.duration]:n.fx.speeds._default,(null==d.queue||d.queue===!0)&&(d.queue="fx"),d.old=d.complete,d.complete=function(){n.isFunction(d.old)&&d.old.call(this),d.queue&&n.dequeue(this,d.queue)},d},n.fn.extend({fadeTo:function(a,b,c,d){return this.filter(S).css("opacity",0).show().end().animate({opacity:b},a,c,d)},animate:function(a,b,c,d){var e=n.isEmptyObject(a),f=n.speed(b,c,d),g=function(){var b=Xa(this,n.extend({},a),f);(e||L.get(this,"finish"))&&b.stop(!0)};return g.finish=g,e||f.queue===!1?this.each(g):this.queue(f.queue,g)},stop:function(a,b,c){var d=function(a){var b=a.stop;delete a.stop,b(c)};return"string"!=typeof a&&(c=b,b=a,a=void 0),b&&a!==!1&&this.queue(a||"fx",[]),this.each(function(){var b=!0,e=null!=a&&a+"queueHooks",f=n.timers,g=L.get(this);if(e)g[e]&&g[e].stop&&d(g[e]);else for(e in g)g[e]&&g[e].stop&&Pa.test(e)&&d(g[e]);for(e=f.length;e--;)f[e].elem!==this||null!=a&&f[e].queue!==a||(f[e].anim.stop(c),b=!1,f.splice(e,1));(b||!c)&&n.dequeue(this,a)})},finish:function(a){return a!==!1&&(a=a||"fx"),this.each(function(){var b,c=L.get(this),d=c[a+"queue"],e=c[a+"queueHooks"],f=n.timers,g=d?d.length:0;for(c.finish=!0,n.queue(this,a,[]),e&&e.stop&&e.stop.call(this,!0),b=f.length;b--;)f[b].elem===this&&f[b].queue===a&&(f[b].anim.stop(!0),f.splice(b,1));for(b=0;g>b;b++)d[b]&&d[b].finish&&d[b].finish.call(this);delete c.finish})}}),n.each(["toggle","show","hide"],function(a,b){var c=n.fn[b];n.fn[b]=function(a,d,e){return null==a||"boolean"==typeof a?c.apply(this,arguments):this.animate(Ta(b,!0),a,d,e)}}),n.each({slideDown:Ta("show"),slideUp:Ta("hide"),slideToggle:Ta("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(a,b){n.fn[a]=function(a,c,d){return this.animate(b,a,c,d)}}),n.timers=[],n.fx.tick=function(){var a,b=0,c=n.timers;for(La=n.now();b<c.length;b++)a=c[b],a()||c[b]!==a||c.splice(b--,1);c.length||n.fx.stop(),La=void 0},n.fx.timer=function(a){n.timers.push(a),a()?n.fx.start():n.timers.pop()},n.fx.interval=13,n.fx.start=function(){Ma||(Ma=setInterval(n.fx.tick,n.fx.interval))},n.fx.stop=function(){clearInterval(Ma),Ma=null},n.fx.speeds={slow:600,fast:200,_default:400},n.fn.delay=function(a,b){return a=n.fx?n.fx.speeds[a]||a:a,b=b||"fx",this.queue(b,function(b,c){var d=setTimeout(b,a);c.stop=function(){clearTimeout(d)}})},function(){var a=l.createElement("input"),b=l.createElement("select"),c=b.appendChild(l.createElement("option"));a.type="checkbox",k.checkOn=""!==a.value,k.optSelected=c.selected,b.disabled=!0,k.optDisabled=!c.disabled,a=l.createElement("input"),a.value="t",a.type="radio",k.radioValue="t"===a.value}();var Ya,Za,$a=n.expr.attrHandle;n.fn.extend({attr:function(a,b){return J(this,n.attr,a,b,arguments.length>1)},removeAttr:function(a){return this.each(function(){n.removeAttr(this,a)})}}),n.extend({attr:function(a,b,c){var d,e,f=a.nodeType;if(a&&3!==f&&8!==f&&2!==f)return typeof a.getAttribute===U?n.prop(a,b,c):(1===f&&n.isXMLDoc(a)||(b=b.toLowerCase(),d=n.attrHooks[b]||(n.expr.match.bool.test(b)?Za:Ya)),
+void 0===c?d&&"get"in d&&null!==(e=d.get(a,b))?e:(e=n.find.attr(a,b),null==e?void 0:e):null!==c?d&&"set"in d&&void 0!==(e=d.set(a,c,b))?e:(a.setAttribute(b,c+""),c):void n.removeAttr(a,b))},removeAttr:function(a,b){var c,d,e=0,f=b&&b.match(E);if(f&&1===a.nodeType)while(c=f[e++])d=n.propFix[c]||c,n.expr.match.bool.test(c)&&(a[d]=!1),a.removeAttribute(c)},attrHooks:{type:{set:function(a,b){if(!k.radioValue&&"radio"===b&&n.nodeName(a,"input")){var c=a.value;return a.setAttribute("type",b),c&&(a.value=c),b}}}}}),Za={set:function(a,b,c){return b===!1?n.removeAttr(a,c):a.setAttribute(c,c),c}},n.each(n.expr.match.bool.source.match(/\w+/g),function(a,b){var c=$a[b]||n.find.attr;$a[b]=function(a,b,d){var e,f;return d||(f=$a[b],$a[b]=e,e=null!=c(a,b,d)?b.toLowerCase():null,$a[b]=f),e}});var _a=/^(?:input|select|textarea|button)$/i;n.fn.extend({prop:function(a,b){return J(this,n.prop,a,b,arguments.length>1)},removeProp:function(a){return this.each(function(){delete this[n.propFix[a]||a]})}}),n.extend({propFix:{"for":"htmlFor","class":"className"},prop:function(a,b,c){var d,e,f,g=a.nodeType;if(a&&3!==g&&8!==g&&2!==g)return f=1!==g||!n.isXMLDoc(a),f&&(b=n.propFix[b]||b,e=n.propHooks[b]),void 0!==c?e&&"set"in e&&void 0!==(d=e.set(a,c,b))?d:a[b]=c:e&&"get"in e&&null!==(d=e.get(a,b))?d:a[b]},propHooks:{tabIndex:{get:function(a){return a.hasAttribute("tabindex")||_a.test(a.nodeName)||a.href?a.tabIndex:-1}}}}),k.optSelected||(n.propHooks.selected={get:function(a){var b=a.parentNode;return b&&b.parentNode&&b.parentNode.selectedIndex,null}}),n.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){n.propFix[this.toLowerCase()]=this});var ab=/[\t\r\n\f]/g;n.fn.extend({addClass:function(a){var b,c,d,e,f,g,h="string"==typeof a&&a,i=0,j=this.length;if(n.isFunction(a))return this.each(function(b){n(this).addClass(a.call(this,b,this.className))});if(h)for(b=(a||"").match(E)||[];j>i;i++)if(c=this[i],d=1===c.nodeType&&(c.className?(" "+c.className+" ").replace(ab," "):" ")){f=0;while(e=b[f++])d.indexOf(" "+e+" ")<0&&(d+=e+" ");g=n.trim(d),c.className!==g&&(c.className=g)}return this},removeClass:function(a){var b,c,d,e,f,g,h=0===arguments.length||"string"==typeof a&&a,i=0,j=this.length;if(n.isFunction(a))return this.each(function(b){n(this).removeClass(a.call(this,b,this.className))});if(h)for(b=(a||"").match(E)||[];j>i;i++)if(c=this[i],d=1===c.nodeType&&(c.className?(" "+c.className+" ").replace(ab," "):"")){f=0;while(e=b[f++])while(d.indexOf(" "+e+" ")>=0)d=d.replace(" "+e+" "," ");g=a?n.trim(d):"",c.className!==g&&(c.className=g)}return this},toggleClass:function(a,b){var c=typeof a;return"boolean"==typeof b&&"string"===c?b?this.addClass(a):this.removeClass(a):this.each(n.isFunction(a)?function(c){n(this).toggleClass(a.call(this,c,this.className,b),b)}:function(){if("string"===c){var b,d=0,e=n(this),f=a.match(E)||[];while(b=f[d++])e.hasClass(b)?e.removeClass(b):e.addClass(b)}else(c===U||"boolean"===c)&&(this.className&&L.set(this,"__className__",this.className),this.className=this.className||a===!1?"":L.get(this,"__className__")||"")})},hasClass:function(a){for(var b=" "+a+" ",c=0,d=this.length;d>c;c++)if(1===this[c].nodeType&&(" "+this[c].className+" ").replace(ab," ").indexOf(b)>=0)return!0;return!1}});var bb=/\r/g;n.fn.extend({val:function(a){var b,c,d,e=this[0];{if(arguments.length)return d=n.isFunction(a),this.each(function(c){var e;1===this.nodeType&&(e=d?a.call(this,c,n(this).val()):a,null==e?e="":"number"==typeof e?e+="":n.isArray(e)&&(e=n.map(e,function(a){return null==a?"":a+""})),b=n.valHooks[this.type]||n.valHooks[this.nodeName.toLowerCase()],b&&"set"in b&&void 0!==b.set(this,e,"value")||(this.value=e))});if(e)return b=n.valHooks[e.type]||n.valHooks[e.nodeName.toLowerCase()],b&&"get"in b&&void 0!==(c=b.get(e,"value"))?c:(c=e.value,"string"==typeof c?c.replace(bb,""):null==c?"":c)}}}),n.extend({valHooks:{option:{get:function(a){var b=n.find.attr(a,"value");return null!=b?b:n.trim(n.text(a))}},select:{get:function(a){for(var b,c,d=a.options,e=a.selectedIndex,f="select-one"===a.type||0>e,g=f?null:[],h=f?e+1:d.length,i=0>e?h:f?e:0;h>i;i++)if(c=d[i],!(!c.selected&&i!==e||(k.optDisabled?c.disabled:null!==c.getAttribute("disabled"))||c.parentNode.disabled&&n.nodeName(c.parentNode,"optgroup"))){if(b=n(c).val(),f)return b;g.push(b)}return g},set:function(a,b){var c,d,e=a.options,f=n.makeArray(b),g=e.length;while(g--)d=e[g],(d.selected=n.inArray(d.value,f)>=0)&&(c=!0);return c||(a.selectedIndex=-1),f}}}}),n.each(["radio","checkbox"],function(){n.valHooks[this]={set:function(a,b){return n.isArray(b)?a.checked=n.inArray(n(a).val(),b)>=0:void 0}},k.checkOn||(n.valHooks[this].get=function(a){return null===a.getAttribute("value")?"on":a.value})}),n.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(a,b){n.fn[b]=function(a,c){return arguments.length>0?this.on(b,null,a,c):this.trigger(b)}}),n.fn.extend({hover:function(a,b){return this.mouseenter(a).mouseleave(b||a)},bind:function(a,b,c){return this.on(a,null,b,c)},unbind:function(a,b){return this.off(a,null,b)},delegate:function(a,b,c,d){return this.on(b,a,c,d)},undelegate:function(a,b,c){return 1===arguments.length?this.off(a,"**"):this.off(b,a||"**",c)}});var cb=n.now(),db=/\?/;n.parseJSON=function(a){return JSON.parse(a+"")},n.parseXML=function(a){var b,c;if(!a||"string"!=typeof a)return null;try{c=new DOMParser,b=c.parseFromString(a,"text/xml")}catch(d){b=void 0}return(!b||b.getElementsByTagName("parsererror").length)&&n.error("Invalid XML: "+a),b};var eb=/#.*$/,fb=/([?&])_=[^&]*/,gb=/^(.*?):[ \t]*([^\r\n]*)$/gm,hb=/^(?:about|app|app-storage|.+-extension|file|res|widget):$/,ib=/^(?:GET|HEAD)$/,jb=/^\/\//,kb=/^([\w.+-]+:)(?:\/\/(?:[^\/?#]*@|)([^\/?#:]*)(?::(\d+)|)|)/,lb={},mb={},nb="*/".concat("*"),ob=a.location.href,pb=kb.exec(ob.toLowerCase())||[];function qb(a){return function(b,c){"string"!=typeof b&&(c=b,b="*");var d,e=0,f=b.toLowerCase().match(E)||[];if(n.isFunction(c))while(d=f[e++])"+"===d[0]?(d=d.slice(1)||"*",(a[d]=a[d]||[]).unshift(c)):(a[d]=a[d]||[]).push(c)}}function rb(a,b,c,d){var e={},f=a===mb;function g(h){var i;return e[h]=!0,n.each(a[h]||[],function(a,h){var j=h(b,c,d);return"string"!=typeof j||f||e[j]?f?!(i=j):void 0:(b.dataTypes.unshift(j),g(j),!1)}),i}return g(b.dataTypes[0])||!e["*"]&&g("*")}function sb(a,b){var c,d,e=n.ajaxSettings.flatOptions||{};for(c in b)void 0!==b[c]&&((e[c]?a:d||(d={}))[c]=b[c]);return d&&n.extend(!0,a,d),a}function tb(a,b,c){var d,e,f,g,h=a.contents,i=a.dataTypes;while("*"===i[0])i.shift(),void 0===d&&(d=a.mimeType||b.getResponseHeader("Content-Type"));if(d)for(e in h)if(h[e]&&h[e].test(d)){i.unshift(e);break}if(i[0]in c)f=i[0];else{for(e in c){if(!i[0]||a.converters[e+" "+i[0]]){f=e;break}g||(g=e)}f=f||g}return f?(f!==i[0]&&i.unshift(f),c[f]):void 0}function ub(a,b,c,d){var e,f,g,h,i,j={},k=a.dataTypes.slice();if(k[1])for(g in a.converters)j[g.toLowerCase()]=a.converters[g];f=k.shift();while(f)if(a.responseFields[f]&&(c[a.responseFields[f]]=b),!i&&d&&a.dataFilter&&(b=a.dataFilter(b,a.dataType)),i=f,f=k.shift())if("*"===f)f=i;else if("*"!==i&&i!==f){if(g=j[i+" "+f]||j["* "+f],!g)for(e in j)if(h=e.split(" "),h[1]===f&&(g=j[i+" "+h[0]]||j["* "+h[0]])){g===!0?g=j[e]:j[e]!==!0&&(f=h[0],k.unshift(h[1]));break}if(g!==!0)if(g&&a["throws"])b=g(b);else try{b=g(b)}catch(l){return{state:"parsererror",error:g?l:"No conversion from "+i+" to "+f}}}return{state:"success",data:b}}n.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:ob,type:"GET",isLocal:hb.test(pb[1]),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":nb,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":n.parseJSON,"text xml":n.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(a,b){return b?sb(sb(a,n.ajaxSettings),b):sb(n.ajaxSettings,a)},ajaxPrefilter:qb(lb),ajaxTransport:qb(mb),ajax:function(a,b){"object"==typeof a&&(b=a,a=void 0),b=b||{};var c,d,e,f,g,h,i,j,k=n.ajaxSetup({},b),l=k.context||k,m=k.context&&(l.nodeType||l.jquery)?n(l):n.event,o=n.Deferred(),p=n.Callbacks("once memory"),q=k.statusCode||{},r={},s={},t=0,u="canceled",v={readyState:0,getResponseHeader:function(a){var b;if(2===t){if(!f){f={};while(b=gb.exec(e))f[b[1].toLowerCase()]=b[2]}b=f[a.toLowerCase()]}return null==b?null:b},getAllResponseHeaders:function(){return 2===t?e:null},setRequestHeader:function(a,b){var c=a.toLowerCase();return t||(a=s[c]=s[c]||a,r[a]=b),this},overrideMimeType:function(a){return t||(k.mimeType=a),this},statusCode:function(a){var b;if(a)if(2>t)for(b in a)q[b]=[q[b],a[b]];else v.always(a[v.status]);return this},abort:function(a){var b=a||u;return c&&c.abort(b),x(0,b),this}};if(o.promise(v).complete=p.add,v.success=v.done,v.error=v.fail,k.url=((a||k.url||ob)+"").replace(eb,"").replace(jb,pb[1]+"//"),k.type=b.method||b.type||k.method||k.type,k.dataTypes=n.trim(k.dataType||"*").toLowerCase().match(E)||[""],null==k.crossDomain&&(h=kb.exec(k.url.toLowerCase()),k.crossDomain=!(!h||h[1]===pb[1]&&h[2]===pb[2]&&(h[3]||("http:"===h[1]?"80":"443"))===(pb[3]||("http:"===pb[1]?"80":"443")))),k.data&&k.processData&&"string"!=typeof k.data&&(k.data=n.param(k.data,k.traditional)),rb(lb,k,b,v),2===t)return v;i=n.event&&k.global,i&&0===n.active++&&n.event.trigger("ajaxStart"),k.type=k.type.toUpperCase(),k.hasContent=!ib.test(k.type),d=k.url,k.hasContent||(k.data&&(d=k.url+=(db.test(d)?"&":"?")+k.data,delete k.data),k.cache===!1&&(k.url=fb.test(d)?d.replace(fb,"$1_="+cb++):d+(db.test(d)?"&":"?")+"_="+cb++)),k.ifModified&&(n.lastModified[d]&&v.setRequestHeader("If-Modified-Since",n.lastModified[d]),n.etag[d]&&v.setRequestHeader("If-None-Match",n.etag[d])),(k.data&&k.hasContent&&k.contentType!==!1||b.contentType)&&v.setRequestHeader("Content-Type",k.contentType),v.setRequestHeader("Accept",k.dataTypes[0]&&k.accepts[k.dataTypes[0]]?k.accepts[k.dataTypes[0]]+("*"!==k.dataTypes[0]?", "+nb+"; q=0.01":""):k.accepts["*"]);for(j in k.headers)v.setRequestHeader(j,k.headers[j]);if(k.beforeSend&&(k.beforeSend.call(l,v,k)===!1||2===t))return v.abort();u="abort";for(j in{success:1,error:1,complete:1})v[j](k[j]);if(c=rb(mb,k,b,v)){v.readyState=1,i&&m.trigger("ajaxSend",[v,k]),k.async&&k.timeout>0&&(g=setTimeout(function(){v.abort("timeout")},k.timeout));try{t=1,c.send(r,x)}catch(w){if(!(2>t))throw w;x(-1,w)}}else x(-1,"No Transport");function x(a,b,f,h){var j,r,s,u,w,x=b;2!==t&&(t=2,g&&clearTimeout(g),c=void 0,e=h||"",v.readyState=a>0?4:0,j=a>=200&&300>a||304===a,f&&(u=tb(k,v,f)),u=ub(k,u,v,j),j?(k.ifModified&&(w=v.getResponseHeader("Last-Modified"),w&&(n.lastModified[d]=w),w=v.getResponseHeader("etag"),w&&(n.etag[d]=w)),204===a||"HEAD"===k.type?x="nocontent":304===a?x="notmodified":(x=u.state,r=u.data,s=u.error,j=!s)):(s=x,(a||!x)&&(x="error",0>a&&(a=0))),v.status=a,v.statusText=(b||x)+"",j?o.resolveWith(l,[r,x,v]):o.rejectWith(l,[v,x,s]),v.statusCode(q),q=void 0,i&&m.trigger(j?"ajaxSuccess":"ajaxError",[v,k,j?r:s]),p.fireWith(l,[v,x]),i&&(m.trigger("ajaxComplete",[v,k]),--n.active||n.event.trigger("ajaxStop")))}return v},getJSON:function(a,b,c){return n.get(a,b,c,"json")},getScript:function(a,b){return n.get(a,void 0,b,"script")}}),n.each(["get","post"],function(a,b){n[b]=function(a,c,d,e){return n.isFunction(c)&&(e=e||d,d=c,c=void 0),n.ajax({url:a,type:b,dataType:e,data:c,success:d})}}),n._evalUrl=function(a){return n.ajax({url:a,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0})},n.fn.extend({wrapAll:function(a){var b;return n.isFunction(a)?this.each(function(b){n(this).wrapAll(a.call(this,b))}):(this[0]&&(b=n(a,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&b.insertBefore(this[0]),b.map(function(){var a=this;while(a.firstElementChild)a=a.firstElementChild;return a}).append(this)),this)},wrapInner:function(a){return this.each(n.isFunction(a)?function(b){n(this).wrapInner(a.call(this,b))}:function(){var b=n(this),c=b.contents();c.length?c.wrapAll(a):b.append(a)})},wrap:function(a){var b=n.isFunction(a);return this.each(function(c){n(this).wrapAll(b?a.call(this,c):a)})},unwrap:function(){return this.parent().each(function(){n.nodeName(this,"body")||n(this).replaceWith(this.childNodes)}).end()}}),n.expr.filters.hidden=function(a){return a.offsetWidth<=0&&a.offsetHeight<=0},n.expr.filters.visible=function(a){return!n.expr.filters.hidden(a)};var vb=/%20/g,wb=/\[\]$/,xb=/\r?\n/g,yb=/^(?:submit|button|image|reset|file)$/i,zb=/^(?:input|select|textarea|keygen)/i;function Ab(a,b,c,d){var e;if(n.isArray(b))n.each(b,function(b,e){c||wb.test(a)?d(a,e):Ab(a+"["+("object"==typeof e?b:"")+"]",e,c,d)});else if(c||"object"!==n.type(b))d(a,b);else for(e in b)Ab(a+"["+e+"]",b[e],c,d)}n.param=function(a,b){var c,d=[],e=function(a,b){b=n.isFunction(b)?b():null==b?"":b,d[d.length]=encodeURIComponent(a)+"="+encodeURIComponent(b)};if(void 0===b&&(b=n.ajaxSettings&&n.ajaxSettings.traditional),n.isArray(a)||a.jquery&&!n.isPlainObject(a))n.each(a,function(){e(this.name,this.value)});else for(c in a)Ab(c,a[c],b,e);return d.join("&").replace(vb,"+")},n.fn.extend({serialize:function(){return n.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var a=n.prop(this,"elements");return a?n.makeArray(a):this}).filter(function(){var a=this.type;return this.name&&!n(this).is(":disabled")&&zb.test(this.nodeName)&&!yb.test(a)&&(this.checked||!T.test(a))}).map(function(a,b){var c=n(this).val();return null==c?null:n.isArray(c)?n.map(c,function(a){return{name:b.name,value:a.replace(xb,"\r\n")}}):{name:b.name,value:c.replace(xb,"\r\n")}}).get()}}),n.ajaxSettings.xhr=function(){try{return new XMLHttpRequest}catch(a){}};var Bb=0,Cb={},Db={0:200,1223:204},Eb=n.ajaxSettings.xhr();a.attachEvent&&a.attachEvent("onunload",function(){for(var a in Cb)Cb[a]()}),k.cors=!!Eb&&"withCredentials"in Eb,k.ajax=Eb=!!Eb,n.ajaxTransport(function(a){var b;return k.cors||Eb&&!a.crossDomain?{send:function(c,d){var e,f=a.xhr(),g=++Bb;if(f.open(a.type,a.url,a.async,a.username,a.password),a.xhrFields)for(e in a.xhrFields)f[e]=a.xhrFields[e];a.mimeType&&f.overrideMimeType&&f.overrideMimeType(a.mimeType),a.crossDomain||c["X-Requested-With"]||(c["X-Requested-With"]="XMLHttpRequest");for(e in c)f.setRequestHeader(e,c[e]);b=function(a){return function(){b&&(delete Cb[g],b=f.onload=f.onerror=null,"abort"===a?f.abort():"error"===a?d(f.status,f.statusText):d(Db[f.status]||f.status,f.statusText,"string"==typeof f.responseText?{text:f.responseText}:void 0,f.getAllResponseHeaders()))}},f.onload=b(),f.onerror=b("error"),b=Cb[g]=b("abort");try{f.send(a.hasContent&&a.data||null)}catch(h){if(b)throw h}},abort:function(){b&&b()}}:void 0}),n.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/(?:java|ecma)script/},converters:{"text script":function(a){return n.globalEval(a),a}}}),n.ajaxPrefilter("script",function(a){void 0===a.cache&&(a.cache=!1),a.crossDomain&&(a.type="GET")}),n.ajaxTransport("script",function(a){if(a.crossDomain){var b,c;return{send:function(d,e){b=n("<script>").prop({async:!0,charset:a.scriptCharset,src:a.url}).on("load error",c=function(a){b.remove(),c=null,a&&e("error"===a.type?404:200,a.type)}),l.head.appendChild(b[0])},abort:function(){c&&c()}}}});var Fb=[],Gb=/(=)\?(?=&|$)|\?\?/;n.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var a=Fb.pop()||n.expando+"_"+cb++;return this[a]=!0,a}}),n.ajaxPrefilter("json jsonp",function(b,c,d){var e,f,g,h=b.jsonp!==!1&&(Gb.test(b.url)?"url":"string"==typeof b.data&&!(b.contentType||"").indexOf("application/x-www-form-urlencoded")&&Gb.test(b.data)&&"data");return h||"jsonp"===b.dataTypes[0]?(e=b.jsonpCallback=n.isFunction(b.jsonpCallback)?b.jsonpCallback():b.jsonpCallback,h?b[h]=b[h].replace(Gb,"$1"+e):b.jsonp!==!1&&(b.url+=(db.test(b.url)?"&":"?")+b.jsonp+"="+e),b.converters["script json"]=function(){return g||n.error(e+" was not called"),g[0]},b.dataTypes[0]="json",f=a[e],a[e]=function(){g=arguments},d.always(function(){a[e]=f,b[e]&&(b.jsonpCallback=c.jsonpCallback,Fb.push(e)),g&&n.isFunction(f)&&f(g[0]),g=f=void 0}),"script"):void 0}),n.parseHTML=function(a,b,c){if(!a||"string"!=typeof a)return null;"boolean"==typeof b&&(c=b,b=!1),b=b||l;var d=v.exec(a),e=!c&&[];return d?[b.createElement(d[1])]:(d=n.buildFragment([a],b,e),e&&e.length&&n(e).remove(),n.merge([],d.childNodes))};var Hb=n.fn.load;n.fn.load=function(a,b,c){if("string"!=typeof a&&Hb)return Hb.apply(this,arguments);var d,e,f,g=this,h=a.indexOf(" ");return h>=0&&(d=n.trim(a.slice(h)),a=a.slice(0,h)),n.isFunction(b)?(c=b,b=void 0):b&&"object"==typeof b&&(e="POST"),g.length>0&&n.ajax({url:a,type:e,dataType:"html",data:b}).done(function(a){f=arguments,g.html(d?n("<div>").append(n.parseHTML(a)).find(d):a)}).complete(c&&function(a,b){g.each(c,f||[a.responseText,b,a])}),this},n.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(a,b){n.fn[b]=function(a){return this.on(b,a)}}),n.expr.filters.animated=function(a){return n.grep(n.timers,function(b){return a===b.elem}).length};var Ib=a.document.documentElement;function Jb(a){return n.isWindow(a)?a:9===a.nodeType&&a.defaultView}n.offset={setOffset:function(a,b,c){var d,e,f,g,h,i,j,k=n.css(a,"position"),l=n(a),m={};"static"===k&&(a.style.position="relative"),h=l.offset(),f=n.css(a,"top"),i=n.css(a,"left"),j=("absolute"===k||"fixed"===k)&&(f+i).indexOf("auto")>-1,j?(d=l.position(),g=d.top,e=d.left):(g=parseFloat(f)||0,e=parseFloat(i)||0),n.isFunction(b)&&(b=b.call(a,c,h)),null!=b.top&&(m.top=b.top-h.top+g),null!=b.left&&(m.left=b.left-h.left+e),"using"in b?b.using.call(a,m):l.css(m)}},n.fn.extend({offset:function(a){if(arguments.length)return void 0===a?this:this.each(function(b){n.offset.setOffset(this,a,b)});var b,c,d=this[0],e={top:0,left:0},f=d&&d.ownerDocument;if(f)return b=f.documentElement,n.contains(b,d)?(typeof d.getBoundingClientRect!==U&&(e=d.getBoundingClientRect()),c=Jb(f),{top:e.top+c.pageYOffset-b.clientTop,left:e.left+c.pageXOffset-b.clientLeft}):e},position:function(){if(this[0]){var a,b,c=this[0],d={top:0,left:0};return"fixed"===n.css(c,"position")?b=c.getBoundingClientRect():(a=this.offsetParent(),b=this.offset(),n.nodeName(a[0],"html")||(d=a.offset()),d.top+=n.css(a[0],"borderTopWidth",!0),d.left+=n.css(a[0],"borderLeftWidth",!0)),{top:b.top-d.top-n.css(c,"marginTop",!0),left:b.left-d.left-n.css(c,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var a=this.offsetParent||Ib;while(a&&!n.nodeName(a,"html")&&"static"===n.css(a,"position"))a=a.offsetParent;return a||Ib})}}),n.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(b,c){var d="pageYOffset"===c;n.fn[b]=function(e){return J(this,function(b,e,f){var g=Jb(b);return void 0===f?g?g[c]:b[e]:void(g?g.scrollTo(d?a.pageXOffset:f,d?f:a.pageYOffset):b[e]=f)},b,e,arguments.length,null)}}),n.each(["top","left"],function(a,b){n.cssHooks[b]=ya(k.pixelPosition,function(a,c){return c?(c=xa(a,b),va.test(c)?n(a).position()[b]+"px":c):void 0})}),n.each({Height:"height",Width:"width"},function(a,b){n.each({padding:"inner"+a,content:b,"":"outer"+a},function(c,d){n.fn[d]=function(d,e){var f=arguments.length&&(c||"boolean"!=typeof d),g=c||(d===!0||e===!0?"margin":"border");return J(this,function(b,c,d){var e;return n.isWindow(b)?b.document.documentElement["client"+a]:9===b.nodeType?(e=b.documentElement,Math.max(b.body["scroll"+a],e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?n.css(b,c,g):n.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),n.fn.size=function(){return this.length},n.fn.andSelf=n.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return n});var Kb=a.jQuery,Lb=a.$;return n.noConflict=function(b){return a.$===n&&(a.$=Lb),b&&a.jQuery===n&&(a.jQuery=Kb),n},typeof b===U&&(a.jQuery=a.$=n),n});
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-backchannel.xml b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-backchannel.xml
new file mode 100644
index 0000000..4b44ec7
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-backchannel.xml
@@ -0,0 +1,81 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
+
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+
+    <!-- ============================================================= -->
+    <!-- TLS context factory with optional client auth                 -->
+    <!-- and no container trust (delegate to application)              -->
+    <!-- for backchannel (SOAP) communication to IdP                   -->
+    <!-- ============================================================= -->
+    <New id="shibContextFactory" class="net.shibboleth.utilities.jetty9.DelegateToApplicationSslContextFactory">
+        <Set name="KeyStorePath"><Property name="jetty.backchannel.sslContext.keyStorePath" /></Set>
+        <Set name="KeyStoreType"><Property name="jetty.backchannel.sslContext.keyStoreType" /></Set>
+        <Set name="KeyStorePassword"><Property name="jetty.backchannel.sslContext.keyStorePassword" /></Set>
+        <Set name="EndpointIdentificationAlgorithm"></Set>
+        <Set name="renegotiationAllowed">false</Set>
+        <Set name="useCipherSuitesOrder">true</Set>
+        <Set name="IncludeCipherSuites">
+            <Array type="String">
+                <Item>TLS_ECDHE.*</Item>
+                <Item>TLS_RSA.*</Item>
+            </Array>
+        </Set>
+        <Set name="ExcludeCipherSuites">
+            <Array type="String">
+                <Item>.*NULL.*</Item>
+                <Item>.*RC4.*</Item>
+                <Item>.*MD5.*</Item>
+                <Item>.*DES.*</Item>
+                <Item>.*DSS.*</Item>
+            </Array>
+        </Set>
+    </New>
+
+    <New id="shibHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+        <Arg><Ref refid="httpConfig"/></Arg>
+        <Call name="addCustomizer">
+            <Arg>
+                <New class="org.eclipse.jetty.server.SecureRequestCustomizer">
+                    <Arg type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
+                </New>
+            </Arg>
+        </Call>
+    </New>
+
+    <!-- ============================================================= -->
+    <!-- IdP SOAP protocol connector                                   -->
+    <!-- ============================================================= -->
+    <Call id="shibConnector" name="addConnector">
+        <Arg>
+            <New class="org.eclipse.jetty.server.ServerConnector">
+                <Arg name="server"><Ref refid="Server" /></Arg>
+                <Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" default="-1"/></Arg>
+                <Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" default="-1"/></Arg>
+                <Arg name="factories">
+                    <Array type="org.eclipse.jetty.server.ConnectionFactory">
+                        <Item>
+                            <New class="org.eclipse.jetty.server.SslConnectionFactory">
+                                <Arg name="next">http/1.1</Arg>
+                                <Arg name="sslContextFactory"><Ref refid="shibContextFactory"/></Arg>
+                            </New>
+                        </Item>
+                        <Item>
+                            <New class="org.eclipse.jetty.server.HttpConnectionFactory">
+                                <Arg name="config"><Ref refid="shibHttpConfig"/></Arg>
+                            </New>
+                        </Item>
+                    </Array>
+                </Arg>
+                <Set name="host"><Property name="jetty.backchannel.host" default="0.0.0.0" /></Set>
+                <Set name="port"><Property name="jetty.backchannel.port" default="8443"/></Set>
+                <Set name="idleTimeout"><Property name="jetty.ssl.timeout" default="30000"/></Set>
+                <Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" default="-1"/></Set>
+                <Set name="acceptorPriorityDelta"><Property name="jetty.ssl.acceptorPriorityDelta" default="0"/></Set>
+                <Set name="selectorPriorityDelta"><Property name="jetty.ssl.selectorPriorityDelta" default="0"/></Set>
+                <Set name="acceptQueueSize"><Property name="jetty.ssl.acceptQueueSize" default="0"/></Set>
+            </New>
+        </Arg>
+    </Call>
+
+</Configure>
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-logging.xml b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-logging.xml
new file mode 100644
index 0000000..2348f99
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-logging.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!-- =============================================================== -->
+<!-- Configure stderr and stdout to a Jetty rollover log file        -->
+<!-- this configuration file should be used in combination with      -->
+<!-- other configuration files.  e.g.                                -->
+<!--    java -jar start.jar etc/jetty-logging.xml                    -->
+<!-- =============================================================== -->
+<Configure id="logging" class="org.eclipse.jetty.util.log.Log">
+<!-- Logging sent to Console for "docker logs" processing
+    <New id="ServerLog" class="java.io.PrintStream">
+      <Arg>
+        <New class="org.eclipse.jetty.util.RolloverFileOutputStream">
+          <Arg><Property name="jetty.logging.dir" deprecated="jetty.logs" default="./logs"/>/yyyy_mm_dd.stderrout.log</Arg>
+          <Arg type="boolean"><Property name="jetty.logging.append" default="false"/></Arg>
+          <Arg type="int"><Property name="jetty.logging.retainDays" default="90"/></Arg>
+          <Arg>
+              <Call class="java.util.TimeZone" name="getTimeZone"><Arg><Property name="jetty.logging.timezone" default="GMT"/></Arg></Call>
+          </Arg>
+          <Get id="ServerLogName" name="datedFilename"/>
+        </New>
+      </Arg>
+    </New>
+
+    <Get name="rootLogger">
+      <Call name="info"><Arg>Redirecting stderr/stdout to <Ref refid="ServerLogName"/></Arg></Call>
+    </Get>
+    <Call class="java.lang.System" name="setErr"><Arg><Ref refid="ServerLog"/></Arg></Call>
+    <Call class="java.lang.System" name="setOut"><Arg><Ref refid="ServerLog"/></Arg></Call>
+-->
+</Configure>
+
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-ssl-context.xml b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-ssl-context.xml
new file mode 100644
index 0000000..a28de73
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/etc/jetty-ssl-context.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+  <!-- ============================================================= -->
+  <!-- TLS context factory without client auth                       -->
+  <!-- ============================================================= -->
+  <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
+    <Set name="KeyStorePath"><Property name="jetty.sslContext.keyStorePath" /></Set>
+    <Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" /></Set>
+    <Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" /></Set>
+    <Set name="EndpointIdentificationAlgorithm"></Set>
+    <Set name="NeedClientAuth">false</Set>
+    <Set name="WantClientAuth">false</Set>
+    <Set name="renegotiationAllowed">false</Set>
+    <Set name="useCipherSuitesOrder">true</Set>
+    <Set name="IncludeCipherSuites">
+      <Array type="String">
+          <Item>TLS_ECDHE.*</Item>
+          <Item>TLS_RSA.*</Item>
+      </Array>
+    </Set>
+    <Set name="ExcludeCipherSuites">
+      <Array type="String">
+        <Item>.*NULL.*</Item>
+        <Item>.*RC4.*</Item>
+        <Item>.*MD5.*</Item>
+        <Item>.*DES.*</Item>
+        <Item>.*DSS.*</Item>
+      </Array>
+    </Set>
+ </New>
+</Configure>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/modules/backchannel.mod b/Sources/SIS/shib-idp/opt/shib-jetty-base/modules/backchannel.mod
new file mode 100644
index 0000000..1215b10
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/modules/backchannel.mod
@@ -0,0 +1,8 @@
+[name]
+backchannel
+
+[depend]
+server
+
+[xml]
+etc/jetty-backchannel.xml
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/backchannel.ini b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/backchannel.ini
new file mode 100644
index 0000000..afa19ed
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/backchannel.ini
@@ -0,0 +1,8 @@
+--module=backchannel
+
+jetty.backchannel.port=8443
+jetty.backchannel.sslContext.keyStorePath=/opt/shibboleth-idp/credentials/idp-backchannel.p12
+jetty.backchannel.sslContext.keyStoreType=PKCS12
+
+# specified by $IDP_HOME/ext-conf/idp-secrets.properties or the 'docker run' command line
+# jetty.backchannel.sslContext.keyStorePassword=CHANGEME
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/ssl.ini b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/ssl.ini
new file mode 100644
index 0000000..e2a8e1a
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.d/ssl.ini
@@ -0,0 +1,7 @@
+--module=ssl
+jetty.ssl.port=4443
+jetty.sslContext.keyStorePath=/opt/shibboleth-idp/credentials/idp-browser.p12
+jetty.sslContext.keyStoreType=PKCS12
+
+# specified by $IDP_HOME/ext-conf/idp-secrets.properties or the 'docker run' command line
+# jetty.sslContext.keyStorePassword=$JETTY_BROWSER_SSL_KEYSTORE_PASSWORD
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/start.ini b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.ini
new file mode 100644
index 0000000..9502cc2
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/start.ini
@@ -0,0 +1,24 @@
+# Required Jetty modules
+--module=server
+--module=deploy
+--module=annotations
+--module=resources
+--module=logging
+--module=requestlog
+--module=servlets
+--module=jsp
+--module=jstl
+--module=ext
+--module=plus
+
+# Allows setting Java system properties (-Dname=value)
+# and JVM flags (-X, -XX) in this file
+# NOTE: spawns child Java process
+--exec
+
+# Uncomment if IdP is installed somewhere other than /opt/shibboleth-idp
+#-Didp.home=/opt/shibboleth-idp
+
+# Maximum amount of memory that Jetty may use, at least 512M is recommended
+# This value will be replaced at runtime using the env JAVA_MAX_MEMORY setting.
+-XmxJETTY_MAX_HEAP
diff --git a/Sources/SIS/shib-idp/opt/shib-jetty-base/webapps/idp.xml b/Sources/SIS/shib-idp/opt/shib-jetty-base/webapps/idp.xml
new file mode 100644
index 0000000..ae65060
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shib-jetty-base/webapps/idp.xml
@@ -0,0 +1,7 @@
+<Configure class="org.eclipse.jetty.webapp.WebAppContext">
+  <Set name="war">/opt/shibboleth-idp/webapp/</Set>
+  <Set name="contextPath">/idp</Set>
+  <Set name="extractWAR">false</Set>
+  <Set name="copyWebDir">false</Set>
+  <Set name="copyWebInf">true</Set>
+</Configure>
\ No newline at end of file
diff --git a/Sources/SIS/shib-idp/opt/shibboleth-idp/conf/logback.xml b/Sources/SIS/shib-idp/opt/shibboleth-idp/conf/logback.xml
new file mode 100644
index 0000000..310afdd
--- /dev/null
+++ b/Sources/SIS/shib-idp/opt/shibboleth-idp/conf/logback.xml
@@ -0,0 +1,179 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+    <!--
+    Variables for simplifying logging configuration.
+    http://logback.qos.ch/manual/configuration.html#variableSubstitution
+    -->
+    
+    <variable name="idp.logfiles" value="${idp.home}/logs" />
+    <variable name="idp.loghistory" value="180" />
+    
+    <!-- Much higher performance if you operate on DEBUG. -->
+    <!-- <variable name="idp.process.appender" value="ASYNC_PROCESS" /> -->
+    
+    <!-- Logging level shortcuts. -->
+    <variable name="idp.loglevel.idp" value="INFO" />
+    <variable name="idp.loglevel.ldap" value="WARN" />
+    <variable name="idp.loglevel.messages" value="INFO" />
+    <variable name="idp.loglevel.encryption" value="INFO" />
+    <variable name="idp.loglevel.opensaml" value="INFO" />
+    <variable name="idp.loglevel.props" value="INFO" />
+    
+    <!-- Don't turn these up unless you want a *lot* of noise. -->
+    <variable name="idp.loglevel.spring" value="ERROR" />
+    <variable name="idp.loglevel.container" value="ERROR" />
+    <variable name="idp.loglevel.xmlsec" value="INFO" />
+
+    <!--
+    If you want to use custom properties in this config file,
+    we load the main property file for you.
+    -->
+    <variable file="${idp.home}/conf/idp.properties" />
+    
+    <!-- =========================================================== -->
+    <!-- ============== Logging Categories and Levels ============== -->
+    <!-- =========================================================== -->
+
+    <!-- Logs IdP, but not OpenSAML, messages -->
+    <logger name="net.shibboleth.idp" level="${idp.loglevel.idp:-INFO}"/>
+
+    <!-- Logs OpenSAML, but not IdP, messages -->
+    <logger name="org.opensaml.saml" level="${idp.loglevel.opensaml:-INFO}"/>
+    
+    <!-- Logs LDAP related messages -->
+    <logger name="org.ldaptive" level="${idp.loglevel.ldap:-WARN}"/>
+    
+    <!-- Logs inbound and outbound protocols messages at DEBUG level -->
+    <logger name="PROTOCOL_MESSAGE" level="${idp.loglevel.messages:-INFO}" />
+
+    <!-- Logs unencrypted SAML at DEBUG level -->
+    <logger name="org.opensaml.saml.saml2.encryption.Encrypter" level="${idp.loglevel.encryption:-INFO}" />
+
+    <!-- Logs system properties during startup at DEBUG level -->
+    <logger name="net.shibboleth.idp.log.LogbackLoggingService" level="${idp.loglevel.props:-INFO}" />
+
+    <!-- Especially chatty. -->
+    <logger name="net.shibboleth.idp.saml.attribute.mapping" level="INFO" />
+    <logger name="org.apache.xml.security" level="${idp.loglevel.xmlsec:-INFO}" />
+    <logger name="org.springframework" level="${idp.loglevel.spring:-ERROR}"/>
+    <logger name="org.apache.catalina" level="${idp.loglevel.container:-ERROR}"/>
+    <logger name="org.eclipse.jetty" level="${idp.loglevel.container:-ERROR}"/>
+
+
+    <!-- =========================================================== -->
+    <!-- ============== Low Level Details or Changes =============== -->
+    <!-- =========================================================== -->
+    
+    <!-- Process log. -->
+    <appender name="IDP_PROCESS" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%date{ISO8601} - %level [%logger:%line] - %msg%n%ex{short}</Pattern>
+        </encoder>
+
+        <!-- Ignore Velocity status page error. -->
+        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+            <evaluator>
+                <matcher>
+                    <Name>VelocityStatusMatcher</Name>
+                    <regex>ResourceManager : unable to find resource 'status.vm' in any resource loader.</regex>
+                </matcher>
+                <expression>VelocityStatusMatcher.matches(formattedMessage)</expression>
+            </evaluator>
+            <OnMatch>DENY</OnMatch>
+        </filter>
+    </appender>
+
+    <appender name="ASYNC_PROCESS" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="IDP_PROCESS" />
+        <discardingThreshold>0</discardingThreshold>
+    </appender>
+
+    <appender name="IDP_WARN" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <!-- Suppress anything below WARN. -->
+        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+            <level>WARN</level>
+        </filter>
+        
+        <File>${idp.logfiles}/idp-warn.log</File>
+        
+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <fileNamePattern>${idp.logfiles}/idp-warn-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
+            <maxHistory>${idp.loghistory:-180}</maxHistory>
+        </rollingPolicy>
+        
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%date{ISO8601} - %level [%logger:%line] - %msg%n%ex{short}</Pattern>
+        </encoder>
+        
+        <!-- Ignore Velocity status page error. -->
+        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+            <evaluator>
+                <matcher>
+                    <Name>VelocityStatusMatcher</Name>
+                    <regex>ResourceManager : unable to find resource 'status.vm' in any resource loader.</regex>
+                </matcher>
+                <expression>VelocityStatusMatcher.matches(formattedMessage)</expression>
+            </evaluator>
+            <OnMatch>DENY</OnMatch>
+        </filter>
+    </appender>
+    
+    <!-- Audit log. -->
+    <appender name="IDP_AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <File>${idp.logfiles}/idp-audit.log</File>
+
+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <fileNamePattern>${idp.logfiles}/idp-audit-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
+            <maxHistory>${idp.loghistory:-180}</maxHistory>
+        </rollingPolicy>
+
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%msg%n</Pattern>
+        </encoder>
+    </appender>
+    
+    <!-- Consent audit log. -->
+    <appender name="IDP_CONSENT_AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <File>${idp.logfiles}/idp-consent-audit.log</File>
+
+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <fileNamePattern>${idp.logfiles}/idp-consent-audit-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
+            <maxHistory>${idp.loghistory:-180}</maxHistory>
+        </rollingPolicy>
+
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%msg%n</Pattern>
+        </encoder>
+    </appender>
+
+    <!-- F-TICKS syslog destination. -->
+    <appender name="IDP_FTICKS" class="ch.qos.logback.classic.net.SyslogAppender">
+        <syslogHost>${idp.fticks.loghost:-localhost}</syslogHost>
+        <port>${idp.fticks.logport:-514}</port>
+        <facility>AUTH</facility>
+        <suffixPattern>[%thread] %logger %msg</suffixPattern>
+    </appender>
+
+    <logger name="Shibboleth-Audit" level="ALL">
+        <appender-ref ref="${idp.audit.appender:-IDP_AUDIT}"/>
+    </logger>
+
+    <logger name="Shibboleth-FTICKS" level="ALL" additivity="false">
+        <appender-ref ref="${idp.fticks.appender:-IDP_FTICKS}"/>
+    </logger>
+
+    <logger name="Shibboleth-Consent-Audit" level="ALL">
+        <appender-ref ref="${idp.consent.appender:-IDP_CONSENT_AUDIT}"/>
+    </logger>
+    
+    <root level="${idp.loglevel.root:-INFO}">
+        <appender-ref ref="${idp.process.appender:-IDP_PROCESS}"/>
+        <appender-ref ref="${idp.warn.appender:-IDP_WARN}" />
+    </root>
+
+</configuration>
\ No newline at end of file