将春季安全 SAML 2.0 与 ADFS 2.0 集成为 IDP 的问题

我正在尝试将Spring Security saml 2.0与adfs 2.0集成为idp。但是我收到错误说 - "响应没有任何有效的断言可以通过主题验证"。 请在下面找到 saml 示踪剂输出。

`<samlp:Response ID="_7a5cd6ab-f2eb-4b24-b827-01b9852ca41d"
Version="2.0"
IssueInstant="2017-07-04T07:09:13.497Z"
Destination="https://example.com/saml/SSO"
Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
InResponseTo="a4h23ag43aca1gh951g2c322ce22102"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://example.com/adfs/services/trust</Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</samlp:Status>
<EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
</e:EncryptionMethod>
<KeyInfo>
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US</ds:X509IssuerName>                               
<ds:X509SerialNumber>352932712240095357742.......</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</KeyInfo>
<e:CipherData>               
<e:CipherValue>oLddsOeYU6cozK4XsUdiCUM55C30nV3VZaaEv/M28hjj4zq3J0ylOBAzwiSa .....</e:CipherValue>
</e:CipherData>
</e:EncryptedKey>
</KeyInfo>
<xenc:CipherData>            
<xenc:CipherValue>NUwiN6Xq2ibLA8NIlzZP5YK2W1hdGU9YeGjfvpqWiXTBGviKh/4uL6Fk8DF1 .....</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</EncryptedAssertion>

'