Hi Oliver, I just sent you my tomcat-rp zip file. Gmail didn't allow me send it, so I had to use yahoo account.
<<<=========== Add the following in <catalina.home>/conf/logging.properties: org.apache.cxf.fediz.level = FINEST Ensure that that the ConsoleHandler level is set to FINEST too: java.util.logging.ConsoleHandler.level = FINEST ==============>>> After all these changes, I still don't see anything in the log file. <<<=========== One other thing... I've found this post: http://social.msdn.microsoft.com/Forums/en-US/Geneva/thread/dd24d009-e15a-47a2-bf3a-f27aa75518ab Here the important snippet: >>> Within the RP property window in ADFS there is a property describing what version of the token to generate. Unfortunately I don't have ADFS in front of me so I can't tell you exactly where it is. >>> Do you see anything? <<<=========== I set up RP manually in ADFS2.0, so I wouldn't miss anything. When create a RP on ADFS2.0, there is an option to choose to use ADFS2.0 profile or ADFS1.1/1.0 profile, but this is nothing to do with token type as I know. We choose ADFS2.0 since this is newer version of ADFS2.0 feature. Thanks. Gina