Hi Colm, Thank you for your question.
Indeed, I am not sure about the way users are being configured for the token server. I experience the following behavior: - if I access the main cas login page /cas/login and I use the default user/password for cas (casuser/Mellon) I get logged into cas correctly; (or if I access an app protected by cas, I get redirected to the main cas login page /cas/login and then I can login ) - but if I try to go to an app that is integrated with cas through WS-FED, I still get redirected to the cas/login page but then casuser/Mellon gives the error "Invalid credentials" and I see that error in the logs: ERROR [org.apereo.cas.authentication.SecurityTokenServiceAuthenticationMetaDataPopulator] - ^[[m I assumed the Invalid credentials was simply a message covering for the real error, but I guess I was wrong. The trouble is I am not sure where the users for the WS-FED part should be configured... On the documentation page (https://apereo.github.io/cas/5.2.x/protocol/WS-Federation-Protocol.html) there does not seem to be anything relevant about user configuration. -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
