Thanks for quick reply Sham. Is cq-6.1.0-hotfix-8573 available publicly? Not able to find it on packageshare..

I have configured SAML for publish instances and it works when not using encapsulated tokens.If I enable encapsulated tokens, I get this trace with infinite looping between AEM and IDP. Anybody experienced similar issue? I also notice that the login-token cookie still looks the same as non-encapsula...