Is it just me, or is there something a bit odd in lines 333-342 of ProcessResponseServlet.java from the sample Java SSO code in sso- sample-1.0.1-java.zip?
The first half of the if block checks that issueInstant (derived from the incoming request) is well formatted, except that if it isn't it reports a problem with the NotBefore date that the servlet has just generated. The second half checks and reports on the servlet-generated NotOnOrAfter date. There is perhaps some logic in checking issueInstant since it comes from outside. However we are not actually doing anything with it other than including it in our response - if it is bogus we could just as well leave it up to the service provider to take action. I really don't see any point in checking the format of NotBefore and NotOnOrAfter since we generated them! Jon. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
