Hi Pantelis,

chung wrote on 06/17/2010 01:57 PM:
> Hi all,
>   I got a token from the SSO server, the invalidated it by logging out
> and finally tried the following request:
>
> curl -X POST -k -i -d "tokenid=AQIC5wM2LY4Sfczh61E56Y%2Bnl9tJwP5IJWHOL%
> 2FqYzswKGWg%3D%40AAJTSQACMDE%3D%23"
> https://opensso.in-silico.ch/opensso/identity/isTokenValid
>
> from which instead of getting boolean=false, I get a status code 401
> (Unauthorized). Is this what one is expecting? I've configured of course
> the service to translate this into a negative answer.

this page (for example):
http://developers.sun.com/identity/reference/techart/id-svcs.html
states "boolean" as response.

I can reproduce this behaviour here. Seems to be clearly a bug.

Regards
Andreas