Hi Andreas, 
 How is the token supposed to be provided to a service: as a Header or a
form parameter?

Best regards,
Pantelis

On Thu, 2010-06-17 at 14:17 +0200, Andreas Maunz wrote:
> Hi Pantelis,
> 
> chung wrote on 06/17/2010 01:57 PM:
> > Hi all,
> >   I got a token from the SSO server, the invalidated it by logging out
> > and finally tried the following request:
> >
> > curl -X POST -k -i -d "tokenid=AQIC5wM2LY4Sfczh61E56Y%2Bnl9tJwP5IJWHOL%
> > 2FqYzswKGWg%3D%40AAJTSQACMDE%3D%23"
> > https://opensso.in-silico.ch/opensso/identity/isTokenValid
> >
> > from which instead of getting boolean=false, I get a status code 401
> > (Unauthorized). Is this what one is expecting? I've configured of course
> > the service to translate this into a negative answer.
> 
> this page (for example):
> http://developers.sun.com/identity/reference/techart/id-svcs.html
> states "boolean" as response.
> 
> I can reproduce this behaviour here. Seems to be clearly a bug.
> 
> Regards
> Andreas
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>