Hi Henry, Token expiration is now checked in the createToken() methods in both BasicSecurityTokenCodec and BlobCrypterSecurityTokenCodec. They use AbstractSecurityToken.enforceNotExpired() to do this.
-Stanton From: Henry Saputra <[email protected]> To: Dan Dumont/Westford/IBM@Lotus, [email protected], Date: 02/21/2012 15:38 Subject: Regarding SHINDIG-1645 Dan, Previously the blob crypter check for blob ST timeout but since the patch for SHINDIG-1645 seems to be taken out. Where does the logic go? - Henry
