I am currently working on a SAML 2.0 based Web Browser SSO profile implementation for Apache Tomcat in the form of a valve.
I had been using org.joda.time.DateTime to set values for date-time related attributes such as, IssuerInstant.
The following has been specified in SAML 2.0 core spec in using time values for implementations: "All SAML time values have the type xs:dateTime, which is built in to the W3C XML Schema Datatypes specification [Schema2], and MUST be expressed in UTC form, with no time zone component. SAML system entities SHOULD NOT rely on time resolution finer than milliseconds. Implementations MUST NOT generate time instants that specify leap seconds."
Java's LocalDateTime does seem to satisfy majority of the conditions but is the final condition related to leap seconds satisfied? I have searched several resources for any idea about this but I have not been successful.
Can we use LocalDateTime for the above mentioned purpose?
LocalDateTime does not take into account leap seconds. I believe you are safe to use it