About to ask one clarification on open token expiration. For ex PF server is running on US and I'm accessing the application from Asia. I have set max life time for open token is 6hrs. So the time, open token reached my browser it will be expired. though I'm authenticated already by PF can continue to access application but again i'm sending same opentoken to PF server(US server) for authentication.
In this case how PF will react?
Thanks In Advance.
Not sure I understand the question but I believe that you are asking about how OTK deals with timezone differences? If so, timeout eval is handled by the PF Adapter and Agent...not the client browser (except for persistent cookies..they have a timestamp of their own the browser enforces). The Adapter and Agent convert the server time to UTC before evaluating any timestamps within the token so that as long as the SERVER time settings are correct, it doesn't matter where the client (browser) is located.