PingFederate OpenToken Sample Application
I am testing the sample applications that come with the PingFederate.NET integration kit. I was able to get it to work for a Single Server setup (my machine served as both IdP and SP).
But when I tried to set up two machines as mentioned in this link: https://documentation.pingidentity.com/display/NETIK/Deploying+the+Sample+Applications
A more realistic scenario is to deploy applications to a separate IIS server machine.
I was able to edit the adapter instance and default url but there is this clock skew problem between servers
Make sure to sync your server clock. If they are out of sync, you can take this into account by configuring the Lagging Value in the OpenToken adapter configuration, which is the amount of time (in seconds) that the clock can be skewed between servers. The default and recommended value is 0.
I checked the possible values and max is 3600 seconds.
Question: What if my server has more than an hour time difference? Is it still possible? (Servers are in different time zones.)
source to share
OpenToken uses GMT, so the time clock is inferred from the picture - as long as your server is configured for the correct time and the actual time zone for where it is located, it should work fine. For example, you can have serverA in New York and serverB in Los Angeles. If ServerA is set to Eastern Time and ServerB is set to Pacific Time, then OpenToken will work - since it converts the time to GMT, the time on the token will be "the same".
Hope this makes sense - I need another cup of coffee this morning. :)
source to share