T24 Token Management

Information in this document is subject to change without notice.

No part of this document may be reproduced or transmitted in any form or by any means, for any purpose,
without the express written permission of TEMENOS HEADQUARTERS SA.

COPYRIGHT 2007 - 2008 TEMENOS HEADQUARTERS SA. All rights reserved.

 Token Management

ABOUT TOKEN PROCESSING IN T24

When a user signs on to the T24 server using the browser, a request to create a session is sent
to the T24 server. This will always be the first request from the user to T24. The T24 Browser
component on the Web Server is the one that identifies and distinguishes a sign on request from other
requests.
When this request hits the T24 server, T24 will picks up the request, understands that it is a
‘sign on’ request, does SMS validations and create a new token for that user. This is the token that will
be used by the user when he sends his subsequent request. Please note that a token is not created for
the first request from the user (Sign on request). The token once created, is stored in the database. It
is vital to understand that it is T24 that is creating and storing the tokens.

TABLES INVOLVED IN T24 TOKENS

F.OS.TOKEN
F.OS.TOKEN.USE

OS.TOKEN –

 The token in this file is the token that the user needs to use when a subsequent request is
issued by the user
 ID of this file Token numbers are generated using a core T24 routine named
ALLOCATE.UNIQUE.TIME
 This routine creates a 12 digit number (UUUUUTTTTT.NN)

ID : Token number (UniqueID)

0001 : User name
0002 : ONLINE (Hard coded string)
0003 : Company to which the user has logged on
0004 : Current time
0005 : Current date

OS.TOKEN.USE –
 Contains a list of previously used tokens
 When a new request is accepted the active token is moved to the used file
 A maximum stack size is maintained with old tokens removed when this size is reached
 Token Management

SCNEARIO’S HANDLED

WITH THE SETUP

 USER>TIME.OUT.MINUTES with 1 minute
 TIMEOUT.MODE with ACTIVE in SPF.

1. BrowserSession with proper Signoff from T24 Browser

2. Keeping the browserSession Idle for more than TimeOutMinutes defined in USER
3. Closing T24 Browser by clicking [X]
4. T24 Browser with multiple popup
a) Closing all popup by pressing [X] and with proper signoff from T24 Browser.
b) Same scenario, but will allowing the enquiry popup’s till the timeout from app server, after
the token

REAL TIME EXAMPLES WITH OS.TOKEN AND OS.TOKEN.USE

To start with we have cleared with OS.TOKEN and OS.TOKEN.USE

 Token Management

SETUP
Browser Screen with proper signout by having TimeoutMinutes to 1 minute.

SPF with TIMEOUT.MODE to ACTIVE

Scenario 1:-
 Token Management

BrowserSession with proper Signoff from T24 Browser

Login to T24

Token is created in OS.TOKEN

OS.TOKEN OS.TOKEN.USE

Proper signoff from Browser – clears OS.TOKEN and OS.TOKEN.USE

 Token Management

After proper Signoff from Browser.

OS.TOKEN OS.TOKEN.USE

Scenario 2:-

Idle browser session after 1 minute when having TimeoutMinutes to 1 minute and Timemode set with
Active.

Use the Idle session after 1 minute

OS Token after Timeout – Tokens got cleared.

OS.TOKEN OS.TOKEN.USE
 Token Management

Scenario 3:-

Browser Screen by clicking [X] button, by having TimeoutMinutes to 1 minute.

Logged into T24.

After Login
OS.TOKEN OS.TOKEN.USE

Click the [X] to close the T24 Browser Home screen.

Note: Tokens is not removed, as it is a proper Sign off to trigger sign off request.
 Token Management

Same tokens remains in T24 tables even after REACHING the timeout minutes defined in USER/SPF
OS.TOKEN OS.TOKEN.USE

After re-login, existing tokens records got cleared and new tokens got updated with Sign in Time.

So, pressing the [X] will not clear the token unless we re-login with the same user/maximum
concurrent user reached

Scenario 4:-

Case 1
Case to simulate when user close[X] enquiry popup window(when the enquiry is running on SELECT)

To simulate the above case, created a dummy build routine with a Sleep.
Test case to launch as many as enquiry popups and closing all the Enquiry Screen popups using [X] and
with proper signoff from browser Screen will also clear the tokens

Build routine with a Sleep command

Token Management
 Token Management

OS.TOKEN/USE after multiple pops, only 2 below records alone created.

 Token Management

We have closed all enquiry Pops, TOKEN/USE still available and a proper signoff of main screen clears
the Token.
Tokens got cleared.
OS.TOKEN OS.TOKEN.USE

Case 2

With the same sleep on enquiry allowing the enquiry popup to run till the end will give below message
of app server time out, this will not impact T24 Token unless we use Signoff button in the T24 Home
screen.

SUMMARY

 T24 Token are maintained in OS.TOKEN and OS.TOKEN.USE and clear request only be triggered
only when
o Proper signoff from T24 browser
o Send a request after reaching timeout in the Idle T24 Browser session.
o When maximum concurrent user reached, T24 system will not prompt immediately
with message, instead it will trigger a clean up process to remove all expired tokens.
o Expired Token will be cleared when re-login with same user, and a new token will
created with latest login time.

 TIMEOUT.MINUTES in USER is different from App server timeout.

When a T24 Browser http request does come back with a response, upon reaching timeout
(specified in app server) it will kill the thread, this has no relation to TIMEOUT.MINUTES defined
in USER/OS.TOKEN.