November 9, 2016 at 12:00 am #14126nikolaosinlightParticipant
If I have an OpenAM (with policy agent notifications enabled) that is connected to:
– a LB with 2 policy agents A + B protecting their respective server’s web containers
And I access any of A or and log in and thereafter logout of OpenAM…
Q. How would OpenAM communicate to B and C that the session has expired?
I know that the caching in the Agents falls back to polling but would just 1 policy agent get notified while the other would need to rely on the polling agent i.e. would 1 policy agent consider the user logged out while the other for some time X consider the user still logged in before they are considered logged out?
Q. If the above holds… what is the best practice for notifications to policy agents behind an LB?
–NikolaosNovember 15, 2016 at 10:47 pm #14307nikolaosinlightParticipant
Anyone have any idea. I assume that 1 of the 2 agents gets hit and polling accounts for the other agent.
–NikolaosNovember 18, 2016 at 7:31 am #14345david.bateParticipant
Each agent needs a direct notification route, i.e. notifications can’t go through the load balancer, since every single agent needs to be notified, not just one in the cluster. What you may want to do, is to leverage Agent Groups for most of the configuration and for Agent specific settings like Notifications set it there.
You must be logged in to reply to this topic.