I have a system where we have 6 java application servers all protected by an OpenAM agent. We only have 1 agent configured in openAm and everything works fine. I did notice if I kill a session in openam the agent took a while to notice (probably the length of time the agent has things cached for).
I started wondering recently about 'Agent Notification URL' this can only be configured to one URL per agent configured so how can my 6 application servers get notifications? Do I have to configure 6 agents identically, only difference being the 'Agent Notification URL', to get notifications working to all agents/app server?
Any help/guidance here appreciated as the documentation on this is pretty poor.
You should create an AgentGroup and one agent profile (so 6) for each application server. Assign the agent profiles to the group and make it inherit all settings from the AgentGroup but 'debug' level (so that you can configure it per agent profile).The notification url will then be unique for the Agent and OpenAM will send out an notification to all agents that registered for notification. Make sure that each OpenAM instance can communicate with the 'notification urls' (if TLS is in the play, make sure OpenAM JVM's trust in configured properly)