AM sends the following notifications to Web Agent through WebSockets:
- Configuration notifications
When the administrator makes a change to a hot-swappable agent configuration property, AM sends a notification to the agent to reread the agent profile from AM.
Configuration notifications apply when the agent profile is stored in AM’s configuration data store.
For more information about the cache, refer to Configuration cache.
- Session Notifications
When a client logs out, or a CTS-based session expires, AM sends a notification to the agent to remove the client’s entry from the session cache.
For more information about the cache, refer to Session and policy decision cache.
- Policy Notifications
When an administrator changes a policy, AM sends a notification to the agent to flush the session and policy decision cache, and the policy cache. Enable Notifications controls whether the AM server sends notifications to connected agents. It is enabled by default.
In configurations with load balancers and reverse proxies, make sure the load balancers and reverse proxies support WebSockets.
The AM advanced server configuration property,
org.forgerock.openam.notifications.agents.enabled, controls whether the
AM server sends notifications to connected agents. This property is
enabled by default.
|Notifications are enabled by default. Before disabling notifications, consider the impact on security if the agent is not notified of changes in AM.
On the AM admin UI, select REALMS > Realm Name > Applications > Agents > Web > Agent Name.
On the Global tab, deselect the following options to disable notifications:
After changing this property, restart the web server where the agent runs.