2 OpenAM 11.0.2 instances behind HA_Proxy
Session Failover enabled (CTS within embedded config in my test)
ha_proxy load balancing in round robin between am1 and am2
Quota constraint set to 2 per user
DESTROY_NEXT_EXPIRING set up
A simple curl that throws the same authentication request for the same user; loop 5000 times:
In the Session log file, you can see that the number of sessions is being checked in order to decide whether the quota has been reached. At the beginning of the logs I can see it stays at 2 existing sessions - as it should -, then it moves on to 3 and does not go back down.