3.3.5.2.3 User Identification and Authentication

The user's identity and related authentication data from the requestor IP/STS are passed in a security token. The resource IP/STS MUST create an Authentication Context record using the appropriate data from the AuthenticationStatement in the security token.