3.3.5.3.3 Requestor IP/STS Security Realm Discovery

Article
04/23/2024

As specified in Relying Party Web Browser Requestor Sessions List (section 3.1.1.5.2), resource IP/STS MAY store a session identifier for the web browser requestor in an HTTP session cookie (for more information, see [RFC2965]). It SHOULD use this identifier and its Inbound Sessions List to look up the correct requestor IP/STS.<79>