16.7 Understanding Client-Side Session Management

Client-side (or cookie-based) session management is a light weight session management solution that reduces server-side overhead and provides better scalability.

It uses client-side cookies as the persistent mechanism for SSO sessions, making the server stateless. Client-Side session management supports the following features:

  • Authentication

  • Authorization (excluding session constrains and responses)

  • OAM & OIM integration over TAP - excluding session deletion on attribute change (account lock/disable, etc.)

  • Step up authentication

  • Inactivity time out with single web domain