Client-side (or cookie-based) session management is a light weight session management solution that reduces server-side overhead and provides better scalability.
It uses client-side cookies as the persistent mechanism for SSO sessions, making the server stateless. Client-Side session management supports the following features:
Authentication
Authorization (excluding session constrains and responses)
OAM & OIM integration over TAP - excluding session deletion on attribute change (account lock/disable, etc.)
Step up authentication
Inactivity time out with single web domain