The point of this
recovery is that if the user presses the browser reload button, the app should be connected with the same already created request--allowing the same already generated responses to be used, among other things. Cache matching is based on : Must be from the same session, must be from the same originating IP address, must have the same OpenURL parameters (same OpenURL parameters measured by a serialized version (Request#serialized_co_params) of recognized openurl paramters stored in the 'params' attribute.
Alternately, if the request ID is passed in (in query var "umlaut.request_id"), that is used instead of context object matching. Umlaut often passes requestID internally, to make sure the same request is recovered. If request_id matches, sessions is not required to match--this is intentional to recover the request even if browser isn't returning cookies, thus not connecting to same session.
===Building the service Collection: Institutions and Services===