> > Marvin, how do you envision the “SessionManager” to be? > It has 4 concerns:
1. Starting the SSO session 2. Looking up the SSO session upon request 3. Keeping track of the services accessed (including metadata like credentials) during the SSO session 4. Ending the SSO session Those are the meaningful CRUD operations for an SSO session afaict, and all necessarily involve interaction with a persistence layer. There may be more update cases for #3 than simply service accesses, but it's essential to track those at a minimum to support MFA and SLO cases. M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
