* <
arnaldop...@gmail.com> [2017-06-10 00:09]:
SAML IDPs and SPs communicate via SAML protocol messages, sent via
SAML-defined protocol bindings. They do not share state, and do not
need to share the same implementation (e.g. one could be in Java and
the other in PHP). As such there's certainly no requirement for them
to share anything, including a session store (or the technology for
implementing a session store), otherwise the documentation would say
so.
Since they only need to communicate via standard protocols I would
take care to not create any other dependencies, interactions or "tight
coupling" that are not necessary.
-peter