Translations:Manual:SessionManager and AuthManager/56/en

It's also possible to have a provider with the ability to be associated with any arbitrary user but lacking the ability to save a randomly-generated session ID.