Application Flow:

1. The user goes to a web page where a particular service or application is offered.

2. User clicks the link to go to authentication page.

3. User tranferred to websec server, has 45 seconds to respond.

4. Web-security module authenticates the user or fails.

5. Successful authentication give user a continuation screen which contains a hidden token which is stored in a database.

6. User submits the form and is taken to first screen of application. Token is passed to the application.

7. Application can check the validity of the token as often as it likes.

8. Token are eventually removed or expired from the token database.