Questions Future applications, not the apt approach different protocols don’t matter CAS and OAuth2, user store is same Common problems, not true, if we take a different route