I downloaded the MVC SSO samples from your website, in that i'm not seeing any code for IIDCache implementation, the questions i have are
Question 1 : Whether implementation of IIDCache is mandatory ?
Question 2 : If Q1 is true , by default you have implemented InMemoryIDCache in the MVC sample ?
Question 3 : In Webfarm scenario if DatabaseIDCache is implemented, only identity provider needs access to the SQL server database or Relying party / SP also needs access to SQL server database ?
Question 4: Can you please point me to a diagram depicting Replay attack detection ?
Thank you in advance..