It would be best to have a concept used to define how long a user can remain authenticated in an SSO environment before they are required to authenticate. This are mainly used for productivity reports