How would that affect the single sign-on case? AFAIK it's common practice to issue redirects to people who are not authenticated to send them to the identity provider's (IDP's) login page. This would make it hard for an IDP to determine if the user already has an active session with them.