Information about the current Session. The Session may contain information about the authenticated Principal and where the Request can from, the Client. The Session information is used by the BasicDecider mechanism.
Types
If no types are listed ... then ALL Types are allowed
Clients
If no Clients are listed ... then ALL Clients are allowed
