diff --git a/authentic/sessions.py b/authentic/sessions.py
index c880582..752acdb 100644
--- a/authentic/sessions.py
+++ b/authentic/sessions.py
@@ -1,6 +1,6 @@
 from quixote.session import Session, SessionManager
 from qommon.storage import StorableObject
-from quixote import get_request
+from quixote import get_request, get_response
 from qommon.sessions import CaptchaSession
 
 import identities
@@ -29,7 +29,7 @@ class BasicSession(Session, CaptchaSession, StorableObject):
 
     _has_info_keys = [ "lasso_login_dump", "lasso_session_dump",
             "question_key", "after_url", "name_identifiers", "proxied_idp",
-            "authentication_method", "message" ]
+            "authentication_method", "message", "session" ]
 
     def __init__(self, id = None):
         Session.__init__(self, id)
@@ -86,6 +86,22 @@ class BasicSession(Session, CaptchaSession, StorableObject):
     def set_service(self, value):
         self._service = value
 
+    _not_cleaned = ('_service')
+    _to_remove = ('login_tokens')
+
+    def clean_data(self):
+        fields_to_clean = [ f for f in self.__dict__ \
+                if f not in self._not_cleaned and not
+                    f.startswith('_') ]
+        for field in fields_to_clean:
+            if field in self._to_remove:
+                delattr(self, field)
+            elif hasattr(Session, field):
+                setattr(self, field. getattr(Session, field))
+            else:
+                setattr(self, field, None)
+        self.id = None
+
     service = property(get_service, set_service)
 
 class StorageSessionManager(SessionManager):
@@ -113,6 +129,7 @@ class StorageSessionManager(SessionManager):
 
     # if HTTPS on set secure flag on the cookie, always set the HTTPOnly flag
     def _set_cookie(self, value, **attrs):
+        print '_set_cookie', value, attrs
         if get_request().environ.get('HTTPS'):
             attrs['secure'] = 1
         attrs['HTTPOnly'] = 1
@@ -147,3 +164,19 @@ class StorageSessionManager(SessionManager):
             self.session_class.remove_object(session_id)
         except OSError:
             raise KeyError
+
+    def finish_successful_request(self):
+        print get_request().session.__dict__
+        SessionManager.finish_successful_request(self)
+
+    def expire_session(self):
+        # Delete the data from disk
+        # Clean some of the session fields
+        # Keep others
+        request = get_request()
+        if request.session and request.session.id:
+            try:
+                del self[request.session.id]
+            except KeyError:
+                pass
+            request.session.clean_data()