Prev: referencing javascript function on button event
Next: Newbie question regarding user designed reports
From: pbd22 on 1 Apr 2010 02:58 Hi. I have some questions about session management. I have decided to use a custom session manager class to have more control over session state in my web site. I have started out by using Stephan Prodan's Session Class here: http://stefanprodan.spaces.live.com/?_c11_BlogPart_BlogPart=blogview&_c=BlogPart&partqs=cat%3DC%2523 You'll need to take a look (which I appreciate immensely) to get a sense of what I am talking about. 1) My first question pertains to how I persist and access my session information after a user authenticates (or doesn't). In his example, sessions are created upon login / authentication as such: // Create new instance of session manager SessionManager<WorkbookProfile> sessionManager = new SessionManager<WorkbookProfile>(10); //Register timeout event sessionManager.OnEntryTimeout += new SessionEntryTimeoutDelegate<WorkbookProfile>(sessionManager_OnEntryTimeout); // Get the user's profile UserProfile profile = UserProfile.GetUserProfile(_membership.GetUserNameByEmail(Login1.UserName)); //Log profile & start session sessionManager.startSession(ref profile); //Store on the session a user's object sessionManager.SetData("MyData", "UserObject", user.SessionId); OK, I understand the above code. What I don't completely understand is how I can access session information as users interact with the system. For example, take the below code: public partial class MyClass : System.Web.UI.Page { private UserProfile _profile; private SessionManager<UserProfile> _session; protected void Page_PreInit(object sender, EventArgs e) { _session = new SessionManager<UserProfile>(10); } protected void Page_Load(object sender, EventArgs e) { string UserName = sessionManager[profile.SessionId].UserName; _profile = UserProfile.GetUserProfile(UserName); } } In the above code I need to pass the user's UserName to to the `GetUserProfile method in order to create an instance of the authenticated user's profile. But, I need to have the profile object to access the SessionId. Sort of a Catch 22. What am I doing wrong here? How should I be accessing session and profile information for each new page the user visits? 2) the importance of the database when using sessions? My second question relates to the use of the DB with sessions. In Stefan's class, all session information is stored in a session object that persists as long as the user is authenticated. But, in other online reading, I have seen examples where programmers store session keys in a table in association with fk_profileid. What is the purpose of this? What is the best practice? Thanks for your time. |