Static Session Class and Multiple Users

Question

I am building a class to store User ID and User Role in a session. I'm not sure how this class will behave when multiple users are on the site at the same time. Does anyone see a problem with this?

public static class SessionHandler
    {   
        //*** Session String Values ***********************

        private static string _userID = "UserID";
        private static string _userRole = "UserRole";

        //*** Sets and Gets **********************************************************

        public static string UserID
        {
            get
            {
                if (HttpContext.Current.Session[SessionHandler._userID] == null)
                { return string.Empty; }
                else
                { return HttpContext.Current.Session[SessionHandler._userID].ToString(); }
            }
            set
            { HttpContext.Current.Session[SessionHandler._userID] = value; }

        }
        public static string UserRole
        {
            get
            {
                if (HttpContext.Current.Session[SessionHandler._userRole] == null)
                { return string.Empty; }
                else
                { return HttpContext.Current.Session[SessionHandler._userRole].ToString(); }
            }
            set
            { HttpContext.Current.Session[SessionHandler._userRole] = value; }
        }

}

Answer 1

You'll get a new session for each connection. No two users will ever share session. Each connection will have its own SessionID value. As long as the user stays on your page (doesn't close the browser, etc.) the user will retain that session from one request to the next.

Answer 2

The code you posted is the exact replica of some code we have here.

It has been working fine for 2 years now.

Each users access is own session. Every request made to the server is a new thread. Even though 2 request are simultaneous, the HttpContext.Current is different for each of those request.

Answer 3

This will work fine for mutiple users accessing your application as there will be different sessionid generated for all deffrent users accessing application concurrentely. It will work in similar way if you have defined two different session variables in your system. It will be like wrapping tow session states using static wrapper class SessionHandler.

Answer 4

makes sense when using different browsers or etc...even on same machine.

using IE to login... with one username.. and using safari to login with another different one.. .works.

And/or different machines on a regular deal.

but what about on the same 'single brower'.

Forgive this, but I need to make application support multiple users, and i cant find anything that helps me find options...probably for user_sessions or similar.

Yes this is for a last class in rails and Im not sure what to do here.

IF I use anoth safari instance on PC, and login with one user on one safari and another on 2nd safari (same pc) it seems to work till I do anything on the first one.

Then it suddenly reverts to 2nd one.