Where should we manage session objects in an ASP.NET application?

Question

I am developing a 3-tired ASP.NET C# web application and was wondering where should the sessions be managed. I have a SessionManager class as follows:

public sealed class SessionManager
        {
            private const string USER = "User";
            private SessionManager()
            {
            }

            public static SessionManager Instance
            {
                get { return _instance; }
            }


            public User User
            {
                get { return HttpContext.Current.Session[USER] as User; }
                set { HttpContext.Current.Session[USER] = value; }
            }
    }

Now should the session information be managed in the Business Logic Layer or should it be managed in the Presentation Layer?

Answer 1

Normally the Session object should be used only the presentation layer otherwise your're adding web specific logic (presentation) to your business layer. You would be breaking the loose coupling.

If I have to break the loose coupling I would do it for something better than the Session object :-)

Answer 2

In ASP.NET, Viewstate, Session & Cookies should be managed in the presentation layer.

Cache is probably the only thing you should break loose coupling for...and it should be managed in the Business or Facade layer when you want to cache data.