tags:

views:

70

answers:

1
+1  Q: 

User Session in ASP.Net MVC App

Hi friends!

In my web application (asp.net mvc) I have an restrict area. In my model, I have an entity called "User" represents a user can do login/logout in web app. I've used Forms Authentication to login/out my users and everything works fine but, I'd like to know, if is there any way to save an entity (of the user logged) during the session of the user ?

Is there any best pratice to do this ? Do make the timeout of the forms autentication to be compatible with the HttpSession or is there others way to do this?

I'm using NHibernate

Thanks

Cheers

A: 

Depends.

Relying on Session for logged in status isn't safe because it isn't durable. One Recycle and poof, your Session is gone.

What I do is store non-consequential data like a users first and last name or some cached data about them in the session so I can don't have to query the database for it. Usually what I do is have a logic in the login portion of the application throw this helpful information in the session. Then in the Initialize method I call the same logic to make sure the session information is available. If its not, I add it back.

    protected override void Initialize(System.Web.Routing.RequestContext requestContext)
    {
        if( Session["MyIdentityDTOKey"] == null )
            GoThrowThingsInTheSession();

        base.Initialize(requestContext);
    }

The timeout shouldn't matter because if they can't enter the app, they can't see their session anyway. But if you insist, you can always use the Session.Timeout method to make it expire at the same time.

jfar  2010-07-01 01:13:55
interesting, I use session in similar way except I initialize session variables in global.asax `Session_Start`. Wouldn't that be the best place?
dotjoe  2010-07-01 16:36:48
Cool, I'll try it! Initialize method should be in the controller ? Or my Controller Base Class ? Thanks
Felipe  2010-07-01 18:16:55

related questions

IQuery NHibernate - does it HAVE to be a list?
(N)Hibernate - is it possible to dynamically map multiple tables to the one class
How can I map a list of strings to my entity using NHibernate?
Best practices for querying with NHibernate
NHibernate ISession Flush: Where and when to use it, and why?
IList.Cast<typeof(T)>() returns error, syntax looks ok
NHibernate Generators
101 tutorial for setting up nhibernate?
NHibernate Session.Flush() Sending Update Queries When No Update Has Occurred
NHibernate SetTimeout on ICriteria
Best way to manage session in NHibernate?
Has anyone moved to NHibernate 2.0 in a production environment?
NHIbernate: Difference between Restriction.In and Restriction.InG
NHibernate and Oracle connect through Windows Authenication
Is it possible to use nHibernate with Paradox database?
NHibernate 1.2 to 2.0 migration
NHibernate vs LINQ to SQL
Windows Service Increasing CPU Consumption
(N)Hibernate Auto-Join
MSTest and NHibernate
SQL 2008 Dialect Support for NHibernate
ADO.NET Entity vs NHibernate
Data Auditing in NHibernate and SqlServer
Best way to model Many-To-One Relationships in NHibernate When Dealing With a Legacy DB?
Subsonic Vs NHibernate