I've inherited a large asp.net website that relies heavily on session information.
There is a back-end system that feeds it necessary information as needed through web services, but the application itself has no database, and everything is kept in session through a bunch of Data Objects which are accessed directly throughout the entire application.
I eventually want to try to migrate the application to a true N-Tier architecture, and start using a database instead of session based data objects.
My question is, what is a recommended path to get to the desired architecture?
I'm thinking that an initial step would be to create a Data Access Layer for accessing the data objects. Once this is in place, I would then be able to replace the data objects with a database.
The problem is that the session Data Objects are directly accessed from everywhere in the application. Because these objects are stored in session, you can directly set any of their properties without anything controlling the data. This is done throughout the whole application.
For example, say you have a customer Data Object stored in session. If you wanted to modify this customer, all you have to do is to set a local variable to the object stored in session. You could then update anything in the object just by setting mylocalvar.LastName = "blah"; Your session object is now updated without doing anything else.
Has anyone done anything like this before, and has any ideas on steps I could use to accomplish it?
*note: I'm not looking to off-load the session data, but to re-architect how the data is saved and accessed.