Global.asax Event: Application_OnPostAuthenticateRequest

Question

Hi, I am using Application_OnPostAuthenticateRequest event in global.asax to get

1. roles and permissions of authenticated user also i have made my custom principal class to get user detail and roles and permission.

2. To get some information which remain same for that user.

following are the code

void Application_OnPostAuthenticateRequest(object sender, EventArgs e) {

    // Get a reference to the current User

    IPrincipal objIPrincipal = HttpContext.Current.User;

    // If we are dealing with an authenticated forms authentication request

    if ((objIPrincipal.Identity.IsAuthenticated) && (objIPrincipal.Identity.AuthenticationType == "Forms"))
    {
        CustomPrincipal objCustomPrincipal = new CustomPrincipal();
        objCustomPrincipal = objCustomPrincipal.GetCustomPrincipalObject(objIPrincipal.Identity.Name);
        HttpContext.Current.User = objCustomPrincipal;
        CustomIdentity ci = (CustomIdentity)objCustomPrincipal.Identity;
        HttpContext.Current.Cache["CountryID"] = FatchMasterInfo.GetCountryID(ci.CultureId);
        HttpContext.Current.Cache["WeatherLocationID"] = FatchMasterInfo.GetWeatherLocationId(ci.UserId);
        Thread.CurrentPrincipal = objCustomPrincipal;
    }
}

My question is as following

1. This event fires every time for every request. Hence for each request the code execute?
2. My approach is right or not?
3. Is it right to add HttpContext.Current.Cache in this event or we should move it on session start

Answer 1

1. Yes this event fires for every request
2. Yes you can use this event to get information for the authenticated user
3. No, don't use HttpCurrent.Current.Cache to store user specific information as the cache is common for all users and you will get conflicts. Use HttpContext.Current.Session instead as this will be specific to the user.