How can I store session data in ASP.NET?

Question

We have a flex application that works with ASP.NET. (through weborb). And we use several data at the .NET Side to load data, ex: UserId, ChannelId, ... For now only userid is stored in the name of the HttpContext.Current.Identity. So the flex side doesn't need to push the user id all the time, but now we want to disable the "push" of the channelid too.

I was wondering where we should "store" these data. Is a Session save enough or do we need to use a cookie? or are there any other methods for this "problem".

Answer 1

I'd recommend to use Session because the values are then stored on the server (cookies are stored on the client). Also use a static class and wrap the session there.

Instead of

Session["channelid"] = ChannelId

use

SessionManager.ChannelId = ChannelId

and you can declare SessionManager as a static class with static properties that use the session. I believe this is a general Microsoft practice as well.

Cheers

Answer 2

Session sounds like a good choice for this. Whilst there is much aversion to it unless you really do need to scale to a very large number concurrent users there is no reason to avoid it for such a small amount of data per session.

Cookies is an option however it means the data is held client-side which may not be desirable and bulks up every request being sent to the server.

Answer 3

If it just a case of storing userId and channelId or similar integer values, I prefer session, but if u are going to have more data than these, and u have pretty large number of concurrent sessions possible, then session might be a bit heavy.