Home/ Questions/Q 6869567
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T03:34:25+00:00

I am currently using session to hold the user ID at my web application.

  • 0

I am currently using session to hold the user ID at my web application. And i read a lot about sessions is evil, so my plans is to find another solution.

So my next step is to use encrypted cookie.
Something like: 

userInformation: ENCRYPT(UserID,subdomain,someComputerUniqueValue,hashvalueOftheString)

each user has their own subdomain, so the UserID and Subdomain must match.
But. Now at almost every page i call the session value to get the userID.
I want to change this to some kind of variable, but what kind of variable?!
I am now setting the session value inside a httpmodule. in the 

public void Application_PreBeginRequest

Is it possible to create a variable within application_prebeginRequest and read it somewhere else during the creation of the page. for example in the masterpage, och the contentpage. or the classes that is used at that specific page.
WHen the page is created and sent to the client, the variable should die.

What kind of variable am i looking for? is it global variable? if not, what is global variable?

Thanks for reading!
Mattias R.

Edit:

This cookie is not for authentication. I want to save the ID of the user connected to the subdomain, so i dont have to run the “SELECT ID from account where subdomain=’somethin'” query each time a page is visited.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can store what you need inside the HttpContext.Current.Items. Items put inside that will live only during the current web request and will be available globally in your web application.

    // Global.asax
void Application_BeginRequest(object sender, EventArgs e)
{
    HttpContext.Current.Items["hello"] = DateTime.Now;
}
// Default.aspx
public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        Label1.Text = HttpContext.Current.Items["hello"].ToString();
    }
}

    By the way, at Application_BeginRequest event, the Session object isn’t available.

    For more information about HttpContext.Current.Items, look at https://web.archive.org/web/20201202215202/https://www.4guysfromrolla.com/articles/060904-1.aspx.

    • 0