Control what developers store in ASP.NET Session

• Download session_encapsulation.zip - 2.5 KB

Introduction

This article suggests a way to encapsulate what is stored in ASP.NET session and provides a typesafe way to store objects in session.

Background

ASP.NET provides Session object to save information across http requests. But I have seen developers using Session object indiscriminately. At times, we even store those objects in session which could be stored in context i.e just to pass information
from one aspx page to another (in case of Server.Transfer() and Server.Execute())

This article suggests a way which allows you to store data in session through a single object of SessionData class. To store any object in session, developers do not store it directly in session. Instead, a property for the object to be stored is added to the SessionData class. As a result, the SessionData class has all the objects stored in session exposed as property. The advantages are:

1. It provides a centralised location for storing session data. To store any object in session, developers have to add a property to the class. So you have control over what is stored in session. Developers would be discouraged to store whatever in session.

2. Provides a type safe interface to storing objects in session.

Using the code

Add the SessionData class to your ASP.NET project. In ASP.NET 2.0, this gets added to App_Code folder.

using System;
using System.Web.SessionState;
/// <summary>
/// This class encapsulates all data stored in session for a user
/// </summary>
public class <code> SessionData 
{
    #region private members
    
    /// <summary>
    /// Session for the user
    /// </summary>
    private HttpSessionState session = null;
 
    #endregion

    #region Constructors
    /// <summary>
    /// Constructor
    /// <param name="session">User Session</param>
    /// </summary>
    public SessionData(HttpSessionState session)
    {
      this.session = session;        
    }
    #endregion

    #region Public Properties
 
    /// <summary>
    /// User. This is an example of property added to SessionData class
    /// </summary>
    public string User
    {
        get
        {
            return (string)this.session["User"];
        }
        set
        {
            this.session["User"] = value;
        }
        
    }
    #endregion
}

In the Session_Start event, add the code to create an object of SessionData object and store it in session

void Session_Start(object sender, EventArgs e)
{
    // Create an object of SessionData
    SessionData sessionData = new SessionData(Session);
  // Store sessionData in session
    Session["SessionData"] = sessionData;
    sessionData.User = "Sachin";
}

Add an object of SessionData as a member of all the pages. Alternatively, you can create a base page with common functionality and inherit page from the base page

public partial class _Default : System.Web.UI.Page 
{
    SessionData sessionData = null;
 .
 .
}

In the Page_Load event handler retrieve object of SessionData and store in member variable to access through out page. SessionData can also be initialized in constructor of the page. I think constructor is a better place than Page_Load event handler.

this.sessionData = (SessionData)Session["SessionData"]; 

In the Page_Load event handler retrieve object of SessionData and store in member variable to access through out page. SessionData can also be initialized in constructor of the page. I think constructor is a better place than Page_Load event handler.

 this.sessionData.User = "sachin

Points of Interest

1. Was interesting to know that Session object can'be accessed to initialize member variables.

public partial class _Default : System.Web.UI.Page </code>
{

SessionData sessionData = Session["SessionData"]; // Cannot access Session object

.
.
}

History

Keep a running update of any changes or improvements you've made here.