Yes, a session would be a suitable place for this information. Assuming you are using the authentication features that are baked into the ASP.NET framework, you either load the user ID from HttpContext.Current.User.Identity.Name, or view it using this value.