Geek Answers Handbook

Strictly typed sessions in asp.net

Excuse me if this question has already been asked. HttpContext.Current.Session["key"] returns the object, and we would need to pass it to this particular Type before we can use it. I reviewed various implementations of typed sessions

http://www.codeproject.com/KB/aspnet/typedsessionstate.aspx http://weblogs.asp.net/cstewart/archive/2008/01/09/strongly-typed-session-in-asp-net.aspx http://geekswithblogs.net/dlussier/archive/2007/12/24/117961.aspx

and I felt that we needed to add another code (correct me if I am mistaken) in the SessionManager if we want to add a new Type object to the session either as a method or as a separate shell. I thought we could use generics

 public static class SessionManager<T> where T:class { public void SetSession(string key,object objToStore) { HttpContext.Current.Session[key] = objToStore; } public T GetSession(string key) { return HttpContext.Current.Session[key] as T; } }

  • Is there an inherent advantage in using

    SessionManager<ClassType>.GetSession("sessionString")

than using

 HttpContext.Current.Session["sessionString"] as ClassType
  • I also thought it would be nice to have something like

SessionManager["sessionString"] = objToStoreInSession , but found that the static class cannot have an indexer. Is there any other way to achieve this?

  • My thought was to create a SessionObject that would save the Type and the object, and then add that object to the Session (using the SessionManager) using the key. When retrieving all objects on a SessionObject enter the type (e.g. t) and Object (say obj) and produce obj as t and return it.

    public class SessionObject { public Type type {get;set;} public Object obj{get;set;}
    }

this will not work either (since the reverse signature will be the same, but the return types will be different).

Is there another elegant way to save / retrieve objects in a session in a more secure way

+6
session session-variables session-state
source share
5 answers

For a very clean, maintained, and smooth way to work with the session, check out post . You will be surprised how simple it is.

+4
source share

The disadvantage of this method is that the consuming code must know which keys to use for storage and retrieval. This can be error prone, since the key must be exactly correct, otherwise you risk storing it in the wrong place or getting a zero value.

I use a strongly typed version, since I know what I need to have in the session, and thus, you can configure the packaging class. I rather have extra code in the session class, and don't have to worry about key lines anywhere else.

+2
source share

You can simply use a singleton template for your session object. Thus, you can simulate the entire session from a single object of a composite structure. This post refers to what I am saying and discusses the Session object as a weakly typed object: http://allthingscs.blogspot.com/2011/03/documenting-software-architectural.html

+2
source share

Actually, if you want to type objects, place them at the method level, for example:

 public T GetValue<T>(string sessionKey) { }

The class level is greater if you have the same object in the session, but the session can expand to several types. I do not know that I will worry about session control; I would just let him do what he did for a while, and just provide the means to extract and store information in a more rigorous way (at least for the consumer).

Yes, indexes will not work; you can create it as an instance instead and make it static:

 public class SessionManager { private static SessionManager _instance = null; public static SessionManager Create() { if (_instance != null) return _instance; //Should use a lock when creating the instance //create object for _instance return _instance; } public object this[string key] { get { .. } } }

And so this is a static factory implementation, but it also supports a single point of contact through a static link to the session manager class inside. Each method in sessionmanager can wrap an existing ASP.NET session or use its own internal storage.

+1
source share

I posted a solution on StackOverflow, is it a good idea to create an enumeration for session value key names?

I think this is really a slick and contains very little code to make this happen. .NET 4.5 requires it to be the most slickest, but still possible with older versions.

This allows:

 int myInt = SessionVars.MyInt; SessionVars.MyInt = 3;

work exactly the same way:

 int myInt = (int)Session["MyInt"]; Session["MyInt"] = 3;
0
source share

More articles:


All Articles