ASP.NET Session

is there a way to have different session states? As in, have different objects stored in the session but with differing expirations

ie:

i have two session objects, Session["ReportIDs"] and Session["IsAdmin"]

Session["ReportIDs"] - holds the report ids being looked at and can be overwritten as new reports are looked at by the current user. Session["IsAdmin"] - is read from the DB, i dont want to constantly call the DB to get a refreshed value so store it in session. But if userB changes the value of this object for UserA (in the admin screen) the value in the session will persist until the overall sessionstate tim开发者_开发问答eout which is set in the web.config

Is there a way to set different expirations for these session objects?

thanks

---

Sessions are maintained PER USER, which means that even if you use the same key the whatever is stored in the Session under the same key will be different for every user. In other words, User A cannot overwrite the data for User B.

A different thing is Cache: Cache is shared for the whole application and it will/can be overwritten from one user to another. Cache does have expiration and other features such as hooking up to some event automatically when the cached object is expired so that it can be refreshed automatically, etc.

In conclusion: Session is PER USER. Cache is shared among ALL USERS.

EDIT Updating my answer to address properly telsokari's question:

Session objects don't expire until the Session itself expires. There's no way to tell the session to "expire" one object after certain amount of time. You can remove them manually if that's what you want to do. Just hook into any of the events in the application such as Begin_Request and End_Request.

But I don't understand what's your concern about maintaining objects in Session until the user logs out or the session expires... If you are putting a lot of data in Session, then perhaps you shouldn't cache that data in the first place. If you are putting a manageable-sized objects, then what's the problem? The question shouldn't be "When should I expire this object in Session"? but rather: "Does it make sense to store the object in Session, in Cache or not at all?" And the answer depends entirely on your specific case, hardware resources available (memory), etc, etc.

---

You can't set a timeout on specific objects stored in the session.

What you can do is add another value, say LatestRealAdminCheck holding a date. Then don't check Session["IsAdmin"] directly but through some method that also checks that LastestRealAdminCheck to see if it's time to hit the database again.

Another solution could be to not store the IsAdmin value in a user-specific Session value, but in a global singleton (or Application value). In this case you will need a list of user-id's and whether that user is an admin.

---

The sessions are separate for each user and sandboxed. You can assign the IsAdmin once and it will stay alive for the session of that user. You can change the ReportIDs as much as you like but it will only be for that one user.