The goal
Pick Session
or ProfileProvider
to brings to life some user's information.
The problem
Session
and ProfileProvider
are different things — they play different roles.
There are three information that I need to use all the time: the user's Fristname
, Lastname
and StoreId
. The Firstname
and Lastname
will always be the same, but the StoreId
can be changed — and I can't store its value within a cookie.
So I need to ask: based on this scenario, there's any problem to store those information (First/last name & StoreId) within a Session
? Install and implement all the ProfileProvider
's methods costs me too much time, and a Session
can solve this quickly, but I need to know if there's something wrong to store first/last name in this way of data storage.
Too broad?
I think this question can share multiple opinions, but the proposal is very simple: can I store those three information within a Session
? Actually I know that I can, but what I need to know is simpler: how much will this cost to me? Performance (How much/why?)? Security (How much/why?)?
Sure, of course you can. And I don't think that performance and/or security are an issue here (without knowing the details, that is). What's important is how long you want to store this data. If it's in a session, it'll be gone as soon as the user terminates the session (logs out). If that's fine for you, use session variables. If you need to know this data the next time the same user logs in, then the ProfileProvider is what you need, it does store data independent of any session.