What would you do...Application Obj or constant SQL drills

Discussion in 'ASP .Net' started by D. Shane Fowlkes, Nov 14, 2003.

  1. I developed and manage an intranet for a small, govt agency. The way it is
    set up now is that there is a Function on each and every page that will
    capture the NT Log On User ID (b/c they had to log into the Windows network
    to even access the intranet) and query against a SQL Server table called
    "Staff". Assuming the user is in the table (they should be), it will let
    them access the page as normal and it sets a series of session variables
    that are used throughout the application such as a "permission score", Full
    Name, Active, StaffID, Department and other useful stuff that use throughout
    the intranet.

    The upside to this is that the user never has to "log in" to the
    intranet...they just open up IE. The downside is that it might not be all
    that efficient.....pulling and creating a recordset and (re)setting session
    variables on each and every page. I've never had any bottlenecking or
    strain on the server or IIS but then again, it's a small agency...less than
    50 people.

    Since I'm overhauling it and moving towards .NET, I've been thinking of a
    more efficient way of doing this. I thought about using a global.asax file
    and upon the start of the application, pull and create this "Staff"
    recordset and store it into an array in an Application Object. That way,
    with the request of each and every page, I can just check against that array
    to see if they have permission and to see other data I need about the user.
    The only downside to this is that the array's recordset would be static and
    changes made in the Staff Table wouldn't be shown in the array until the
    application is stopped and restarted.

    So...to the gurus out there....what would you do? Make the array? Pull
    Staff data from SQL Server on each page? Or other?



    D. Shane Fowlkes - TMM
    Saving the world, one web site at a time.
    D. Shane Fowlkes, Nov 14, 2003
    1. Advertisements

  2. I think you're barking up the right tree here, but maybe the wrong branch.
    You say that every page has this code that checks the user's login against a
    database table, and sets up a bunch of Session variables afterwards. What I
    would do is just use the Session_OnStart Sub to do this one time at the
    beginning of the Session. After this, the Session variables are loaded, and
    the User is validated. No need to requery the database with the same login
    information afterwards.


    Kevin Spencer
    Microsoft MVP
    ..Net Developer
    Big Things are made up of
    Lots of Little Things.
    Kevin Spencer, Nov 14, 2003
    1. Advertisements

  3. Thanks Kevin...that's brilliantly simple.



    D. Shane Fowlkes - TMM
    Saving the world, one web site at a time.
    D. Shane Fowlkes, Nov 17, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.