Global.asax Event: Application_OnPostAuthenticateRequest

Question

I am using Application_OnPostAuthenticateRequest event in global.asax to get

a) Roles and permissions of authenticated user also i have made my custom principal class to get user detail and roles and permission.

b) To get some information which remain same for that user.

void Application_OnPostAuthenticateRequest(object sender, EventArgs e)
{

    // Get a reference to the current User
    IPrincipal objIPrincipal = HttpContext.Current.User;

    // If we are dealing with an authenticated forms authentication request
    if ((objIPrincipal.Identity.IsAuthenticated) && (objIPrincipal.Identity.AuthenticationType == "Forms"))
    {
        CustomPrincipal objCustomPrincipal = new CustomPrincipal();
        objCustomPrincipal = objCustomPrincipal.GetCustomPrincipalObject(objIPrincipal.Identity.Name);
        HttpContext.Current.User = objCustomPrincipal;
        CustomIdentity ci = (CustomIdentity)objCustomPrincipal.Identity;
        HttpContext.Current.Cache["CountryID"] = FatchMasterInfo.GetCountryID(ci.CultureId);
        HttpContext.Current.Cache["WeatherLocationID"] = FatchMasterInfo.GetWeatherLocationId(ci.UserId);
        Thread.CurrentPrincipal = objCustomPrincipal;
    }
}

My question is the following:

1. This event fires every time for every request. Hence for each request the code execute?
2. My approach is right or not?
3. Is it right to add HttpContext.Current.Cache in this event or we should move it to Session_Start

Answer 1

1. Yes this event fires for every request
2. Yes you can use this event to get information for the authenticated user
3. No, don't use HttpCurrent.Current.Cache to store user specific information as the cache is common for all users and you will get conflicts. Use HttpContext.Current.Session instead as this will be specific to the user.