Using Session vs. Static class for saving user data

Question

I'm working on an ASP.NET website with a C# backend. De webserver is running on a remote server, and because I need some data located on the client's pc (for instance: the user id), I wrote a client and server application. So when the user starts the client application, it connects to the webserver but doesn't load the page yet, the webserver launches my server which asks the client for some data. After the client responds, the server has the required data and the webpage loads for the client.

To easily access some properties from the user, I wanted to use the Session variables. But when the client sends its data to the server, the Session variable isn't available yet. When I try to access it I get a NullReferenceException. I believe this is because the Application_AcquireRequestState event isn't fired yet (located in Global.asax.cs). Because I need to use the client's data, I save it in a static class so I can access it easily at any time.

Is there a better solution to this? I thought of waiting for the Application_PostAcquireRequestState event to fire, because I think the Session variable is available at that time. So I could then load the data from the static class into the user's session variable. Is this a good idea, or should I just stick with the current situation (static class)? Because it works, but it doesn't feel like the best way to do this.

Thanks in advance!

Answer 1

Session state is good enough for per-user-session data.

Don't touch statics, these are scoped per AppDomain in a process. IIS will recycle AppDomains without you knowing, binning your static variables.

Update: for the sake of clarity, the following question/answer explains a situation where Session will be null:

What should I do if the current ASP.NET session is null?

This obviously makes Session state unsuitable if your application falls into one of the aforementioned situations.