omar wrote:
Why dont u store a user's security data in a context like object that gets created for every user when he loggs in. This singleton context object can live for the duration of the user's session.
I guess thats kind of what my cache object is. Our system has all kinds of security data possible for a user, so I wanted to lazy load the cache with security data (as opposed to getting it all in one shot). I was just wondering if I was doing something theoretically wrong by giving the cache object the ability to fill itself up with data when that data was requested, and not yet in the cache.
In the end, I ended up making a dumb cache, where it can only store data, not get it. There is a singleton security object that uses this cache which gets data from the database if it isn't yet in the cache. The main reason to use a dumb cache like this was that the fact that some data was requested from the security system shouldn't automatically imply that that information should be cached, so the layer above the cache should have the freedom to get data without it getting cached...it can obviously also cache the data if it wants to.