What should be stored in UserContext?
- by HonorGod
From my general understanding I believe UserContext for a web application is supposed to hold user authentication and authorization (user roles) information.
As part of user roles, there are definitions on who can access what data and accordingly the corresponding reference data is loaded into the UserContext as well.
Is this a good practice to load and use reference data from UserContext? Does this have any impact with the number of sessions vs size of data it is holding inside JVM?
I am thinking we use UserContext only for authentication and authorization but load the reference data from cache on demand and use it if required.