Caching account information

I currently using my own membership implementation on a ASP.MVC project. I've got an Account and an Account can have more than 1 memberships.

I am not sure what is the best approach to follow wi开发者_高级运维th Account information being cached. I am currently loading the account information for almost each request from the User property of the controller.

Should I cache the account information? And if where would be the best place, cookies or Session?

I recommend fairly strongly against sessions. They won't scale well and do not fit into web/HTTP type of architectures. See 'Key REST principles' in this REST article if you like the REST stuff.

I would suggest to put the user information in cookies (don't over do it, just really required stuff).

And keep sensitive information in the ASP.NET Forms authentication cookie. See Forms Authentication article, "Step 4: Storing Additional User Data in the Ticket".

Fetch the rest of the data from the database. Avoid premature optimization.

As is often the case with these questions, the answer is "it depends".

Cookies are fine if you are only storing small amounts of string data. There are limitations (4k per cookie, HTTP header limit) and they are sent across the wire with every request and response. You might have to "re-inflate" your account/member info from data stored in the cookie. Users can opt to not accept cookies from your website.

Session is strongly-typed (no re-inflation) and not transmitted with every request/response. There are several options for scaling up session storage if you think your web app will need it. Most small-medium sites use session with no problems.