Basically there is an object like this, a common model class User{ Long id; String username; String password; String fullname; ... List collections; }
>From most examples and basic approach, i see references to this Object in the session During user sign in, this object is loaded from database and stored in the memory and then during authentication, this object is checked against Null to know if a user is signed in or not and then if required, a getter in the session returns the reference. Please correct me if I am wrong, Now I thought, Instead of keeping the object reference in the session after a sign in, why not just keep the ID (Long) and then during authentication, the code just checks for Null or Zero and then if the entire user object is required in any of the pages, The USER ID is passed into the DAO which then loads the object and then discarded immediately after use so that no references exists to it again Does this approach have any significant improvement over the former? and what could be the cons Thanks