Basically there is an object like this, a common model
class User{
Long id;
String username;
String password;
String fullname;
...
List collections;
}
>From most examples and basic approach, i see references to this Object in
the session
During user sign in, this object is loaded from database and stored in the
memory and then during authentication, this object is checked against Null
to know if a user is signed in or not and then if required, a getter in the
session returns the reference.
Please correct me if I am wrong,
Now I thought,
Instead of keeping the object reference in the session after a sign in, why
not just keep the ID (Long) and then during authentication, the code just
checks for Null or Zero
and then if the entire user object is required in any of the pages, The
USER ID is passed into the DAO which then loads the object and then
discarded immediately after use so that no references exists to it again
Does this approach have any significant improvement over the former? and
what could be the cons
Thanks
