asp.net - Why HttpContext.Current.Session is null in Global.asax? -

i'm using vs2010 , created simple asp. web forms application, using development server test it.
try store user data - queried sql server - in session, since don't want access database in every request. i'm using 'application_authenticaterequest' , 'session_start' methods.
first round: authenticaterequest called. following code ran:

public static void initialize(string login_name, bool force_refresh)     {       httpsessionstate session = httpcontext.current.session;       object o = session == null ? null : session["employee_data"];       if (force_refresh || o == null || o.gettype() != typeof(employee) || (o employee).login_name!= login_name)       {         _current = uimanager.getemployee(login_name);         if (session != null)         {           session["employee_data"] = _current;         }       }       else       {         _current = (employee)o;       }     } 

the _current variable private static field published through static property. in first round session null, , think it's ok because session_start not called yet. session_start looks this:

protected void session_start(object sender, eventargs e) {   session["employee_data"] = employeefactory.current; } 

in next round session_start not called of course in authenticaterequest can't access session. httpcontext.current.session null , this.session reference throw httpexception says "session state not available in context".

however can access session of page_load events it's bad practice think put authentication every page_load. idea how can access session?

thanks advice,
péter

you're not able use session on application_authenticaterequest becauase it's not bound @ moment.

i think you're able use event application_acquirerequeststate.