Right New Year and all that let us start again.
This will get you the user details using the security provider ID (a session is set on successful login automatically you really do not need to set others unless you really want them). You can then use this session ID to filter other DB queries using this ID as the key value...
Once you have matched the user using the above method we can go on to sessions again (if you want to set further sessions like I suggest in my initial reply). In all seriousness once you have done this a single time then next time it really is second nature and so simple. That initial hurdle can be a bastard though, we are all our own worst enemies in this regard. I believe we like to think it should work 100% of the time, but again and again I neglect to RTFM..... Teodor can back me up here. The amount of times I have ignored clear and concise instructions is huge, not as many times as I have made myself feel like a complete dickhead though, outweighs the former 10/1. 