Session Value Sharing between JSP and ASP. NET

Introduction: After logging on to ASP. NET, jsp can use the session value in ASP. NET.

 

At the beginning of this topic, the baby's idea was to serialize sessions in ASP. NET to save binary data to the database, and then read binary data from the database by JSP to deserialize the session pair.

For example, when the session object is forcibly converted into a Java-side conversion, an error occurs, and the information on the Internet cannot be resolved. Therefore, a replacement method is used.

Ideas for the replacement method:

Log on to the aspx file. After Successful Logon, save the variable values in the session to a table in the database. Use the sessionid of the session object of ASP. NET, create An ASPX file, and obtain

Get the sessionid of the currently logged-on user and use the ASP. NET redirect statement to go to the JSP file. The URL request path format is test. jsp? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45, if

ASP. NET is not logged on or logon fails. Although there is a sessionid value, the database does not have data associated with this sessionid.

Some readers may find that test. jsp is not required? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45 and other request paths can also be completed. Yes, you can use test. jsp? Userid = 1111

The value is also passed. Of course, userid is the value obtained after ASP. NET is successfully logged on, but some users can know the sensitive data of userid.

Create a table
Tablename:
Iis_session
Fieldname:
Idvarchar -- stores ASP. NET sessionid
Useridint -- stores the user ID after Successful Logon
Powerint -- permission number for storing users

Source code snippets of ASP. NET programs:

/After successful login, you can place the following codeing In the logon authentication ASPX page/

// Record sessionvalue to the database
Privatevoidwritesession2db

/When the user exits the system, the user deletes a row of data corresponding to the sessionid in the database, which can be placed on the exit page or the session_end process of global. asax/

// Delete sessionvalue from the database
Privatevoidremovesession4db

/A aspx page redirected to JSP, add the following code to page_load on this ASPX page/
Privatevoidpage_load

JSP program source code snippets:
<% @ Pagecontenttype = "text/html; charset = gb2312" %>
<%
/
You can replace your own database connection classes.
/
%>
<JSP: usebeanid = "DB" Scope = "page"/>

<%

Stringsaspnetsessionid = request. getparameter;

// The connection pool is used to connect to the database. you can replace it with your own
Stringsdbsourcename = "itbaby_dbpool ";
DB. dbconnopen;

Stringssql = "selectuserid, powerfromiis_sessionwhereid = '" + saspnetsessionid + "'";

// The Reader replaces the code used to read the result set.
Java. SQL. resultsetrs = dB. getrs;

If)

Rs. close;

DB. dbconnclose;

%>

Well, although it is not a good method, it can also be used to protect users' sensitive data.

I will continue to consider using serialization and deserialization to share session objects between different Web languages, instead of sharing session values.