Asp. NET level two domain name site sharing Session state

The previous article mentions how to share a login state between two-level sites that use ASP. NET form Authentication

Http://www.cnblogs.com/jzywh/archive/2007/09/23/902905.html,

Today, I'm going to write about how to share a session between a two-level domain name site, a primary site, and a two-level domain name site.

First, the session to share, the site must be consistent between SessionID, how to ensure that SessionID consistent?

Asp. NET SessionID is a string stored in the client's cookie with a key value of Asp.net_sessionid used to maintain the browser session correspondence, to the level two domain name site, The primary site and the level two domain name site share SessionID must first be shared, then we must first implement Asp.net_sessionid this cookie share.

Crossdomaincookiemodule

------------------------------------------------------------------------------------------------

 Public classCrossdomaincookie:ihttpmodule {Private stringM_rootdomain =string.        Empty; #regionIHttpModule Members Public voidDispose () {} Public voidInit (HttpApplication context) {M_rootdomain= configurationmanager.appsettings["Rootdomain"]; Context. EndRequest+=NewSystem.EventHandler (context_endrequest); }        voidContext_endrequest (Objectsender, System.EventArgs e) {HttpApplication app= Sender asHttpApplication;  for(inti =0; I < App. Context.Response.Cookies.Count; i++) {app. Context.response.cookies[i]. Domain=M_rootdomain; }        }        #endregion }

The above module resets the domain to root domain for all cookies, and root domain is set in Web. config. Maybe someone would say that this is cram rewrite all the cookies of domain, then he can also judge the name of the cookie, if it is asp.net_sessionid to rewrite.

If the primary site and level two domain name site is the same site, then to do this step, your session has been shared, because the session ID is the same, and the session container is the same.

If the primary site and the level two domain name site are two different sites, you need to do more.

If two sites are different servers, the workaround should be simple:

1) Use the same state server to store the session.

2) Set the same machinekey on the Web. config for two sites.

machinekey settings please refer to http://msdn.microsoft.com/zh-cn/asp.net/w8h3skw9.aspx

3) Set the same name for two sites

This is done to ensure that the SiteID of the two sites is the same, SiteID is the hash value of site name, note Do not use the default site, because the default site SiteID is not the hash of site name.

If the two sites are on the same server, you need to make another modification to the Crossdomaincookie, this method can also be applied to two sites in different server situations:

1) Use the same state server to store the session.

2) Use reflection to set the value of System.Web.SessionState.OutOfProcSessionStateStore static field S_uribase

  Public classCrossdomaincookie:ihttpmodule {Private stringM_rootdomain =string.        Empty; #regionIHttpModule Members Public voidDispose () {} Public voidInit (HttpApplication context) {M_rootdomain= configurationmanager.appsettings["Rootdomain"]; Type Stateserversessionprovider=typeof(HttpSessionState). Assembly.GetType ("System.Web.SessionState.OutOfProcSessionStateStore"); FieldInfo Urifield= Stateserversessionprovider.getfield ("S_uribase", BindingFlags.Static |bindingflags.nonpublic); if(Urifield = =NULL)                Throw NewArgumentException ("Urifield is not found"); Urifield.setvalue (NULL, M_rootdomain); Context. EndRequest+=NewSystem.EventHandler (context_endrequest); }        voidContext_endrequest (Objectsender, System.EventArgs e) {HttpApplication app= Sender asHttpApplication;  for(inti =0; I < App. Context.Response.Cookies.Count; i++) {app. Context.response.cookies[i]. Domain=M_rootdomain; }        }        #endregion    }

Once this is done, the session can be shared.

Similarly, if you are using SQL Server to store the session, you can also use a similar method to solve the session sharing problem.

Sample file Download Http://files.cnblogs.com/jzywh/ShareSessionSample.zip

Source: http://jzywh.cnblogs.com

ASP. NET level two domain name site sharing Session state